dailystar.trem.media Open in urlscan Pro
193.233.202.181 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://dailystar.trem.media/
Submission: On June 23 via manual (June 23rd 2022, 4:03:05 pm UTC) from US — Scanned from DE

Summary HTTP 177 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 63 IPs in 6 countries across 47 domains to perform 177 HTTP transactions. The main IP is 193.233.202.181, located in Ashburn, United States and belongs to ALEXHOST, MD. The main domain is dailystar.trem.media.

This is the only time dailystar.trem.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	193.233.202.181 193.233.202.181	200019 (ALEXHOST) (ALEXHOST)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
9	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
1	185.66.200.222 185.66.200.222	201702 (SKHOSTING-EU) (SKHOSTING-EU)
30	65.9.66.108 65.9.66.108	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	143.204.215.62 143.204.215.62	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:205... 2600:9000:2057:6400:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.80 65.9.66.80	16509 (AMAZON-02) (AMAZON-02)
8	63.32.97.26 63.32.97.26	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.41 99.86.4.41	16509 (AMAZON-02) (AMAZON-02)
1	216.104.36.155 216.104.36.155	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2	65.9.71.118 65.9.71.118	16509 (AMAZON-02) (AMAZON-02)
1	34.251.139.125 34.251.139.125	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.66.112 65.9.66.112	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:4200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
12	99.86.4.5 99.86.4.5	16509 (AMAZON-02) (AMAZON-02)
1	52.31.146.195 52.31.146.195	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.98 65.9.66.98	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
1	2600:9000:205... 2600:9000:2057:2400:8:2ae1:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.198.78.204 34.198.78.204	14618 (AMAZON-AES) (AMAZON-AES)
12	143.204.215.18 143.204.215.18	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	2606:4700:10:... 2606:4700:10::ac43:835	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.92 99.86.4.92	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.34 65.9.66.34	16509 (AMAZON-02) (AMAZON-02)
1 2	65.9.66.74 65.9.66.74	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:5ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.18 65.9.66.18	16509 (AMAZON-02) (AMAZON-02)
1 3	99.86.4.3 99.86.4.3	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:44f... 2600:1f18:44f0:4864:da45:4818:d48e:3ab0	14618 (AMAZON-AES) (AMAZON-AES)
5	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	99.86.4.117 99.86.4.117	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.76 143.204.215.76	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:4f22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	65.9.66.58 65.9.66.58	16509 (AMAZON-02) (AMAZON-02)
2	3.219.107.219 3.219.107.219	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:812::200d	15169 (GOOGLE) (GOOGLE)
3	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
4	2606:4700:10:... 2606:4700:10::ac43:a62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.72.67.212 52.72.67.212	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2600:9000:206... 2600:9000:206f:c200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	100.20.195.132 100.20.195.132	16509 (AMAZON-02) (AMAZON-02)
1	34.192.95.221 34.192.95.221	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
177	63

5 193.233.202.181 (Ashburn, United States)

ASN200019 (ALEXHOST, MD)
PTR: trem.media

dailystar.trem.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

upgulpinon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.200.222 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.222.skhosting.eu

cdn-server.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 65.9.66.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-108.fra56.r.cloudfront.net

s2-prod.dailystar.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-62.fra53.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:6400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-80.fra56.r.cloudfront.net

ats-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 63.32.97.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-97-26.eu-west-1.compute.amazonaws.com

felix.data.tm-awx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-41.fra6.r.cloudfront.net

reach-id.orbit.tm-awx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.104.36.155 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

p1.w-q-f-a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.139.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-139-125.eu-west-1.compute.amazonaws.com

stmg-prod.mirror.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-112.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 99.86.4.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-5.fra6.r.cloudfront.net

i2-prod.mirror.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.146.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-146-195.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-98.fra56.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:2400:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.78.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-78-204.compute-1.amazonaws.com

livecomments.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 143.204.215.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-18.fra53.r.cloudfront.net

i2-prod.dailystar.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:835 (United States)

ASN13335 (CLOUDFLARENET, US)

config.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-92.fra6.r.cloudfront.net

uk-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-34.fra56.r.cloudfront.net

www.reachgeneric.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.74 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-74.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:5ba (United States)

ASN13335 (CLOUDFLARENET, US)

macro.adnami.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-18.fra56.r.cloudfront.net

cdn.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.3 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-3.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:44f0:4864:da45:4818:d48e:3ab0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

interstitial-08.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-117.fra6.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-76.fra53.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abcheck.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-58.fra56.r.cloudfront.net

signal-segments.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.219.107.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-107-219.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

unphionetor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:a62 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.67.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-67-212.compute-1.amazonaws.com

notifications.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:c200:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.20.195.132 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-195-132.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.95.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-95-221.compute-1.amazonaws.com

onsite-tag-logs.apps.nielsen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	dailystar.co.uk s2-prod.dailystar.co.uk — Cisco Umbrella Rank: 72981 i2-prod.dailystar.co.uk — Cisco Umbrella Rank: 36770	1 MB
13	mirror.co.uk stmg-prod.mirror.co.uk — Cisco Umbrella Rank: 26879 i2-prod.mirror.co.uk — Cisco Umbrella Rank: 21716	109 KB
10	google.com accounts.google.com — Cisco Umbrella Rank: 116 cse.google.com — Cisco Umbrella Rank: 3240 www.google.com — Cisco Umbrella Rank: 8 clients1.google.com — Cisco Umbrella Rank: 582	243 KB
9	tm-awx.com felix.data.tm-awx.com — Cisco Umbrella Rank: 16963 reach-id.orbit.tm-awx.com — Cisco Umbrella Rank: 20299	10 KB
9	upgulpinon.com upgulpinon.com — Cisco Umbrella Rank: 41812	138 KB
7	s-onetag.com 1 redirects get.s-onetag.com — Cisco Umbrella Rank: 4156 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4763 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4967 signal-segments.s-onetag.com — Cisco Umbrella Rank: 7634	31 KB
5	proper.io global.proper.io — Cisco Umbrella Rank: 9640 abcheck.proper.io — Cisco Umbrella Rank: 10317 bids.proper.io — Cisco Umbrella Rank: 9884	136 KB
5	interstitial-08.com interstitial-08.com — Cisco Umbrella Rank: 75963	158 KB
5	viafoura.co livecomments.viafoura.co — Cisco Umbrella Rank: 11004 api.viafoura.co — Cisco Umbrella Rank: 10117 notifications.viafoura.co — Cisco Umbrella Rank: 11376 i.viafoura.co — Cisco Umbrella Rank: 10161	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 2733	40 KB
5	trem.media dailystar.trem.media	88 KB
4	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 14257	35 KB
4	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1217 mab.chartbeat.com — Cisco Umbrella Rank: 1984	36 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	159 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727	8 KB
3	unphionetor.com unphionetor.com — Cisco Umbrella Rank: 28018	4 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 134	763 B
3	privacymanager.io ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 8715 geo.privacymanager.io — Cisco Umbrella Rank: 1461	122 KB
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 982	207 KB
2	quantcount.com 1 redirects rules.quantcount.com — Cisco Umbrella Rank: 991	2 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2518	24 KB
2	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1095	588 B
2	adnami.io macro.adnami.io — Cisco Umbrella Rank: 14707	29 KB
2	lrcontent.com config.lrcontent.com — Cisco Umbrella Rank: 16598	640 B
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 327	42 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	181 KB
2	adsafeprotected.com cdn.adsafeprotected.com — Cisco Umbrella Rank: 3596 pixel.adsafeprotected.com — Cisco Umbrella Rank: 536	8 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	2 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120	176 KB
1	nielsen.com onsite-tag-logs.apps.nielsen.com — Cisco Umbrella Rank: 12018	264 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 550	626 B
1	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 14577	10 KB
1	exelator.com cdn.exelator.com — Cisco Umbrella Rank: 14808 mydmp.exelator.com Failed	8 KB
1	reachgeneric.co.uk www.reachgeneric.co.uk — Cisco Umbrella Rank: 21474	140 KB
1	dotmetrics.net uk-script.dotmetrics.net — Cisco Umbrella Rank: 4332	1 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11393	547 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 606	39 KB
1	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 9920	8 KB
1	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2293	322 B
1	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627	3 KB
1	gstatic.com fonts.gstatic.com	78 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 671	44 KB
1	w-q-f-a.com p1.w-q-f-a.com	2 KB
1	webcontentassessor.com scripts.webcontentassessor.com — Cisco Umbrella Rank: 4106	81 KB
1	cdn-server.top cdn-server.top	705 B
0	rlcdn.com Failed api.rlcdn.com Failed
0	adsrvr.org Failed match.adsrvr.org Failed
177	47

	Domain	Requested by
30	s2-prod.dailystar.co.uk	dailystar.trem.media s2-prod.dailystar.co.uk scripts.webcontentassessor.com
12	i2-prod.dailystar.co.uk	dailystar.trem.media
12	i2-prod.mirror.co.uk	dailystar.trem.media
9	upgulpinon.com	dailystar.trem.media upgulpinon.com
8	felix.data.tm-awx.com	dailystar.trem.media felix.data.tm-awx.com
5	interstitial-08.com	scripts.webcontentassessor.com interstitial-08.com
5	dailystar.trem.media	dailystar.trem.media
4	www.google.com	scripts.webcontentassessor.com
4	littlecdn.com	interstitial-08.com
4	www.google-analytics.com	dailystar.trem.media www.google-analytics.com www.googletagmanager.com
3	unphionetor.com	interstitial-08.com unphionetor.com
3	accounts.google.com	scripts.webcontentassessor.com accounts.google.com
3	sb.scorecardresearch.com	1 redirects dailystar.trem.media
3	static.chartbeat.com	dailystar.trem.media www.googletagmanager.com
3	securepubads.g.doubleclick.net	dailystar.trem.media scripts.webcontentassessor.com securepubads.g.doubleclick.net
2	gum.criteo.com	1 redirects scripts.webcontentassessor.com
2	cdn.taboola.com	www.googletagmanager.com cdn.taboola.com
2	cse.google.com	www.googletagmanager.com www.google.com
2	rules.quantcount.com	1 redirects dailystar.trem.media
2	script.4dex.io	global.proper.io script.4dex.io
2	abcheck.proper.io	dailystar.trem.media
2	ping.chartbeat.net	dailystar.trem.media
2	signal-segments.s-onetag.com	get.s-onetag.com
2	global.proper.io	scripts.webcontentassessor.com
2	onetag-geo.s-onetag.com	get.s-onetag.com signal-beacon.s-onetag.com
2	macro.adnami.io	www.googletagmanager.com macro.adnami.io
2	get.s-onetag.com	1 redirects dailystar.trem.media
2	config.lrcontent.com	s2-prod.dailystar.co.uk
2	livecomments.viafoura.co	s2-prod.dailystar.co.uk
2	geo.privacymanager.io	ats-wrapper.privacymanager.io
2	c.amazon-adsystem.com	dailystar.trem.media c.amazon-adsystem.com
2	www.googletagmanager.com	dailystar.trem.media www.googletagmanager.com
2	fonts.googleapis.com	dailystar.trem.media s2-prod.dailystar.co.uk
2	pagead2.googlesyndication.com	dailystar.trem.media pagead2.googlesyndication.com
1	mug.criteo.com
1	onsite-tag-logs.apps.nielsen.com	cdn.exelator.com
1	bids.proper.io	global.proper.io
1	id5-sync.com	global.proper.io
1	i.viafoura.co
1	clients1.google.com
1	notifications.viafoura.co	cdn.viafoura.net
1	edge.quantserve.com	global.proper.io
1	signal-beacon.s-onetag.com	dailystar.trem.media
1	region1.google-analytics.com	www.googletagmanager.com
1	api.viafoura.co	cdn.viafoura.net
1	cdn.exelator.com	scripts.webcontentassessor.com
1	www.reachgeneric.co.uk	scripts.webcontentassessor.com
1	uk-script.dotmetrics.net	scripts.webcontentassessor.com
1	my.rtmark.net	upgulpinon.com
1	static.criteo.net	js-sec.indexww.com
1	cdn.viafoura.net	dailystar.trem.media
1	mab.chartbeat.com	static.chartbeat.com
1	pixel.adsafeprotected.com	cdn.adsafeprotected.com
1	quantcast.mgr.consensu.org	s2-prod.dailystar.co.uk
1	static.hotjar.com	dailystar.trem.media
1	fonts.gstatic.com	fonts.googleapis.com
1	stmg-prod.mirror.co.uk	dailystar.trem.media
1	js-sec.indexww.com	dailystar.trem.media
1	p1.w-q-f-a.com	cdn-server.top
1	reach-id.orbit.tm-awx.com	dailystar.trem.media
1	ats-wrapper.privacymanager.io	dailystar.trem.media
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	cdn.adsafeprotected.com	dailystar.trem.media
1	scripts.webcontentassessor.com	dailystar.trem.media
1	cdn-server.top	dailystar.trem.media
0	api.rlcdn.com Failed	global.proper.io
0	mydmp.exelator.com Failed	cdn.exelator.com
0	match.adsrvr.org Failed	js-sec.indexww.com
177	68

This site contains links to these domains. Also see Links.

Domain
www.inyourarea.co.uk
discountcode.express.co.uk
www.facebook.com
twitter.com
www.tiktok.com
www.instagram.com
www.newspapersubs.co.uk
funeral-notices.co.uk
www.shop.dailystar.co.uk
games.dailystar.co.uk
www.starwins.co.uk
jobs.reachplc.com
hopsmore.co.uk
www.memorylane.co.uk
www.okbeautybox.co.uk
www.mirrorpix.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
cdn-server.top R3	`2022-05-15` - `2022-08-13`	3 months	crt.sh
mirror.co.uk Amazon	`2021-08-20` - `2022-09-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
scripts.webcontentassessor.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-31` - `2022-12-02`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.data.tm-awx.com Amazon	`2022-06-10` - `2023-07-08`	a year	crt.sh
reach-id.orbit.tm-awx.com Amazon	`2021-09-22` - `2022-10-20`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
stmg-prod.mirror.co.uk Amazon	`2022-05-28` - `2023-06-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upgulpinon.com R3	`2022-04-29` - `2022-07-28`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.cmp.quantcast.com R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
viafoura.com Amazon	`2021-10-07` - `2022-11-05`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-29` - `2023-05-29`	a year	crt.sh
*.dotmetrics.net Amazon	`2021-10-24` - `2022-11-21`	a year	crt.sh
*.reachgeneric.co.uk Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
cdn.exelator.com Amazon	`2021-12-10` - `2023-01-07`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
interstitial-08.com R3	`2022-06-20` - `2022-09-18`	3 months	crt.sh
*.s-onetag.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
unphionetor.com R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2022-01-10` - `2023-02-09`	a year	crt.sh
onsite-tag-logs.apps.nielsen.com Amazon	`2022-05-09` - `2023-06-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://dailystar.trem.media/
Frame ID: 21DCD059A5D84D6A9A0D73617BF3A2C9
Requests: 154 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20190131/zrt_lookup.html
Frame ID: 7F2786479DD8D22454EB5F5CEC217BCE
Requests: 1 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
Frame ID: 3D5369DEE6A958D9CABEDD8DABA52EF6
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dailystar.trem.media
Frame ID: AF8FEFD32CD4AE6D0C4552B2D7DD1A18
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Daily Star: Home of Fun Stuffsearch

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

177
Requests

85 %
HTTPS

39 %
IPv6

47
Domains

68
Subdomains

63
IPs

6
Countries

3509 kB
Transfer

10867 kB
Size

35
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.inyourarea.co.uk/?branding=dailystar&from_reach_primary_nav=dailystar
Title: In Your Area

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/
Title: Voucher Codes

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/uber-eats
Title: Uber Eats

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/prettylittlething
Title: PrettyLittleThing

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/boots
Title: Boots

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/currys
Title: Currys

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/lastminute-com
Title: Lastminute.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thedailystar

Search URL Search Domain Scan URL

URL: https://twitter.com/dailystar

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@thedailystar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dailystar

Search URL Search Domain Scan URL

URL: https://www.newspapersubs.co.uk/pg/STA
Title: Buy a Paper

Search URL Search Domain Scan URL

URL: https://funeral-notices.co.uk/national
Title: Funeral Notices

Search URL Search Domain Scan URL

URL: https://www.shop.dailystar.co.uk/
Title: Shop

Search URL Search Domain Scan URL

URL: https://games.dailystar.co.uk/
Title: Crosswords

Search URL Search Domain Scan URL

URL: https://www.starwins.co.uk/?utm_medium=site&utm_source=dailystar&utm_campaign=partner-bar&utm_content=partner-bar
Title: Star Wins Casino

Search URL Search Domain Scan URL

URL: http://discountcode.express.co.uk/
Title: See all discount codes

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/halfords
Title: Massive deals at Halfords today!

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/groupon
Title: Massive deals with Groupon!

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/gap
Title: Top deals with GAP discount codes

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/game
Title: Extra savings with GAME promo codes

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/funky-pigeon
Title: Grab Funky Pigeon promo codes!

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/ee-mobile
Title: Great EE Mobile discount codes!

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/h-m
Title: Extra savings with H&M promo codes

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/ebay
Title: Massive deals with eBay promo codes

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/dunelm
Title: Top deals with Dunelm discounts

Search URL Search Domain Scan URL

URL: https://discountcode.express.co.uk/discount-code/dell
Title: Save with Dell promo codes

Search URL Search Domain Scan URL

URL: https://www.inyourarea.co.uk/?branding=dailystar&from_reach_footer_nav=dailystar
Title: In Your Area

Search URL Search Domain Scan URL

URL: https://jobs.reachplc.com/jobs
Title: Work for us

Search URL Search Domain Scan URL

URL: https://www.starwins.co.uk/?utm_medium=site&utm_source=dailystar&utm_campaign=footer&utm_content=footer
Title: Play Star Wins

Search URL Search Domain Scan URL

URL: https://hopsmore.co.uk/
Title: Hopsmore Beer Club

Search URL Search Domain Scan URL

URL: https://www.memorylane.co.uk/
Title: MemoryLane

Search URL Search Domain Scan URL

URL: https://www.okbeautybox.co.uk/
Title: OK! BeautyBox Subscription

Search URL Search Domain Scan URL

URL: https://www.mirrorpix.com/
Title: Syndication & Licensing

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

http://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js HTTP 301
https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js

Request Chain 142

http://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js HTTP 301
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js

Request Chain 153

https://sb.scorecardresearch.com/c2/6035737/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 170

https://gum.criteo.com/sid/json?origin=publishertag&domain=trem.media&sn=ChromeSyncframe&so=0&topUrl=dailystar.trem.media&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Sv4v5nxRclJjUDhmellpMG8vL0tLbDY2dUNSci9PVXJZUVl1OFQ2VTZhVE04QUgyRUNZaDBJeW9TMzhmQ3k0MndiUUlJRytRbUwxU3M3TGMxSnduOWs4ZlB0cVlPSXdURURzSTVjTkRPQktSMjFvRlVYenNoMUxVNTR3YTI3RHdYODZDbEFtYVkzMHY0SEhRMTF3ZXFaakg0RjNpVy9FbFhrK3FzRkhZS1B6M3d3ZGJ1RnZ2bzFxaUgwcWszVy81SFZwZGlub0pvV2RoNlNrdExvZ2Z1emw3dngzTjl1NUJEZG4yRXNsL1djU0FCTWFaZWlFZHNGbHlDdTI3cmdlMHR2eklzNTJ0b21hbGVZWWJCdFZuY0hxZ0R5dz09fA&cppv=2

177 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dailystar.trem.media/ 624 KB
86 KB 2683ms
2534ms Document
text/html 193.233.202.181
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL

http://dailystar.trem.media/

Protocol

HTTP/1.1

Server

193.233.202.181 Ashburn, United States, ASN200019 (ALEXHOST, MD),

Reverse DNS

trem.media

Software

tino-panel / PHP/5.6.40

Resource Hash

b2dc92dc684ce77a25f03cde358bab90f0d7909a46340b85b412a2e80c8ecb62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.cdn.ampproject.org/ https://bing-amp.com/ https://.tm-aws.com/ https://*.tm-awx.com/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Age: 34
CF-Cache-Status: DYNAMIC
CF-RAY: 71fe736e0d9a77af-KBP
Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://*.cdn.ampproject.org/ https://bing-amp.com/ https://*.tm-aws.com/ https://*.tm-awx.com/;
Content-Type: text/html;charset=UTF-8
Date: Thu, 23 Jun 2022 16:02:57 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Thu, 23 Jun 2022 16:12:10 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbjFhqTHU9ONHmcJUfX7cnpdvd1jPNhaCUIzbPNfDuzr9nKswRcBeMHeNE%2FGmSW4QHMu2RCYfFyu%2FSBGRSuRgb0bGf2CZ6bj8wi4gHgQd2IB9Kme7nY1KL9TwgZs%2F4Ri%2F3bxVEGOVK%2Bn%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: tino-panel
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
Via: 1.1 varnish, 1.1 2bc247312196d531ec3918f1b955f3a0.cloudfront.net (CloudFront)
X-Amz-Cf-Id: cpHCE0mJ0vhsNhginPmAqS1us1r2FIspx6pjrbdjIC6vt4_uUZsYZA==
X-Amz-Cf-Pop: LAX3-C4
X-Cache: Hit from cloudfront
X-Cache-Hits: 10
X-Cacheable: YES
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/5.6.40
X-ProcessESI: yes
X-RemovedCookies: YES
X-Served-By: nat-cache301.tm-aws.com
X-Varnish: 819269669 828309618
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 57ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2435524096963092

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b2c0922b2f10da0c50814ef64bac4c5529cdf8b485562fa8d5a0f4a4bcbe89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailystar.trem.media/
Origin: http://dailystar.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56289
x-xss-protection: 0
server: cafe
etag: 17131409218904675269
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Jun 2022 16:02:58 GMT

GET
H/1.1 200
OK 1 Show response
upgulpinon.com/ 8 KB
4 KB 31ms
13ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://upgulpinon.com/1?z=4843600
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: HTTP/1.1
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 318afadc3469d03fa560f1d26fce699bc5f824f137b490f646868ec56b997fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:02:58 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 1c614de0a37f30633dc4cde5542bd1bb
Pragma: no-cache
X-Sc: eYhEQWd4di5nFNiiynmx6jkQLMy9dNINg0FuX1Jx3qNRIIk86E8_pg_RsNGwoKbiCByXnEtG2YTcRJRGdVIe0AIC40k=
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 mms.js Show response
cdn-server.top/p/ 408 B
705 B 77ms
28ms Script
application/javascript 185.66.200.222
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-server.top/p/mms.js?pub=381315&ga=g
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.222 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.222.skhosting.eu
Software: nginx /
Resource Hash: 15d1ba84ceffc0c2d46006156e945cb8045c19262d617971bda5b1de0d6a0903

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: cache
date: Thu, 23 Jun 2022 16:02:58 GMT
cache-control: max-age=3600
expires: Thu, 23 Jun 2022 17:02:58 GMT
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-type: application/javascript

GET
H2 200 section-base.css
s2-prod.dailystar.co.uk/@trinitymirrordigital/marwood/TM/scss/ 55 KB
12 KB 38ms
9ms Stylesheet
text/css 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/marwood/TM/scss/section-base.css?v=a8a2207b9a185d4497101cc574882e89
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 109a908f84c6d056deabc0fa5ab190c4a76be2ba5d5dfc9562fba38ee35180e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 03:16:44 GMT
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 13:53:06 GMT
server: AmazonS3
age: 47312
etag: W/"a8a2207b9a185d4497101cc574882e89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: C3k1pt4X_RcXq7lma-I66JiWkDUVL0LrEo6v0cX-7zx_Y-SDp5yFmA==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 chameleon-static-html.css
s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-static-html/scss/ 27 KB
6 KB 36ms
8ms Stylesheet
text/css 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-static-html/scss/chameleon-static-html.css?v=8560b002b4f01cbd2b804b01afccefa2
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aaff62dc57b4cc3c82a9ebfcf6627c13b789e15a06aa31b487e2deaec6cad09a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 02:05:30 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 17:10:41 GMT
server: AmazonS3
age: 50279
etag: W/"8560b002b4f01cbd2b804b01afccefa2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: CJUPNpdjYDNu_UiUaFUq9cpU8pio4k-yyPpDXenhfMx7aiyk_vB6gw==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 marwood-extended.css
s2-prod.dailystar.co.uk/@trinitymirrordigital/marwood/TM/scss/ 17 KB
4 KB 37ms
9ms Stylesheet
text/css 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/marwood/TM/scss/marwood-extended.css?v=8638decea25a4dd3feaf55d3bc8aa741
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1f1de1e298fabb8508ff99f14528f79af6ebd09c501d921251533e5835dba8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:37:20 GMT
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 13:53:06 GMT
server: AmazonS3
age: 73580
etag: W/"8638decea25a4dd3feaf55d3bc8aa741"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ZtMimffXl9RHBahCR8X3UsZCzSvgQq4jSGbR-7ggjvZdh5sXT4zhIg==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4431
date: Thu, 23 Jun 2022 14:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 23 Jun 2022 16:49:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 52ms
20ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wdth,wght@75,700;100,400;100,700&family=Signika+Negative:wght@400;700

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15a2bc9af09b75ce70d1f15a7c64324237a37ff97bbedc8d58b2d85e09c9ac52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 14:27:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Jun 2022 16:02:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Jun 2022 16:02:58 GMT

GET
H2 200 SignikaNegative-Bold.47b398e81c9f2e2e.woff2
s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/ 12 KB
12 KB 34ms
8ms Font
binary/octet-stream 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/SignikaNegative-Bold.47b398e81c9f2e2e.woff2
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 460b42d997671850a0ae86ce54e3a3aa6b0957ea3e76f8706d2c9fce2b8a894e

Request headers

Referer: http://dailystar.trem.media/
Origin: http://dailystar.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 10:28:47 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 08:58:53 GMT
server: AmazonS3
age: 50371
etag: "0878f337da5ac933819c3eaf691db0a5"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 12272
x-amz-cf-id: 79emWrbw4tqJ_65A_lI76NXd39x9b10ZlPv9HYPzwAEZUK-Jbhb2LQ==

GET
H2 200 icomoon.edbe0dea183769a4.woff2
s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/ 7 KB
8 KB 32ms
7ms Font
binary/octet-stream 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/icomoon.edbe0dea183769a4.woff2
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c9167acffc1227365284e60c353db4c6218e353ebc65dab2b60f100dfc71b06

Request headers

Referer: http://dailystar.trem.media/
Origin: http://dailystar.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 01:09:17 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 08:58:53 GMT
server: AmazonS3
age: 53774
etag: "976c4f062f64b5786b09384cd95e9a7c"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 7412
x-amz-cf-id: VU61dRjGct50jeS-6PF1R0TAi_oXUgVthMPxcB--S8G26rPifeMGFg==

GET
H2 200 brand-extended.f60ca22bf8630ab5.css
s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/scss/ 26 KB
5 KB 35ms
10ms Stylesheet
text/css 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/scss/brand-extended.f60ca22bf8630ab5.css
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ea84a19bfbab3823dc72882b2351312651422245bfc13630a55c500193ac022

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 03:08:00 GMT
content-encoding: gzip
last-modified: Fri, 10 Jun 2022 08:58:29 GMT
server: AmazonS3
age: 82536
etag: W/"de208268e8fc9a45410a3d508e1e5bb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: qszUgsqmVUe5lhET9H1cPPnQRPFTeakvr3UEuzqJRrBRXMX2fsj8Sw==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082 Show response
scripts.webcontentassessor.com/scripts/ 400 KB
81 KB 49ms
7ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7531c434a25ade419ad9ae7ba7b16224f1ef6dddeb66f60f5df8a7f9bc800a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:58 GMT
content-encoding: gzip
age: 1547
x-cache: HIT
content-length: 82205
x-amz-id-2: nElJja1S9cfNRjNKuVajfTYcJYm3Pdj58nlqaZBW2nE8ifo+lubLTe/M9T+Xpg72Oz4kMuJ6YIE=
x-served-by: cache-hhn4066-HHN
last-modified: Thu, 23 Jun 2022 15:34:41 GMT
server: AmazonS3
x-timer: S1656000179.909290,VS0,VE0
etag: "da24150223e272c3db08bf175d7456dc"
vary: Accept-Encoding
x-amz-request-id: GHT7BXDSF96PQ6M2
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 4

GET
H2 200 s.min.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/lib/systemjs/ 9 KB
4 KB 31ms
15ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/lib/systemjs/s.min.js?v=f10714d2eb405d24ddca037ab0ec8f8d
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8db9e95c255ccdfb1bef85cb26da263bfeb9ba1eb70d835ec74a363ef27df708

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 08:30:10 GMT
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 16:16:41 GMT
server: AmazonS3
age: 27169
etag: W/"f10714d2eb405d24ddca037ab0ec8f8d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 8WWs2SSVBVVe9ZmH1Q_oRl7Rehd3mYMBNXUwNCJEHXTtZi_pmPbhZQ==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 runForceReconsent.min.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/tags/js/ 91 KB
28 KB 35ms
19ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/tags/js/runForceReconsent.min.js?v=906c6a54597cf3d6882558890c318e8f
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 957488292f6d47df455a24d4f4cf0eb2b06698fe1eb7384dbf3ebaf54423cead

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:37:26 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 15:37:19 GMT
server: AmazonS3
age: 1533
etag: W/"906c6a54597cf3d6882558890c318e8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: OXmXmWfKUbSip9dvJyP1B8-0g4QR7FPhieGvslTPjTqaHtCX9jnWGg==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 98ms
31ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

1bdd95e393ea9592f2e2253ac44bfad1ba0d8bed8a6ce62b731967975e6ef334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28094
x-xss-protection: 0
server: sffe
etag: "1253 / 119 of 1000 / last-modified: 1655982338"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Jun 2022 16:02:58 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 43ms
6ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: HTTP/1.1
Server: 143.204.215.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-62.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 05:09:52 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 39187
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: YbmkRZvHdDKi2VixjtUb9V8681CumVeGln_tVJPM1DvFlQgIWcJ6yA==

GET
H2 200 tags.min.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/tags/js/ 255 KB
57 KB 31ms
16ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/tags/js/tags.min.js?v=2c1570c2d129a7bf8d8081adbbe947ae
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 015b9fa00cb4cc03645a3f4979e679552c0d74e4d4ff69a01b4e49b7e39b616d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:37:26 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 15:37:19 GMT
server: AmazonS3
age: 1533
etag: W/"2c1570c2d129a7bf8d8081adbbe947ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: G8wb4GVAxy-UoHPvHO4rHV5HfhcKWjVABBwvCK9GZqz5Sdr9zfM3qg==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 51ms
7ms Script
application/x-javascript 2600:9000:2057:6400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bb80d4910ae056cd072f47c590278151b9436441de1ee0d8182df170d8cafc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:18:39 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 00:17:30 GMT
server: nginx
age: 6259
etag: W/"62abc81a-5b83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: yofOkcuqCBbmsEMQjNDe3E246rujgVMZJmZxBU5oZa7o3gnU0YkrsQ==
expires: Thu, 23 Jun 2022 16:18:39 GMT

GET
H/1.1 404
Not Found transparent.png
dailystar.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/ 548 B
548 B 53ms
43ms Image
text/html 193.233.202.181
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dailystar.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/transparent.png
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: HTTP/1.1
Server: 193.233.202.181 Ashburn, United States, ASN200019 (ALEXHOST, MD),
Reverse DNS: trem.media
Software: tino-panel /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:02:58 GMT
Server: tino-panel
Connection: keep-alive
Content-Length: 548
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found transparent-wide.png
dailystar.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/ 548 B
548 B 99ms
43ms Image
text/html 193.233.202.181
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dailystar.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/transparent-wide.png
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: HTTP/1.1
Server: 193.233.202.181 Ashburn, United States, ASN200019 (ALEXHOST, MD),
Reverse DNS: trem.media
Software: tino-panel /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:02:58 GMT
Server: tino-panel
Connection: keep-alive
Content-Length: 548
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/ 340 KB
120 KB 51ms
37ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2435524096963092&plah=dailystar.trem.media

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2435524096963092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c49b2ee84a59ab689422742a1f0c338029d99fc386a01c8328b399636efa0a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122735
x-xss-protection: 0
server: cafe
etag: 14619547596522799566
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Jun 2022 16:02:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220616/r20190131/ Frame 7F27 10 KB
5 KB 44ms
5ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220616/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2435524096963092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailystar.trem.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 18:45:03 GMT
etag: 8616628553774171045
expires: Wed, 06 Jul 2022 18:45:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pug-runtime.min.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/marwood/pug-runtime/ 3 KB
2 KB 7ms
6ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/marwood/pug-runtime/pug-runtime.min.js?v=f9a8f9298a1eafea96091cdab6421797
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93c5809a50d386dad38d1f9eccdc910485c337a93ed931fae7d4da8ccaddd1bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 17:16:42 GMT
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 13:53:07 GMT
server: AmazonS3
age: 81977
etag: W/"f9a8f9298a1eafea96091cdab6421797"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: yP7N3AQ4mfJSMXEFjKMnaBI4_bWamFm0Niyak7HIXj3RBzlg-TJWXw==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 section.min.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/marwood/TM/js/ 214 KB
45 KB 31ms
19ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/marwood/TM/js/section.min.js?v=86e69e5cb83ccc76f152e09611982a6f
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53db6cd1251b062283e247a8b440462e01232a214a93ce981da3e50203956c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 13:57:02 GMT
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 13:53:05 GMT
server: AmazonS3
age: 7697
etag: W/"86e69e5cb83ccc76f152e09611982a6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: xoaRAOkhi6BKBu1vK0vhnUU1dJZG53LDSyrlo3-km7cwv2-Us3WgZA==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 section.min.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/article-service/js/ 61 KB
15 KB 31ms
19ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/article-service/js/section.min.js?v=b472f12ef88059acb03c6c89d4f0c240
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 689fdabbf7cb0792ac119b0ac7abb8f7e4a9350ff08d631eea985d52b96c9c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 02:22:38 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 08:42:50 GMT
server: AmazonS3
age: 49221
etag: W/"b472f12ef88059acb03c6c89d4f0c240"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: K8WFooB_DSD-ipJdhWcmCeMBEmq45CqxAB0QhGcf569uvc0IN1rBtA==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 partner.min.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/ 180 KB
46 KB 28ms
16ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=758c6d392555a6b8bb8ef392ec898b0c
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04d9cdb60bac5bf32e6b7f24454d57bf69b1eb22b0f9a0bbd8020352123c6fb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:46:26 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 10:23:34 GMT
server: AmazonS3
age: 72993
etag: W/"758c6d392555a6b8bb8ef392ec898b0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: TLA5TgDZKr2HRiYBy2tZdkEkXsDn8ZOTz9-kATa-q5wNAaRmcTys1A==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 chameleon-static-html.min.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-static-html/js/ 18 KB
5 KB 29ms
18ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-static-html/js/chameleon-static-html.min.js?v=8e1c897a79e9841da91dd3c930f4c128
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c22e5178495a9e76d2a1fbaff6b2a43cca64cc2947d1bb47f2bd282ec73093b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 03:37:41 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 17:10:41 GMT
server: AmazonS3
age: 44727
etag: W/"8e1c897a79e9841da91dd3c930f4c128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: sTLaQYcFi1IKBo0kcmrKBPyHOWcnHF68f23Xk_jFTvREooC6ZwZnmQ==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 withnail.min.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/scriptsCore/js/ 274 KB
77 KB 31ms
20ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/scriptsCore/js/withnail.min.js?v=f78ffe763914ede15534445199bd612d
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e419d0e7334b7fc463cc6b953462e574fc3e4b19412d4cde78578e32e1358933

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:37:26 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 15:37:19 GMT
server: AmazonS3
age: 1533
etag: W/"f78ffe763914ede15534445199bd612d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: TG_grvLKhLsP7Wbgv9xfhU1OIH_Dh5w-m2fxixY_ZzRawdnLzkbqvQ==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 ats.js Show response
ats-wrapper.privacymanager.io/ats-modules/4fb7b1a8-b529-4310-9387-3398aed19fa4/ 344 KB
120 KB 44ms
5ms Script
application/javascript 65.9.66.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats-wrapper.privacymanager.io/ats-modules/4fb7b1a8-b529-4310-9387-3398aed19fa4/ats.js
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed2afa2565753583faf967bdcd69182e999f75200e8af54dbd1630dcb173fe9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: T.8RfGIoo_EPb718xN_IbyQxiUzc4wuV
content-encoding: gzip
etag: W/"7633c3ac5e4fe67914f3f904b61b900f"
last-modified: Wed, 02 Feb 2022 15:57:46 GMT
server: AmazonS3
age: 2757
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
date: Thu, 23 Jun 2022 15:17:02 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: gRmpZqEfmhfj98ALqIp4l7xGmxTUc-YPlcOW6oo026hDPVW6IKnK-Q==

GET
H2 200 felix.min.js Show response
felix.data.tm-awx.com/ 19 KB
6 KB 103ms
29ms Script
application/javascript 63.32.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/felix.min.js
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.97.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-97-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1435892f80f5dbef825cd7503205f825dd522342ebe34164b6a57d95b40a6e91

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:58 GMT
content-encoding: gzip
etag: W/"4b5c-QY1+JXEt7dSy77uJ1lM8Cb19Ew8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 style.css
s2-prod.dailystar.co.uk/@trinitymirrordigital/user-profile/96cf43c112ba08db40115e9fb4b007aa25b3d955/ 131 B
512 B 13ms
2ms Stylesheet
text/css 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/user-profile/96cf43c112ba08db40115e9fb4b007aa25b3d955/style.css
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ecb41291b7df5f937e5bef51145c588781d886784568b7774b9be35f6ff261c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 05:21:23 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Wed, 25 May 2022 09:41:27 GMT
server: AmazonS3
age: 38547
etag: "9ef16bb2f1d2a89ff8c3a76cf900bc37"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 131
x-amz-cf-id: 4_avm_X2bYXzjpsenX4Fbu0cur-2YTQtIAhW5uszUNKpQ2Kp0imcUQ==

GET
H2 200 index.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/user-profile/96cf43c112ba08db40115e9fb4b007aa25b3d955/ 88 KB
24 KB 23ms
7ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/user-profile/96cf43c112ba08db40115e9fb4b007aa25b3d955/index.js
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e58e8a7be7dad76e3d1da9b723405a06ed0e6c3956d494397b97a92398540a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 02:05:30 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:41:27 GMT
server: AmazonS3
age: 50279
etag: W/"2786ba78e13ab84b5ffb75f69e968a70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: uO4h6m5JF5lKVezbIHLsYBqSAlsJR4kyQDVvMaGmpcJpV8UphXvJkw==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 auth-ui.min.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/auth-ui/ 369 KB
95 KB 24ms
8ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/auth-ui/auth-ui.min.js?v=7b6f4a84cd7f8e521a7bc105c3addde6
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e140d8a05464766143212b1494858bb7f892fed4f7d6c62176436edf8ab789d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 04:09:53 GMT
content-encoding: gzip
last-modified: Tue, 07 Jun 2022 10:59:16 GMT
server: AmazonS3
age: 42835
etag: W/"7b6f4a84cd7f8e521a7bc105c3addde6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: O6SvzTX31_ehRZBY6pIG-P1XX7vHuUHiIhx2S_IOfYbEjbIPj8S3TA==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 analytics.js.gz Show response
reach-id.orbit.tm-awx.com/ 4 KB
2 KB 46ms
10ms Script
text/javascript 99.86.4.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reach-id.orbit.tm-awx.com/analytics.js.gz
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-41.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c79d183a3ab8457485feeed21d3d21499fe491c2cb2b04e155574d27b1d4fef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:59:48 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 10:33:20 GMT
server: AmazonS3
age: 193
etag: "735fb71acc8a049f35b940f5177d6f83"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 1982
x-amz-cf-id: PeaZvqNCgQ8-5wNMml4rAQFCl-OLJ76JUWf4NzRRfbPpZt7_1b0pYQ==

GET
H/1.1 200
OK pub.min.js Show response
p1.w-q-f-a.com/js/ 3 KB
2 KB 256ms
109ms Script
application/javascript 216.104.36.155
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://p1.w-q-f-a.com/js/pub.min.js
Requested by: Host: cdn-server.top
URL: https://cdn-server.top/p/mms.js?pub=381315&ga=g
Protocol: HTTP/1.1
Server: 216.104.36.155 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx /
Resource Hash: 2207fcd49173cc015e51613f5e57b0adac1621a5b0aaa026b297da18be7ef1a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:02:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Sep 2021 12:11:29 GMT
Server: nginx
ETag: "614b1d71-60b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 1547
Expires: Fri, 24 Jun 2022 16:02:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 489 KB
112 KB 41ms
18ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c06bf0f9677b7c1b7de07fd7c247b574afd994a67c75976277d1a5a01eb2ffa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114010
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 15:07:56 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 16:02:58 GMT

GET
H/1.1 200
OK 186772-98293609095784.js Show response
js-sec.indexww.com/ht/p/ 164 KB
44 KB 73ms
22ms Script
text/javascript 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186772-98293609095784.js
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9c2b7f1a52d4c817ac27718a7f9d8949bdaac5ef1ffcc690ebfa0ad27f101cc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:02:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Jun 2022 15:01:45 GMT
Server: Apache
ETag: "da4930-29180-5e21ebb765aa9"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=70
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 45105
Expires: Thu, 23 Jun 2022 16:04:08 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 55ms
5ms Script
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 23 Jun 2022 15:34:31 GMT
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront), 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
last-modified: Thu, 09 Jun 2022 19:20:00 GMT
server: AmazonS3
age: 1708
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA6-C1, FRA56-C1
content-encoding: gzip
x-amz-cf-id: Q9ovKNzmGPWkpMGAVfxpcImVvznqJAlJY41z8llwtXHdDkcXsZh-_w==

GET
H2 200 analytics.config.json Show response
stmg-prod.mirror.co.uk/ 45 B
538 B 152ms
43ms XHR
application/json 34.251.139.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stmg-prod.mirror.co.uk/analytics.config.json

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.251.139.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-139-125.eu-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

592348d2c78612521554e30c97f8829e9b8509948f9967ebe0753cdc640fd1d1

Security Headers

Name	Value
X-Frame-Options	x-frame-options:SAMEORIGIN
X-Xss-Protection	X-XSS-Protection: 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:58 GMT
referrer-policy
amp-access-control-allow-source-origin: http://dailystar.trem.media
x-xss-protection: X-XSS-Protection: 1; mode=block
x-powered-by: Express
x-frame-options: x-frame-options:SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: http://dailystar.trem.media
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
content-length: 45
etag: W/"2d-lhnyqD5SnKhaDAGE1Xs99sPrX4Y"

GET
H2 200 logo-dailystar.b89caa59ab925f98.png
s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/img/ 8 KB
8 KB 25ms
18ms Image
image/png 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/img/logo-dailystar.b89caa59ab925f98.png
Requested by: Host: s2-prod.dailystar.co.uk
URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/scss/brand-extended.f60ca22bf8630ab5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1be5c3b3315568f9c4def1c7680ec779ee12ddf9cfb18c15c0f8f5fe314ba5e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/scss/brand-extended.f60ca22bf8630ab5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 02:08:13 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 08:58:29 GMT
server: AmazonS3
age: 50278
etag: "e5411ab88f6b53f6abecfe857bbd0877"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 8124
x-amz-cf-id: mQSMFcYLt_sxFcf6-oHIVSXz5hpHdP7xQfka-dmaGpx_XUx49X1Iag==

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v29/ 77 KB
78 KB 40ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wdth,wght@75,700;100,400;100,700&family=Signika+Negative:wght@400;700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5c4b278ca30fa881cef4ecb3538c00e855fe7983706f2e04347368a541f7dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://dailystar.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 22:31:49 GMT
x-content-type-options: nosniff
age: 235869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78896
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 22:31:49 GMT

GET
H2 200 5174b320df6dd61bbcdfef17dda94275 Show response
upgulpinon.com/27/ 398 KB
129 KB 57ms
12ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://upgulpinon.com/27/5174b320df6dd61bbcdfef17dda94275

Requested by

Host: upgulpinon.com
URL: http://upgulpinon.com/1?z=4843600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3cffc7c33ee5bd9bf126ab3b9fd0256b2805d6bb679c1e04df4f65d1a31e1586

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Jun 2022 03:23:41 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Tue, 21 Jul 2082 03:23:41 GMT

GET
H2 200 38 Show response
upgulpinon.com/42/ 0
667 B 88ms
50ms Script
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/42/38?z=4843600
Requested by: Host: upgulpinon.com
URL: http://upgulpinon.com/1?z=4843600
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 96cc9aca031abd20dbc060ebd4a2238d
pragma: no-cache
date: Thu, 23 Jun 2022 16:02:58 GMT
x-sc: Gnat_fKmfKBEJ9Da7iHzlr5M9HJibgMMmE-wyJCH51F9vFP-7sw8vx2iwJ5EoYyN3Ue6pGbuTCWmK6yGLLVlki6cSY4=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 36ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1020045596&t=pageview&_s=1&dl=http%3A%2F%2Fdailystar.trem.media%2F&ul=en-us&de=UTF-8&dt=The%20Daily%20Star%3A%20Home%20of%20Fun%20Stuff&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=84362762&gjid=223023721&cid=176396213.1656000179&tid=UA-219467903-1&_gid=941460338.1656000179&_r=1&_slc=1&z=424918212

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://dailystar.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:02:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://dailystar.trem.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found transparent.png
dailystar.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/ 548 B
548 B 45ms
45ms Image
text/html 193.233.202.181
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dailystar.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/transparent.png
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: HTTP/1.1
Server: 193.233.202.181 Ashburn, United States, ASN200019 (ALEXHOST, MD),
Reverse DNS: trem.media
Software: tino-panel /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:02:58 GMT
Server: tino-panel
Connection: keep-alive
Content-Length: 548
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 section.css
s2-prod.dailystar.co.uk/@trinitymirrordigital/article-service/scss/ 16 KB
3 KB 18ms
7ms Stylesheet
text/css 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/article-service/scss/section.css?v=03d0461abfab7c110408db3bcd3a0f4f
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f26b43d77b38124d08f7cbb0088c1ceb0310f73ced275ffd0a435d28c0b8e370

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 03:34:59 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 08:42:53 GMT
server: AmazonS3
age: 49758
etag: W/"03d0461abfab7c110408db3bcd3a0f4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: zOxgJxdAzrZ2kvn_ofFe_tzy_YhUq4ZWUjSVO7bllys_29LKoEW7dA==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 withnail.css
s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/scss/ 21 KB
5 KB 18ms
8ms Stylesheet
text/css 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/scss/withnail.css?v=4550c2517d98341fb5cf41fdb0c66856
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 618105bb69330a9559d3a25428b96da5714a89f9a012996e3c69ae9974e9bb15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:37:26 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 15:37:19 GMT
server: AmazonS3
age: 1533
etag: W/"4550c2517d98341fb5cf41fdb0c66856"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 8pewemJzrOczUBYWTpXOyTCZJ6CpwuuMFU7JI2RzbjovR3ndMp-3mw==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 section.css
s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/scss/ 68 KB
12 KB 18ms
7ms Stylesheet
text/css 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/scss/section.css?v=4de8889cb53b060c499289b6747bbe1c
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a993fb966f108b2fd812f7ed27d9984f4ba2bf94b5f0375d8caa830c2ec751ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 02:22:38 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 10:23:37 GMT
server: AmazonS3
age: 49221
etag: W/"4de8889cb53b060c499289b6747bbe1c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 22mwhN6Ad238bVR8u4nC3kxA_jdqSRvo0S5KWXk3rX5E3U6FJk4QIA==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 logo-dailystar.png
s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/img/ 8 KB
8 KB 14ms
6ms Image
image/png 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/img/logo-dailystar.png
Requested by: Host: s2-prod.dailystar.co.uk
URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/scss/brand-extended.f60ca22bf8630ab5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1be5c3b3315568f9c4def1c7680ec779ee12ddf9cfb18c15c0f8f5fe314ba5e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/scss/brand-extended.f60ca22bf8630ab5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 03:27:32 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 08:58:29 GMT
server: AmazonS3
age: 45326
etag: "e5411ab88f6b53f6abecfe857bbd0877"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 8124
x-amz-cf-id: rW7PUNrO_dt69TrMLbsFX79nUAVToTfDmK-uT9Md6T-9kZdP5tIRPw==

GET
H2 200 ipso.a49db49dfe703ca7.svg
s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-static-html/ipso/img/ 4 KB
2 KB 7ms
6ms Image
image/svg+xml 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-static-html/ipso/img/ipso.a49db49dfe703ca7.svg
Requested by: Host: s2-prod.dailystar.co.uk
URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-static-html/scss/chameleon-static-html.css?v=8560b002b4f01cbd2b804b01afccefa2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67218cedf3fe2e9c5f13da640d16d5326b6b338665306e3282c77b27d9300f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-static-html/scss/chameleon-static-html.css?v=8560b002b4f01cbd2b804b01afccefa2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 02:26:52 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 17:10:41 GMT
server: AmazonS3
age: 49074
etag: W/"f8d824c88fd8e96d700d1cb888a5aeb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 6jVSfcBIE4RXXUdCLKm7r0zzQ_dpZ4FsO1dmLMDQSQprSqs4N-vjag==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 hotjar-1301559.js Show response
static.hotjar.com/c/ 5 KB
3 KB 40ms
11ms Script
application/javascript 65.9.66.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1301559.js?sv=6

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-112.fra56.r.cloudfront.net

Software

Resource Hash

8ee51a87f0dd401e0eafcf8f1aab23e4047c242083aab966cba22a31325b8d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:59 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 35
etag: W/ad2eed59e82dddf773348588c3437513
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: bc_Vzqyl3DMWGBdebrX0mY73BHWhtQG6IoBPUZ1F5MNQCzGAqrPISg==
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)

GET
H2 204 choice.js Show response
quantcast.mgr.consensu.org/choice/JYWDqeLS64fbt/dailystar.trem.media/ 0
322 B 421ms
395ms Script
text/plain 2600:9000:206f:4200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/JYWDqeLS64fbt/dailystar.trem.media/choice.js
Requested by: Host: s2-prod.dailystar.co.uk
URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/tags/js/runForceReconsent.min.js?v=906c6a54597cf3d6882558890c318e8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:59 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-C1
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Miss from cloudfront
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 3d3ws02z_74WR5Ep5Q_DEgS0TIUDN0ivhhtxr7C2juAw-UevPgJm2g==

GET
H2 200 prebid-test.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/lib/prebid/ 450 KB
136 KB 8ms
7ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/lib/prebid/prebid-test.js?v=906c6a54597cf3d6882558890c318e8f
Requested by: Host: s2-prod.dailystar.co.uk
URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/lib/systemjs/s.min.js?v=f10714d2eb405d24ddca037ab0ec8f8d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55da1915062ffd387f2ad684155fe1f05d06bbe8ed8a59a074a73bb7837b6616

Request headers

Referer: http://dailystar.trem.media/
Origin: http://dailystar.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:37:28 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 15:37:19 GMT
server: AmazonS3
age: 1532
etag: W/"f403e6ab66cc82c4c074146f61f37602"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: KcO1sm1BcE522Ig02mCB3r0pZWWq1_bALW_KYPjqj3h-xOiLC_2BmA==
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
713 B 45ms
19ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Requested by

Host: s2-prod.dailystar.co.uk
URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/scss/section.css?v=4de8889cb53b060c499289b6747bbe1c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/scss/section.css?v=4de8889cb53b060c499289b6747bbe1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 14:46:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Jun 2022 16:02:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Jun 2022 16:02:59 GMT

GET
H2 200 icon-dailystar.84ec366a449ab49b.svg
s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/img/ 3 KB
2 KB 7ms
6ms Image
image/svg+xml 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/img/icon-dailystar.84ec366a449ab49b.svg
Requested by: Host: s2-prod.dailystar.co.uk
URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/scss/brand-extended.f60ca22bf8630ab5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 348d4c604efa99a4799d05216dfc9137821590aec4534a730c6d281680dab452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailystar/scss/brand-extended.f60ca22bf8630ab5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 01:54:58 GMT
content-encoding: gzip
last-modified: Fri, 10 Jun 2022 08:58:29 GMT
server: AmazonS3
age: 54808
etag: W/"9e18ce7b95ca6563db910f8166523759"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Xqu51S0bb4BQtOOo4Dn59RyqTuIAVrcwQ5RHVcKkiiHFl2j-gn0D9w==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H2 200 0_Halfords-Logo.png
i2-prod.mirror.co.uk/incoming/article24624947.ece/BINARY/ 12 KB
12 KB 41ms
8ms Image
image/png 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.mirror.co.uk/incoming/article24624947.ece/BINARY/0_Halfords-Logo.png

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

38d0814476339f4cac58c66327a1998447494fd73701ebce153e5e5c8873d679

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cacheable: YES
age: 48062
x-cache: Hit from cloudfront
x-removedcookies: YES
x-cache-hits: 3
content-length: 11889
x-served-by: nat-cache301.tm-aws.com
last-modified: Tue, 27 Jul 2021 09:51:06 GMT
server: nginx
date: Thu, 23 Jun 2022 02:47:32 GMT
x-frame-options: SAMEORIGIN
x-varnish: 445616725 381521867
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: H4jlrvjUZ-o1-7fZNEXWPVYZQ1y0_4_5X8zV3XZkwQC-JxBPNLYTXA==
expires: Fri, 24 Jun 2022 00:44:21 GMT

GET
H2 200 0_Groupon.png
i2-prod.mirror.co.uk/incoming/article24624933.ece/BINARY/ 6 KB
6 KB 40ms
7ms Image
image/png 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.mirror.co.uk/incoming/article24624933.ece/BINARY/0_Groupon.png

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

6eada00d73c67f0ff483b7b1fa4625793e7da0442a37e0e2b96df77f9b4413ac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cacheable: YES
age: 51142
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 5764
x-served-by: nat-cache302.tm-aws.com
last-modified: Tue, 27 Jul 2021 09:50:07 GMT
server: nginx
date: Thu, 23 Jun 2022 02:47:32 GMT
x-frame-options: SAMEORIGIN
x-varnish: 623837718
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: fdBoHdrWA0n57eLg4vM85T3yIjnsw1vnU9GIHrYod98Tya9sNPCsGg==
expires: Fri, 24 Jun 2022 01:50:37 GMT

GET
H2 200 0_Gap.png
i2-prod.mirror.co.uk/incoming/article24624897.ece/BINARY/ 933 B
1 KB 40ms
7ms Image
image/png 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.mirror.co.uk/incoming/article24624897.ece/BINARY/0_Gap.png

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

ab99f5f97dd8638d873236490e1e62b4a5a4348eccbcf805a1003766b637068e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cacheable: YES
age: 48061
x-cache: Hit from cloudfront
x-removedcookies: YES
x-cache-hits: 2
content-length: 933
x-served-by: nat-cache302.tm-aws.com
last-modified: Tue, 27 Jul 2021 09:49:26 GMT
server: nginx
date: Thu, 23 Jun 2022 02:47:32 GMT
x-frame-options: SAMEORIGIN
x-varnish: 624067026 550864812
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: XG1Ba163Cyg_qPV0PfTrngvCZZRX8c8Kei2hNLMAZ4sj2aO3bgKT4g==
expires: Thu, 23 Jun 2022 23:24:03 GMT

GET
H2 200 0_Game.png
i2-prod.mirror.co.uk/incoming/article24624877.ece/BINARY/ 13 KB
14 KB 41ms
9ms Image
image/png 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.mirror.co.uk/incoming/article24624877.ece/BINARY/0_Game.png

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

dff7ef2e5bd2799cddbee2881e527464815d0601af4d8fb6f99e7be634463dcb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cacheable: YES
age: 27870
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 13664
x-served-by: nat-cache301.tm-aws.com
last-modified: Tue, 27 Jul 2021 09:46:00 GMT
server: nginx
date: Thu, 23 Jun 2022 08:22:42 GMT
x-frame-options: SAMEORIGIN
x-varnish: 562271734
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Cfw00HpB3YlxGKmECa1JPqKj3EYblcSWE8AS6BEtXtAd4vlLKSkVsA==
expires: Fri, 24 Jun 2022 08:18:29 GMT

GET
H2 200 0_FunkyPigeon.png
i2-prod.mirror.co.uk/incoming/article24624859.ece/BINARY/ 13 KB
14 KB 40ms
8ms Image
image/png 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.mirror.co.uk/incoming/article24624859.ece/BINARY/0_FunkyPigeon.png

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

d654f4437df946fd29232af21c258842e88e5c9abf40e2637640c6f7dd8cd485

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cacheable: YES
age: 46728
x-cache: Hit from cloudfront
x-removedcookies: YES
x-cache-hits: 1
content-length: 13504
x-served-by: nat-cache302.tm-aws.com
last-modified: Tue, 27 Jul 2021 09:45:07 GMT
server: nginx
date: Thu, 23 Jun 2022 10:43:18 GMT
x-frame-options: SAMEORIGIN
x-varnish: 695927405 685050424
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 7gL00U9ALTlI75j1JEFmd-BVgxudeQtKNY6Foa5blT_XWLs51La7LQ==
expires: Fri, 24 Jun 2022 02:25:45 GMT

GET
H2 200 0_EE.png
i2-prod.mirror.co.uk/incoming/article24624842.ece/BINARY/ 3 KB
3 KB 40ms
8ms Image
image/png 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.mirror.co.uk/incoming/article24624842.ece/BINARY/0_EE.png

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

bfcf2ba331c9a489e9e9f479caa98139d5e70e605f54c46493253f116ac71655

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cacheable: YES
age: 49789
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 2954
x-served-by: nat-cache302.tm-aws.com
last-modified: Tue, 27 Jul 2021 09:44:06 GMT
server: nginx
date: Thu, 23 Jun 2022 02:18:02 GMT
x-frame-options: SAMEORIGIN
x-varnish: 515279127
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: HpK6U2YUYGcVTCHe6DVw7TBqgKtcCiZKQqC63xI7VBR5nmhmlVopQQ==
expires: Thu, 23 Jun 2022 23:53:52 GMT

GET
H2 200 1_hnm.png
i2-prod.mirror.co.uk/incoming/article24624727.ece/BINARY/ 5 KB
5 KB 8ms
7ms Image
image/png 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.mirror.co.uk/incoming/article24624727.ece/BINARY/1_hnm.png

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

0feeb8209a515ab363034713abc6f13983e9d4c03738defc680aaf1433fd01bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cacheable: YES
age: 53647
x-cache: Hit from cloudfront
x-removedcookies: YES
x-cache-hits: 2
content-length: 4650
x-served-by: nat-cache301.tm-aws.com
last-modified: Tue, 27 Jul 2021 09:36:07 GMT
server: nginx
date: Thu, 23 Jun 2022 01:20:55 GMT
x-frame-options: SAMEORIGIN
x-varnish: 408650473 404325391
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: z9rfSSntu_nli1MquyX0rFU_JiMMh_LH56tNz4CG_uhpcEIYJIS-Vg==
expires: Fri, 24 Jun 2022 00:41:41 GMT

GET
H2 200 0_EBAY.png
i2-prod.mirror.co.uk/incoming/article24624774.ece/BINARY/ 2 KB
3 KB 8ms
8ms Image
image/png 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.mirror.co.uk/incoming/article24624774.ece/BINARY/0_EBAY.png

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

5ec0f7ad86e6a384b60c59819dafa21fb1f6fff307e783a650d417d0cc9717e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cacheable: YES
age: 48060
x-cache: Hit from cloudfront
x-removedcookies: YES
x-cache-hits: 2
content-length: 2378
x-served-by: nat-cache301.tm-aws.com
last-modified: Tue, 27 Jul 2021 09:39:42 GMT
server: nginx
date: Thu, 23 Jun 2022 02:47:32 GMT
x-frame-options: SAMEORIGIN
x-varnish: 452231481 367368786
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: YyOrnBJHudtDF01ujmQ0cnvLRgFeJmD5QnEwZBeLCoiJfSmpOoyNJA==
expires: Fri, 24 Jun 2022 02:41:59 GMT

GET
H2 200 0_Dunelm.png
i2-prod.mirror.co.uk/incoming/article24624757.ece/BINARY/ 6 KB
6 KB 9ms
8ms Image
image/png 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.mirror.co.uk/incoming/article24624757.ece/BINARY/0_Dunelm.png

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

02adae7c235657dfdeb5520b509422650b5ef633dfb340ba65951ce2f3511e9b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cacheable: YES
age: 30077
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 5655
x-served-by: nat-cache301.tm-aws.com
last-modified: Tue, 27 Jul 2021 09:39:02 GMT
server: nginx
date: Thu, 23 Jun 2022 07:41:51 GMT
x-frame-options: SAMEORIGIN
x-varnish: 548539510
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: GFdGVA4E80BmudeCIehHpR7njDSsk61BlS16wBNdVP0lcIiN6842VA==
expires: Fri, 24 Jun 2022 06:35:47 GMT

GET
H2 200 0_Dell.png
i2-prod.mirror.co.uk/incoming/article24624739.ece/BINARY/ 2 KB
3 KB 9ms
8ms Image
image/png 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.mirror.co.uk/incoming/article24624739.ece/BINARY/0_Dell.png

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

044f8d29fd7244c78aa8bd774859862e552d441e403ce76b037e6e7ceb4c9e12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cacheable: YES
age: 40990
x-cache: Hit from cloudfront
x-removedcookies: YES
x-cache-hits: 4
content-length: 2337
x-served-by: nat-cache302.tm-aws.com
last-modified: Tue, 27 Jul 2021 09:36:53 GMT
server: nginx
date: Thu, 23 Jun 2022 05:02:22 GMT
x-frame-options: SAMEORIGIN
x-varnish: 657130230 588252883
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: AcjZU3oucGNlLP-_C6DwzDK8tAzxOJh1aqzhgaOHUN6wGwxRHQ1KFQ==
expires: Fri, 24 Jun 2022 03:37:30 GMT

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 958 B
1 KB 80ms
39ms XHR
application/json 52.31.146.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.adsafeprotected.com/services/pub?anId=925430&slot=%7Bid:div-gpt-ad-ad-mix-slot,ss:%5B1.1%5D,p:/5293/dailystar.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-ad-web-strip,ss:%5B4.4%5D,p:/5293/dailystar.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-top-slot,ss:%5B970.250,970.251,728.90,728.91%5D,p:/5293/dailystar.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-rh-slot,ss:%5B300.250,300.252%5D,p:/5293/dailystar.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-section-slot-1,ss:%5B970.250,970.256,728.96%5D,p:/5293/dailystar.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-section-slot-2,ss:%5B970.250,970.257,728.97%5D,p:/5293/dailystar.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-section-slot-3,ss:%5B970.250,970.258,728.90,728.98%5D,p:/5293/dailystar.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-bottom-slot,ss:%5B728.90,728.99%5D,p:/5293/dailystar.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-fpd,ss:%5B3.3%5D,p:/5293/dailystar.co.uk,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=c8f3d4ad-7d9a-7208-8bd3-92194d5412b6&url=http%253A%252F%252Fdailystar.trem.media%252F
Requested by: Host: cdn.adsafeprotected.com
URL: http://cdn.adsafeprotected.com/iasPET.1.js
Protocol: HTTP/1.1
Server: 52.31.146.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-146-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 351961b87d26da1c6157d365a3b1f73dd5431b282b9a8566678981af988c1d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:02:59 GMT
X-Server-Name: app06.ie.303net.net
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: http://dailystar.trem.media
Access-Control-Expose-Headers: X-Server-Name
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Server: nginx

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
592 B 72ms
20ms Fetch
application/json 65.9.66.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/4fb7b1a8-b529-4310-9387-3398aed19fa4/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-98.fra56.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 03:51:32 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront), 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
age: 43887
x-amzn-requestid: 38ed45c3-f938-4258-8225-bcb91c030bcc
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62b3e344-700f0a021a172e564beba9c9;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA56-C1
x-amz-apigw-id: UKBysF6fDoEFraQ=
content-length: 28
x-amz-cf-id: D0hLbK24TMuattXR4jOuP2TcfwHPBx5cVwcnFEvfNULkO2cH7FB6Pw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
592 B 62ms
25ms Fetch
application/json 65.9.66.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/4fb7b1a8-b529-4310-9387-3398aed19fa4/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-98.fra56.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 03:51:32 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront), 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
age: 43887
x-amzn-requestid: 38ed45c3-f938-4258-8225-bcb91c030bcc
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62b3e344-700f0a021a172e564beba9c9;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA56-C1
x-amz-apigw-id: UKBysF6fDoEFraQ=
content-length: 28
x-amz-cf-id: 5boyiPslqtgJHxspWJpjTLleVpuG-9rXNQJCvnk8XjhaEJRl5nS00g==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 ads.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/lib/ads/ 149 B
540 B 44ms
43ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/withnail/lib/ads/ads.js
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fce1c1379b8639497005980d599d8312f6194dd427b296a83d346de5b488750b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 17:51:54 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Mon, 20 Jun 2022 16:16:41 GMT
server: AmazonS3
age: 79866
etag: "8d3b0d305564b8ad5df4e96c59545e3e"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 149
x-amz-cf-id: Htx7h5l2-t833KG3vsb95wp8atCfxy5bP-E5ilzojlbtRqMcD5d0gg==

GET
H/1.1 200
OK / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 171 B
749 B 145ms
117ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=dailystar.trem.media&domain=dailystar.trem.media&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: HTTP/1.1
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e42c957df60f32f8eec6ed242a6ec03b463b4747fe1271d0c2e6ae44267e1d86

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:02:59 GMT
Content-Encoding: gzip
X-Cache-Hits: 0
Age: 0
X-Cache: MISS
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 129
X-Served-By: cache-mxp6921-MXP
Access-Control-Allow-Origin: *
X-Timer: S1656000180.540896,VS0,VE103
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Content-Type: application/json
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
Accept-Ranges: bytes
Expires: Tue, 21 Jun 2022 16:02:59 GMT

GET
H2 200 index.js Show response
cdn.viafoura.net/entry/ 22 KB
8 KB 59ms
6ms Script
application/javascript 2600:9000:2057:2400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/entry/index.js
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3dc307462e4228f050ff6258ad9d6bda21449461724c11d87af36a21573f1aef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: P3R.CknExjZUNb29SH5omgRgx_U8_fwM
content-encoding: br
last-modified: Mon, 20 Jun 2022 13:57:44 GMT
server: AmazonS3
age: 107
etag: W/"19dcfdd804fb22d6b48d84f5477e5c5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
cache-control: public,max-age=600,s-max-age=60
date: Thu, 23 Jun 2022 16:01:13 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 6oqrV5GOSjXX8n9z2TesaC0ekAydCCqx0tyhtTpZ5Sn44wpC4-JGow==

OPTIONS
H2 200 by-container-ids
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-74e153e394bb/content-containers/comment-count-and-status/ Frame 0
0 297ms
97ms Preflight 34.198.78.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-74e153e394bb/content-containers/comment-count-and-status/by-container-ids
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.78.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-78-204.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://dailystar.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods: PUT,GET,PATCH,POST,DELETE
access-control-allow-origin: http://dailystar.trem.media
access-control-max-age: 43200
content-length: 0
date: Thu, 23 Jun 2022 16:02:59 GMT

POST
H2 200 by-container-ids Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-74e153e394bb/content-containers/comment-count-and-status/ 6 KB
711 B 99ms
98ms Fetch
application/json 34.198.78.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-74e153e394bb/content-containers/comment-count-and-status/by-container-ids
Requested by: Host: s2-prod.dailystar.co.uk
URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/marwood/TM/js/section.min.js?v=86e69e5cb83ccc76f152e09611982a6f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.78.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-78-204.compute-1.amazonaws.com
Software: /
Resource Hash: 8762eea9e92be52825376151e2b1e6e144172f0d98d0eb62498886cbfe635f04

Request headers

Accept: application/json
Referer: http://dailystar.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: */*

Response headers

access-control-allow-origin: http://dailystar.trem.media
date: Thu, 23 Jun 2022 16:02:59 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
content-encoding: gzip
content-length: 529
content-type: application/json

GET
H2 200 1_JS270138825.jpg
i2-prod.dailystar.co.uk/incoming/article27312563.ece/ALTERNATES/s1176b/ 83 KB
83 KB 50ms
23ms Image
image/jpeg 143.204.215.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailystar.co.uk/incoming/article27312563.ece/ALTERNATES/s1176b/1_JS270138825.jpg
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 251d46e021e4c60496293fe188fbec785cbb2af89abfd695966c74d94157a8c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:59:28 GMT
via: 1.1 varnish, 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 211
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 84787
x-served-by: nat-cache301.tm-aws.com
last-modified: Thu, 23 Jun 2022 15:00:10 GMT
server: nginx
x-varnish: 822150226 822084447
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: yzdh-t4V5ruDSZz3-5Ijgh2KmMWwOhAjS8lfkFEYfK7aqyJhj4gfLg==
x-cache-hits: 1

GET
H2 200 0_JS270038740_Main.jpg
i2-prod.dailystar.co.uk/incoming/article27306965.ece/ALTERNATES/s270b/ 14 KB
15 KB 43ms
16ms Image
image/jpeg 143.204.215.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailystar.co.uk/incoming/article27306965.ece/ALTERNATES/s270b/0_JS270038740_Main.jpg
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: b4c755132c3059a31345d54017a39e8f503d95bf4cb55a5a3b2eea3ee117b52f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 08:42:35 GMT
via: 1.1 varnish, 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 26424
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 14697
x-served-by: nat-cache301.tm-aws.com
last-modified: Thu, 23 Jun 2022 08:14:20 GMT
server: nginx
x-varnish: 612609619
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: FpPysPkRFQW_YhLA7N9pl0ETZ6LE6N3XwfHezJrR4sgRWuOe4Jr5Og==

GET
H2 200 0_heterosexual-couple-having-sex.jpg
i2-prod.mirror.co.uk/incoming/article27311394.ece/ALTERNATES/s270b/ 7 KB
8 KB 10ms
8ms Image
image/jpeg 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.mirror.co.uk/incoming/article27311394.ece/ALTERNATES/s270b/0_heterosexual-couple-having-sex.jpg

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

56c7b1df846f7f3c387d9d7eddc21e2cfbb9c0111d95a838e644ddddd32d0f22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
age: 5567
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 7285
x-served-by: nat-cache302.tm-aws.com
last-modified: Thu, 23 Jun 2022 13:37:10 GMT
server: nginx
date: Thu, 23 Jun 2022 14:30:12 GMT
x-frame-options: SAMEORIGIN
x-varnish: 915745088 943490529
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: YbD2Zj1dA49GJZsfQ-CqiiP3B_HYe7PBIWLruXge5ryVpAiUtQ-PPA==
x-cache-hits: 1

GET
H2 200 0_MAIN_STAR_GIRL.jpg
i2-prod.dailystar.co.uk/incoming/article27084021.ece/ALTERNATES/s270b/ 13 KB
13 KB 36ms
10ms Image
image/jpeg 143.204.215.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailystar.co.uk/incoming/article27084021.ece/ALTERNATES/s270b/0_MAIN_STAR_GIRL.jpg
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 4a1c8ab4ca415a5d80cdb0cba251da480b3f8020d125009cb7f06acfa272d640

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 13:24:39 GMT
via: 1.1 varnish, 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 9500
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 13057
x-served-by: nat-cache301.tm-aws.com
last-modified: Fri, 27 May 2022 13:36:46 GMT
server: nginx
x-varnish: 756384620 757530842
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Pyxq1U9u4PCzUbkSrcFfkhR9p3EyDNVy1rMNJzrVDpFWmtpzVQdX7A==
x-cache-hits: 1

GET
H2 200 1_Screenshot-2022-06-23-at-155856.png
i2-prod.dailystar.co.uk/incoming/article27312572.ece/ALTERNATES/s270b/ 114 KB
115 KB 36ms
10ms Image
image/png 143.204.215.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailystar.co.uk/incoming/article27312572.ece/ALTERNATES/s270b/1_Screenshot-2022-06-23-at-155856.png
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 7e8794049f56d1019b1fb3625a0a02d1350902c1e1e353bdb79d75ced3114c7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:05:37 GMT
via: 1.1 varnish, 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 3442
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 116915
x-served-by: nat-cache301.tm-aws.com
last-modified: Thu, 23 Jun 2022 15:00:39 GMT
server: nginx
x-varnish: 801931662 800588489
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: grVmoS8IaOUiNMh6T2Iqrt-RtQelsiE81xnllTib5jFQg5qFBd8FMA==
x-cache-hits: 1

GET
H2 200 3_JS270089057.jpg
i2-prod.dailystar.co.uk/incoming/article27306764.ece/ALTERNATES/s540/ 39 KB
39 KB 47ms
22ms Image
image/jpeg 143.204.215.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailystar.co.uk/incoming/article27306764.ece/ALTERNATES/s540/3_JS270089057.jpg
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 8f647f7e843aa228b7900e0a52d6fd1d2e4a2ca9eb8ff12228a7bb867c6a1421

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 12:15:28 GMT
via: 1.1 varnish, 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 13651
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 39666
x-served-by: nat-cache302.tm-aws.com
last-modified: Thu, 23 Jun 2022 12:14:20 GMT
server: nginx
x-varnish: 855618112 877791001
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: VICXuRc7ge7zem9yCKAeQGnf2SDC6lLCvTEICq5E9J_oUhl4UfVeZQ==
x-cache-hits: 1

GET
H2 200 0_JS270133446.jpg
i2-prod.dailystar.co.uk/incoming/article27312284.ece/ALTERNATES/s458/ 28 KB
28 KB 43ms
17ms Image
image/jpeg 143.204.215.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailystar.co.uk/incoming/article27312284.ece/ALTERNATES/s458/0_JS270133446.jpg
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 3a0f281d3fa7cabecedf233dd179db5d99a78614ef165f64204a2b115701b55b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:16:19 GMT
via: 1.1 varnish, 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 2800
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 28385
x-served-by: nat-cache302.tm-aws.com
last-modified: Thu, 23 Jun 2022 14:42:29 GMT
server: nginx
x-varnish: 953392551
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: pmoO1hCwwtDS0SORN_ECO272LMsVATUru3gQ7m3RKPPACx-TNCWoAg==

GET
H2 200 0_Mum-shares-first-time-parent-problem-after-catching-babysitter-sleeping-on-the-job.jpg
i2-prod.dailystar.co.uk/incoming/article27307646.ece/ALTERNATES/s458/ 22 KB
23 KB 11ms
11ms Image
image/jpeg 143.204.215.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailystar.co.uk/incoming/article27307646.ece/ALTERNATES/s458/0_Mum-shares-first-time-parent-problem-after-catching-babysitter-sleeping-on-the-job.jpg
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: dc23df356f0f56eb7d1b86f71e852b1a69133868e0a324f1908dc04b5888bac8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 10:00:23 GMT
via: 1.1 varnish, 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 21756
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 22653
x-served-by: nat-cache302.tm-aws.com
last-modified: Thu, 23 Jun 2022 09:11:47 GMT
server: nginx
x-varnish: 810163485 815073325
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: OjfdjgzPoYdXQC_EfNZ6SA0UMgbc2P4U_M5_Hy2NMV-ci8TvMAWMuw==
x-cache-hits: 2

GET
H2 200 0_Asda-customers-forced-to-ask-staff-to-stop-scanning-food-mid-checkout.jpg
i2-prod.mirror.co.uk/incoming/article27310150.ece/ALTERNATES/s458/ 32 KB
33 KB 9ms
8ms Image
image/jpeg 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.mirror.co.uk/incoming/article27310150.ece/ALTERNATES/s458/0_Asda-customers-forced-to-ask-staff-to-stop-scanning-food-mid-checkout.jpg

Requested by

Host: dailystar.trem.media
URL: http://dailystar.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

879b0f220cd896e8c1faeb6706c88b74926410943384406132aa2788bae0a578

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
age: 12081
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 32984
x-served-by: nat-cache302.tm-aws.com
last-modified: Thu, 23 Jun 2022 12:07:16 GMT
server: nginx
date: Thu, 23 Jun 2022 12:41:38 GMT
x-frame-options: SAMEORIGIN
x-varnish: 888933590 896205073
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: oARZCbcmYCYkYoMqhKGSECujQy8gKaer19_Iyy9QCDrkbZ9XLlqmAg==
x-cache-hits: 2

GET
H2 200 1_tarted-wearing-glasses-so-men-are-less-intimidatedjpeg_Main.jpg
i2-prod.dailystar.co.uk/incoming/article27306769.ece/ALTERNATES/s458/ 30 KB
31 KB 11ms
10ms Image
image/jpeg 143.204.215.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailystar.co.uk/incoming/article27306769.ece/ALTERNATES/s458/1_tarted-wearing-glasses-so-men-are-less-intimidatedjpeg_Main.jpg
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: c5295a2a5eae1ba3e72e80669387cd3020e4f2c27a7e498c9bc7f3fc9998b3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 08:48:05 GMT
via: 1.1 varnish, 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 26094
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 30874
x-served-by: nat-cache302.tm-aws.com
last-modified: Thu, 23 Jun 2022 07:52:55 GMT
server: nginx
x-varnish: 791446267 790463457
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Q3G7shOyrTVKVEsP8lol_WB6-iS3HcrA9AKWrcylU4jmFH965GNzXQ==
x-cache-hits: 1

GET
H2 200 0_GMB.jpg
i2-prod.dailystar.co.uk/incoming/article27310815.ece/ALTERNATES/s458/ 24 KB
24 KB 10ms
10ms Image
image/jpeg 143.204.215.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailystar.co.uk/incoming/article27310815.ece/ALTERNATES/s458/0_GMB.jpg
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: de3db77aae878d34bd1d735e2b61bbca80f52ca7f2f4b13cd0e0d716e0350ea2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:16:27 GMT
via: 1.1 varnish, 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 2792
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 24334
x-served-by: nat-cache302.tm-aws.com
last-modified: Thu, 23 Jun 2022 12:53:56 GMT
server: nginx
x-varnish: 957844131
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: YuqKG4FcvAH_8_qi88PnSLgLYyYHsLC2Klw_XkttB4xOEzZUUjO7Gw==

GET
H2 200 1_PAY-BANNER.jpg
i2-prod.dailystar.co.uk/incoming/article27312060.ece/ALTERNATES/s458/ 36 KB
36 KB 11ms
10ms Image
image/jpeg 143.204.215.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailystar.co.uk/incoming/article27312060.ece/ALTERNATES/s458/1_PAY-BANNER.jpg
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: ae14da10bf8fb8a4ec2821435c4e3187deb551321fed1744bc9274b37af92685

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:38:42 GMT
via: 1.1 varnish, 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 5057
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 36738
x-served-by: nat-cache302.tm-aws.com
last-modified: Thu, 23 Jun 2022 14:35:32 GMT
server: nginx
x-varnish: 950305554
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: x4G8fkoy0qLYhNfyj7eaDxRP0TgYsG8EEIf7MsV6re3i2y7K7DttRg==

GET
H2 200 0_Britney-Spears.jpg
i2-prod.dailystar.co.uk/incoming/article27311656.ece/ALTERNATES/s458/ 31 KB
32 KB 12ms
11ms Image
image/jpeg 143.204.215.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailystar.co.uk/incoming/article27311656.ece/ALTERNATES/s458/0_Britney-Spears.jpg
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 6b68f5155320d6a1028f864aed431881b37fc526e6786d00bfda51bd70586664

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:20:10 GMT
via: 1.1 varnish, 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 6169
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 32060
x-served-by: nat-cache301.tm-aws.com
last-modified: Thu, 23 Jun 2022 13:53:42 GMT
server: nginx
x-varnish: 772607958 780633737
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: HetEyviSemviFD8HME_rJWqLfiFKurnK4hx8OuDTvuSTF1l-fVidUg==
x-cache-hits: 1

GET
H2 200 0_PAY-Malin-Andersson.jpg
i2-prod.dailystar.co.uk/incoming/article27307672.ece/ALTERNATES/s458/ 29 KB
29 KB 11ms
11ms Image
image/jpeg 143.204.215.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailystar.co.uk/incoming/article27307672.ece/ALTERNATES/s458/0_PAY-Malin-Andersson.jpg
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: adc827aacbe4194e6313eaac434ecb6c643fa6d8cedc3c25a48af11388974b65

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 13:17:26 GMT
via: 1.1 varnish, 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 9933
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 29391
x-served-by: nat-cache301.tm-aws.com
last-modified: Thu, 23 Jun 2022 09:11:54 GMT
server: nginx
x-varnish: 755204842 752321784
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: EO3jTkBwOKlMq3gEf5JRZEvFCcY8JjQdbousbheslMWtSLiT0CkiaA==
x-cache-hits: 2

POST
H2 200 pageConfig Show response
felix.data.tm-awx.com/ 775 B
933 B 42ms
38ms XHR
application/json 63.32.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/pageConfig
Requested by: Host: felix.data.tm-awx.com
URL: https://felix.data.tm-awx.com/felix.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.97.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-97-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd8054ca19f986ccd51f0e5d4498239e466f2f3bc6a086fc0dd147667214179e

Request headers

Referer: http://dailystar.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 23 Jun 2022 16:02:59 GMT
etag: W/"307-ZMnuO1iOpfWIfmRrXkpPXGkj4Y0"
content-length: 775
vary: Accept-Encoding
content-type: application/json; charset=utf-8

OPTIONS
H2 204 pageConfig
felix.data.tm-awx.com/ Frame 0
0 119ms
62ms Preflight 63.32.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/pageConfig
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.97.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-97-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://dailystar.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Thu, 23 Jun 2022 16:02:59 GMT

GET
H3 200 pubads_impl_2022062101.js Show response
securepubads.g.doubleclick.net/gpt/ 372 KB
126 KB 21ms
6ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js?cb=31068173

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

b75b3b21ae775a45091f0e3bf542ad86aa9b243dc2d6548d85090c79a1ccf68b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 13:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129096
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 08:34:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Jun 2023 13:43:08 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 42 B
80 B 30ms
15ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dailystar.trem.media

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

77d0b73e037a5f35f00ea8a670e9fa470b81b382216efdf1cf3f5020d84600b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Jun 2022 16:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56
x-xss-protection: 0
expires: Thu, 23 Jun 2022 16:02:59 GMT

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 221ms
215ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:03:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
X-Amz-Cf-Pop: FRA56-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 16 Jun 2022 07:15:00 GMT
Server: AmazonS3
ETag: W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
x-amz-version-id: V0pVBg0mlfLR15rr7Wd2OdbBwvWb7BSE
Via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Content-Type: application/javascript
X-Amz-Cf-Id: VtbUrph5xL7w24BiDUrR6W9Mq5pxa0dKmwBc_6o5U5cGm3mQ28PIcw==

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 41ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

http://static.criteo.net/js/ld/publishertag.js

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-98293609095784.js

Protocol

HTTP/1.1

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:59 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-1dc01"
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
expires: Fri, 24 Jun 2022 16:02:59 GMT

GET rid
match.adsrvr.org/track/ 0
0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 45ms
13ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: upgulpinon.com
URL: https://upgulpinon.com/27/5174b320df6dd61bbcdfef17dda94275

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b4a1f1546748a61f0d710d015b5d547fb08e3b18ddbafe9ee36acbf6447c5464

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:59 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://dailystar.trem.media
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

OPTIONS
H2 204 consent
config.lrcontent.com/ciam/ Frame 0
0 91ms
53ms Preflight 2606:4700:10::ac43:835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/consent?apikey=415307d0-d73a-49d3-9958-1c42c71165ee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://dailystar.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: http://dailystar.trem.media
allow: GET, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 71fe73834d772397-ZRH
date: Thu, 23 Jun 2022 16:02:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Origin

GET
H2 200 consent Show response
config.lrcontent.com/ciam/ 1 KB
640 B 41ms
41ms Fetch
application/json 2606:4700:10::ac43:835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/consent?apikey=415307d0-d73a-49d3-9958-1c42c71165ee
Requested by: Host: s2-prod.dailystar.co.uk
URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/auth-ui/auth-ui.min.js?v=7b6f4a84cd7f8e521a7bc105c3addde6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 879faf9ce07be8f80ace620c4cc7642505a28ed35137cbd0e35cc22065f221e5

Request headers

Accept: application/json
Referer: http://dailystar.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Jun 2022 16:02:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json
access-control-allow-origin: http://dailystar.trem.media
cache-control: max-age=7200
cf-ray: 71fe73839dea2397-ZRH

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 33ms
18ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B287MYQDTC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a15197a1cbd23883086fe64e28c5369335c5266f4a044cbc4af4f76c647e03ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70274
x-xss-protection: 0
expires: Thu, 23 Jun 2022 16:02:59 GMT

GET
H2 200 door.js Show response
uk-script.dotmetrics.net/ 69 B
1 KB 114ms
77ms Script
application/javascript 99.86.4.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-script.dotmetrics.net/door.js?d=dailystar.trem.media&t=home
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-92.fra6.r.cloudfront.net
Software: Kestrel /
Resource Hash: d28a575c57591aa6256f31f4982e8f37132bef8525060bae2b2bfee3df42ba95

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:59 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: FRA6-C1
etag: ".dailystar.trem.media.home.208.2022062316"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: private
content-type: application/javascript
x-amz-cf-id: PEcx0tOeSZhcHIo7CCNm-C2ccvI_TcZ4LxXvk18pEYKCOjKVmwLS3Q==

GET
H/1.1 200
OK verify-2.0.1.min.js Show response
www.reachgeneric.co.uk/bad-ads-reporting-tool/js/AdVerification/ 140 KB
140 KB 36ms
7ms Script
application/javascript 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reachgeneric.co.uk/bad-ads-reporting-tool/js/AdVerification/verify-2.0.1.min.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-34.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca71b1bc796bcfb39ca0577c61934079447add2e82e52fc506de2a8d85e8b44

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 03 Apr 2022 09:37:32 GMT
Via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 12 Oct 2021 16:32:32 GMT
Server: AmazonS3
Age: 7021528
ETag: "27e23fb00d05c05a7e5604495582b2b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=7776000
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 143285
X-Amz-Cf-Id: jvx6CoMAcBJg7bFTQBatVIs4yg95YAyiZ42uin2AN75smNoawhuBGg==

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4432
date: Thu, 23 Jun 2022 14:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 23 Jun 2022 16:49:07 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1020045596&t=pageview&_s=1&cd=dailystar%3Ahome&dl=http%3A%2F%2Fdailystar.trem.media%2F&ul=en-us&de=UTF-8&dt=The%20Daily%20Star%3A%20Home%20of%20Fun%20Stuff&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=false&_u=aODACEABBAAAAC~&jid=588413564&gjid=629879085&cid=1439911363.1656000179&tid=UA-110513849-54&_gid=941460338.1656000179&_r=1&gtm=2wg6f0M3TH25P&cg1=home&cd1=UHID%7C22%3A06%3A23%3A16%3A02%3A58%3A870_3bae994f-2266-452c-b11c-f9fa470769b3&cd3=prod&cd4=desktop&cd5=chameleon&cd7=dailystar&cd8=nationals&cd9=dailystar&cd10=home&cd23=desktop&cd27=web_dev_0.1&cd29=http%3A%2F%2Fdailystar.trem.media%2F&cd30=dailystar%3Ahome&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&cd34=not%20logged%20in&cd36=desktop&cd41=0&cd51=DL%20-%20Source%20Not%20Known&cd52=No%20Value%20In%20DL&cd68=GTM-M3TH25P&cd71=false&cd72=Nationals&cd74=home&cd79=iOS%20only&cd80=Not%20in%20Data%20Layer&cd81=(not%20set)&cd85=default-value%3Anot-defined&z=1731491910

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://dailystar.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:02:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://dailystar.trem.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tag.min.js Show response
get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/
Redirect Chain

http://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js

59 KB
18 KB

73ms
7ms

Script
text/javascript

65.9.66.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Server: 65.9.66.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-74.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 581d3a625e9af7f423072c97ed940e38a08da586275ca088455775f62b63e021

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:11:01 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 15:41:16 GMT
server: AmazonS3
age: 75119
etag: W/"7b4652aae194ec2b6f409e851f56d675"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 9KAT1veV1Iv5VFVNSeH1jpz86H.6H.7S
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
content-type: text/javascript
x-amz-cf-id: XsJLE8uvQpqPnXXEAybp2Qx6MNKVDUCRapnGfeou6q4ZDwtoS0Bo8A==

Redirect headers

Date: Thu, 23 Jun 2022 16:02:59 GMT
Via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: JV66cHRJ_DW_DY-5DgWkUtGSuHrw7Ao_3xWW1G5NnT04oPXOyoKTJw==

GET
H2 200 adsm.macro.7b4cd01e-58e4-4d3c-b14d-9c15d2911c60.js Show response
macro.adnami.io/macro/spec/ 32 KB
7 KB 61ms
26ms Script
application/javascript 2606:4700::6812:5ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://macro.adnami.io/macro/spec/adsm.macro.7b4cd01e-58e4-4d3c-b14d-9c15d2911c60.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647f147f524b70167e3673a009837c51be56f1bd6014a2de142660c24801fd9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Jun 2022 16:02:59 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: X2tMvdktObCwI7HNblNWBQ==
age: 2975
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jun 2022 14:46:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c8e7652e-601e-000e-4234-7f8c2e000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71fe7383be152397-ZRH
expires: Thu, 23 Jun 2022 20:02:59 GMT

GET
H2 200 static.min.js Show response
cdn.exelator.com/build/ 21 KB
8 KB 186ms
18ms Script
application/javascript 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exelator.com/build/static.min.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78d8aa00a4effdea0749f3b5a48a3e5967e73c4ce6454d2abd09bc8e3823abbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: zJnj9IdW5bQWUqea2aMpKS.72qNKKrMo
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 06:40:58 GMT
server: AmazonS3
age: 44293
etag: W/"ca34304b059a43ff8e7d8cd71f2c58c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
date: Thu, 23 Jun 2022 03:44:50 GMT
x-amz-cf-pop: FRA56-C1
x-amz-request-id: 88JHF369QE5P2PH4
x-amz-cf-id: QHamj3-yjx7gzrqdY5Nq3kFk-h_W3CJRu6wXokwNCpriuAIpCUg_tg==
x-amz-id-2: vIVhOBMN3QrunD8VX2nny7rBrRv1kSr0O8xyx1jAUndZMg8OpNHagICgwVs3y0td0eRMNBSzDPA=

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 32ms
7ms Image
text/plain 99.86.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035737&ns__t=1656000179753&ns_c=UTF-8&c8=The%20Daily%20Star%3A%20Home%20of%20Fun%20Stuff&c7=http%3A%2F%2Fdailystar.trem.media%2F&c9=
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-3.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:02:59 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: SAZ1mNBP9ndhDfQS39lFFxf1bbQZwwZTR8gUuQfFaosTbSj1LaXIKA==
x-cache: Miss from cloudfront

POST
H2 200 9 Show response
upgulpinon.com/ 6 KB
3 KB 20ms
19ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/9?z=4843600&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fdailystar.trem.media%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&oaid=ec46b74c15dd46b1afa76bf564512420
Requested by: Host: upgulpinon.com
URL: https://upgulpinon.com/27/5174b320df6dd61bbcdfef17dda94275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 87e5314ff5f855d6c7e2d0d8d7207633a3b7b8555a417ba4d267ffbf7a80f929

Request headers

Referer: http://dailystar.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 899100dc02bda78bbf856eb77fe56c59
pragma: no-cache
date: Thu, 23 Jun 2022 16:02:59 GMT
content-encoding: gzip
x-sc: TWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: http://dailystar.trem.media
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
upgulpinon.com/ Frame 0
0 38ms
12ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/9?z=4843600&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fdailystar.trem.media%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&oaid=ec46b74c15dd46b1afa76bf564512420
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://dailystar.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: http://dailystar.trem.media
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Thu, 23 Jun 2022 16:02:59 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
15 KB 6ms
6ms Script
application/x-javascript 2600:9000:2057:6400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 474206bc3afbd887970bf29b9c35a637fa1875fe2dd6e55c1a67c2791bcad01c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:58:39 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 02:47:31 GMT
server: nginx
age: 3860
etag: W/"62abeb43-9088"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: dIYiXsdgzZVeVqPZ-dSv9HoDEyPF12YGDB8duAp5VgnOOSZMLdOdkA==
expires: Thu, 23 Jun 2022 16:58:39 GMT

POST
H2 204 pageview Show response
felix.data.tm-awx.com/ 0
57 B 30ms
30ms XHR
text/plain 63.32.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/pageview
Requested by: Host: felix.data.tm-awx.com
URL: https://felix.data.tm-awx.com/felix.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.97.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-97-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dailystar.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 23 Jun 2022 16:02:59 GMT

POST
H2 404 v2 Show response
api.viafoura.co/v2/dailystar.trem.media/bootstrap/ 138 B
568 B 301ms
99ms Fetch
application/json 2600:1f18:44f0:4864:da45:4818:d48e:3ab0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/dailystar.trem.media/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4864:da45:4818:d48e:3ab0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0e396c44938ac792546ac6681c44921a2f64c28e51fe363ddfa43ade287152c4

Request headers

Referer: http://dailystar.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://dailystar.trem.media
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-instance-id: i-0d678a0ce6705d9c4

GET
H2 200 11 Show response
upgulpinon.com/ 0
563 B 17ms
16ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/11?rnd=1773259204&z=4843600&b=5362695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60=&ruid=c40799e2-6372-412a-9b48-0f155759e9bb&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fdailystar.trem.media%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&ot=102
Requested by: Host: upgulpinon.com
URL: https://upgulpinon.com/27/5174b320df6dd61bbcdfef17dda94275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dailystar.trem.media/
X-Sc: TWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 08a8b7bba5ebb8c0245d2794cbc19ed2
pragma: no-cache
date: Thu, 23 Jun 2022 16:02:59 GMT
x-sc
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: http://dailystar.trem.media
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
interstitial-08.com/ Frame 3D53 21 KB
6 KB 86ms
52ms Document
text/html 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.25
Resource Hash: cf80e14911412fe32030d032d116636d21c0d249c64e6e57c87568c3cb465f69

Request headers

Referer: http://dailystar.trem.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 23 Jun 2022 16:02:59 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.25

OPTIONS
H2 204 pageview
felix.data.tm-awx.com/ Frame 0
0 29ms
29ms Preflight 63.32.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.97.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-97-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://dailystar.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Thu, 23 Jun 2022 16:02:59 GMT

OPTIONS
H2 204 11
upgulpinon.com/ Frame 0
0 14ms
14ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/11?rnd=1773259204&z=4843600&b=5362695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60=&ruid=c40799e2-6372-412a-9b48-0f155759e9bb&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fdailystar.trem.media%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&ot=102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sc
Access-Control-Request-Method: GET
Origin: http://dailystar.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: http://dailystar.trem.media
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Thu, 23 Jun 2022 16:02:59 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 40ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B287MYQDTC&gtm=2oe6f0&_p=1020045596&_z=ccd.v9B&cid=1439911363.1656000179&ul=en-us&sr=1600x1200&_s=1&sid=1656000179&sct=1&seg=0&dl=http%3A%2F%2Fdailystar.trem.media%2F&dt=The%20Daily%20Star%3A%20Home%20of%20Fun%20Stuff&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B287MYQDTC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:02:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://dailystar.trem.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
958 B 447ms
421ms Fetch
application/json 99.86.4.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-117.fra6.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront), 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA6-C1
x-amzn-requestid: e52270b0-053b-4fb3-8120-baaa4806ba0e
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: ULs8NHtCCYcFUsg=
content-length: 555
x-amz-cf-id: FbfjRdbzPttE__lamUXnJOuz_yVgs0MQxiEwo4Dk-vnqmzLlhft2gA==

GET
H/1.1 200
OK reach-beacon.min.js Show response
signal-beacon.s-onetag.com/ 29 KB
10 KB 57ms
8ms Script
application/javascript 143.204.215.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://signal-beacon.s-onetag.com/reach-beacon.min.js?affiliateId=252378
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: HTTP/1.1
Server: 143.204.215.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-76.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a33ef9c853607ed85c0aa618ccd964f19a97352f4684c7c3bb3e2c81565bea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: rz6j6ePceWk3KL3U4JK8EG2zo6Qy2SPx
Content-Encoding: gzip
ETag: W/"85c473e51d7c40a527a1bf33a5c16fe2"
Age: 432
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 20 Apr 2022 09:54:42 GMT
Server: AmazonS3
Date: Thu, 23 Jun 2022 15:55:48 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: 3F27XUUQnDQlPhZke49bHL6VXVgD0E6dg747PpFoULI_oU13E7w3AQ==

GET
H2 200 mirrorcouk.min.js Show response
global.proper.io/ 19 KB
6 KB 85ms
32ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/mirrorcouk.min.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 950741fc258dd3fd7633ab26cfd76a18ddddc5e83f0591c3f57991cd32275156

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 13:02:07 GMT
server: cloudflare
age: 1911650
etag: W/"6297634f-4aa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 71fe73853b550200-ZRH
expires: Thu, 23 Jun 2022 16:08:00 GMT

GET
H2 404 %2F Show response
signal-segments.s-onetag.com/desktop/dailystar.trem.media/ 0
452 B 217ms
184ms Fetch
application/json 65.9.66.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/dailystar.trem.media/%2F
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-58.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront), 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5, FRA56-C1
x-amzn-requestid: 9730d5c1-32e6-424d-af1c-b2e4881ea40a
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amzn-trace-id: Root=1-62b48eb4-26d20a842b056828508e7cf4;Sampled=0
x-amz-apigw-id: ULs8LFE8CYcFnLg=
content-length: 0
x-amz-cf-id: oZrJ-NIsarwFfLhqivFGoi08a_XHgigKTF3W4BUw9nJxkZQYFKKBCA==

GET
H2 404 dailystar.trem.media Show response
signal-segments.s-onetag.com/desktop/ 0
460 B 43ms
11ms Fetch
application/json 65.9.66.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/dailystar.trem.media
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-58.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:58:59 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront), 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
age: 241
x-amzn-requestid: 7826c821-087e-4545-a59b-bbae1c239993
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amzn-trace-id: Root=1-62b48dc3-41011a0f3c70b7180664526d;Sampled=0
x-amz-cf-pop: FRA56-P5, FRA56-C1
x-amz-apigw-id: ULsWmHjiCYcF-CA=
content-length: 0
x-amz-cf-id: 3cqmYwNsjS4S2LIxHr5FwFpXyOYdrtOTVqc_GZG44SWT7yblBd1m7g==

GET
H2 200 adsm.macro.rmb.js Show response
macro.adnami.io/macro/gen/ 83 KB
22 KB 30ms
30ms Script
application/javascript 2606:4700::6812:5ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://macro.adnami.io/macro/gen/adsm.macro.rmb.js
Requested by: Host: macro.adnami.io
URL: https://macro.adnami.io/macro/spec/adsm.macro.7b4cd01e-58e4-4d3c-b14d-9c15d2911c60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7513a1f725012c714cc6212cd9b4f8eed8e67cee8e5cd722ae1d5c8c2c628cb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 6q4OfC8Q7MhC0OsE8H+wOg==
age: 6711
x-ms-lease-status: unlocked
last-modified: Wed, 15 Jun 2022 10:07:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3a659155-401e-003b-219f-80227b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71fe7384e8182397-ZRH
expires: Thu, 23 Jun 2022 20:02:59 GMT

GET
H/1.1 200
OK ping
ping.chartbeat.net/ 43 B
294 B 198ms
97ms Image
image/gif 3.219.107.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ping.chartbeat.net/ping?h=dailystar.trem.media&p=%2F&u=BMBw4zD5lJbBD8cf76&d=dailystar.trem.media&g=33715&g0=home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=20792&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3960&t=C5Szf5q7qGsB1WsVzDb-_k7NfdCp&V=134&i=The%20Daily%20Star%3A%20Home%20of%20Fun%20Stuff&tz=0&sn=1&sv=BYB3o0BimvpRBrfAm_DZ9msThGJgQ&sd=1&im=043b2ff3&_
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: HTTP/1.1
Server: 3.219.107.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-107-219.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 16:03:00 GMT
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 subscriptions.js Show response
static.chartbeat.com/js/ 32 KB
11 KB 6ms
6ms Script
application/x-javascript 2600:9000:2057:6400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/subscriptions.js
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a1c9a21ede44774a26110c312c2c5398e074132f6e243011c15b4bfd660702ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:34:18 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2022 02:15:58 GMT
server: nginx
age: 5321
etag: W/"62981d5e-81f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: D00z6455LK07NIpxpIJlVbczvDDfT6I_O0P4BSZgHkvCsllLlss27w==
expires: Thu, 23 Jun 2022 16:34:18 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 186 KB
74 KB 99ms
59ms Script
application/javascript 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6662811ee02cbc81b948b00e6b059179542b85e0339c2f12adbdec359da94b79

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-htHWiqFILGpquDN5PiSarg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-htHWiqFILGpquDN5PiSarg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 23 Jun 2022 16:03:00 GMT

GET
H2 200 fv.js Show response
unphionetor.com/ Frame 3D53 5 KB
3 KB 125ms
90ms Script
text/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unphionetor.com/fv.js?t=72747&cb=2029682709

Requested by

Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: e1fb0b8f6a100359925c86aeaf1ded21
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame 3D53 12 KB
3 KB 74ms
34ms Stylesheet
text/css 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 6002
last-modified: Mon, 20 Jun 2022 11:25:41 GMT
server: cloudflare
etag: W/"62b05935-30c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 71fe73857fe8cc42-ZRH
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 3D53 3 KB
3 KB 28ms
27ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
cf-cache-status: HIT
age: 3827
content-length: 3429
last-modified: Mon, 20 Jun 2022 11:25:41 GMT
server: cloudflare
etag: "62b05935-d65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 71fe7385d84ccc42-ZRH
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame 3D53 52 KB
53 KB 24ms
23ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-d0e0"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 53472

GET
H2 200 0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame 3D53 14 KB
15 KB 36ms
35ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
last-modified: Wed, 15 Aug 2018 10:56:50 GMT
server: nginx
etag: "5b7406f2-393b"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 14651

GET
H2 200 0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame 3D53 35 KB
35 KB 35ms
35ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
last-modified: Tue, 17 Jul 2018 10:46:08 GMT
server: nginx
etag: "5b4dc8f0-8b17"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 35607

GET
H2 200 01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame 3D53 49 KB
50 KB 45ms
45ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-c502"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 50434

GET
H2 200 player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 3D53 28 KB
28 KB 24ms
24ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
cf-cache-status: HIT
age: 5180
content-length: 28527
last-modified: Mon, 20 Jun 2022 11:25:41 GMT
server: cloudflare
etag: "62b05935-6f6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 71fe73860891cc42-ZRH
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 script.js Show response
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame 3D53 1 KB
562 B 22ms
22ms Script
application/javascript 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D4091162866%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc40799e2-6372-412a-9b48-0f155759e9bb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fdailystar.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DTWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 5180
last-modified: Mon, 20 Jun 2022 11:25:41 GMT
server: cloudflare
etag: W/"62b05935-58b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 71fe7385b823cc42-ZRH
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
959 B 374ms
373ms Fetch
application/json 99.86.4.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: signal-beacon.s-onetag.com
URL: http://signal-beacon.s-onetag.com/reach-beacon.min.js?affiliateId=252378
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-117.fra6.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront), 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA6-C1
x-amzn-requestid: e52270b0-053b-4fb3-8120-baaa4806ba0e
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: ULs8NHtCCYcFUsg=
content-length: 555
x-amz-cf-id: rP-Y9vZCzxYqUmlyml8-JWteenhvNtBkmT7QD8Ivx_Vp4dm5EvkNRg==

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 518 KB
128 KB 43ms
42ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 004f5032634a668de76e588c87a95720ef2fa7c3964dcbe80206c490925e497d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Jun 2022 21:54:31 GMT
server: cloudflare
age: 1272959
etag: W/"62a11a97-819a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 71fe73856bbc0200-ZRH
expires: Thu, 23 Jun 2022 16:08:00 GMT

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
1 KB 206ms
195ms Image
image/gif 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=1&rn=3.3468192778990282
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: cloudflare
x-amz-request-id: FZRYKYV6NGR3NQ8Q
etag: "04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71fe73857be80200-ZRH
content-length: 842
x-amz-id-2: kmYvMTSSK51qHal7eHElMQv4kpYAHoEuhxDN8jiXTrJMmEfGkiUFeqntK3IydkulNxDwobAVZoo=
expires: Thu, 23 Jun 2022 20:03:00 GMT

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
983 B 213ms
203ms Image
image/gif 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=2&rn=3.3468192778990282
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: cloudflare
x-amz-request-id: FZRQJ8S1SXH581KT
etag: "04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71fe73857be40200-ZRH
content-length: 842
x-amz-id-2: kdDjqJ2UQQz8/XfJ9H21VfjjUR1IfMm1DcmduGNsCwKFw0IDBKWvbmmIUSkeFF9ayfjg+F/ZWbQ=
expires: Thu, 23 Jun 2022 20:03:00 GMT

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 24 KB
10 KB 43ms
10ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:03:00 GMT
Content-Encoding: gzip
Etag: "u2JtyZzqnTXwzBUswy2r+w=="
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Thu, 30 Jun 2022 16:03:00 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
938 B 65ms
23ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1393388
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIKnKY3dah8mie6HtCjW8FpMDnD%2BU8rO9bFqNcSrcPepR1U3BH7Ny8zrHpZGkFPhxJ0FODgzxT9PyIobgGumG1HAWF8hVsJBr0jrMQldDtOqHXeOeYDDEVhGfpWvXjG8f5F6p9OKqP4UIvet"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 71fe738649173751-MXP

GET
H2 204 vctx Show response
unphionetor.com/ Frame 3D53 0
494 B 25ms
24ms XHR
text/plain 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unphionetor.com/vctx?t=72747

Requested by

Host: unphionetor.com
URL: https://unphionetor.com/fv.js?t=72747&cb=2029682709

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 1366c723dd97271f6de3f8dda29769d0
pragma: no-cache
date: Thu, 23 Jun 2022 16:03:00 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://interstitial-08.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 all Show response
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-000000000000/ 36 B
226 B 303ms
102ms Fetch
application/json 52.72.67.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-000000000000/all
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.67.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-67-212.compute-1.amazonaws.com
Software: /
Resource Hash: b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: http://dailystar.trem.media
date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 59
content-type: application/json; charset=utf-8

GET
H2

200

rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js

3 KB
2 KB

21ms
6ms

Script
application/javascript

2600:9000:206f:c200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: dailystar.trem.media
URL: http://dailystar.trem.media/
Protocol: H2
Server: 2600:9000:206f:c200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:55:51 GMT
content-encoding: gzip
age: 430
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Wed, 03 Nov 2021 22:03:49 GMT
server: AmazonS3
etag: W/"ebff52074a206856b4f1993710373d93"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Q76nNZODzOnHaUz90D8gAlDvYHQ9LL8BH-wd5DjfdiIMYtfQxeMAAw==

Redirect headers

Date: Thu, 23 Jun 2022 16:03:00 GMT
Via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: vPBgqUHnI_iqhwWzgqVBm0_i6xjrDNP2CKcFSU8L3q27q8jLaL5xCg==

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 98ms
81ms Stylesheet
text/css 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7q7YYR-c4ohjMeWOaFmCwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7q7YYR-c4ohjMeWOaFmCwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 23 Jun 2022 16:03:00 GMT

POST
H2 204 vbl
unphionetor.com/ Frame 3D53 0
494 B 15ms
14ms Ping
text/plain 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined

Requested by

Host: unphionetor.com
URL: https://unphionetor.com/fv.js?t=72747&cb=2029682709

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 93c2592c05185f4f720a2589b2457e76
pragma: no-cache
date: Thu, 23 Jun 2022 16:03:00 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://interstitial-08.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 122ms
85ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx6652690fc3d34d3ba33e3-0062b3526b
cf-ray: 71fe7386acef83a6-MXP
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-id-2: tx6652690fc3d34d3ba33e3-0062b3526b
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3n10RjmXQPID2CJDZRi94xh3uTH889e2oIZ6WudQcWkq2DC9XHdW%2B%2FimOH6TK83ZB%2BEGKKrF6sAayFRbe2JkkZ7lYKaec2dVpBe3qhZIckkwrFakw7OMfJM%2Fut0%2F7HwIAdPbvrWAiRMborz"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1652176651393042
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: Authorization

OPTIONS
H2 204 11
upgulpinon.com/ Frame 0
0 12ms
12ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/11?rnd=1773259204&z=4843600&b=5362695&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60=&ruid=c40799e2-6372-412a-9b48-0f155759e9bb&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fdailystar.trem.media%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sc
Access-Control-Request-Method: GET
Origin: http://dailystar.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: http://dailystar.trem.media
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Thu, 23 Jun 2022 16:03:00 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 11 Show response
upgulpinon.com/ 0
700 B 22ms
22ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/11?rnd=1773259204&z=4843600&b=5362695&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=66Wp_arqDgL6SVxn2KmgmsOTuwK8om-kps7xK05xCKVcw1jP0_PcR6J0l3aFo13T14PI8f3ErfsUrAWw5jxMgTzYrDGVa_jZiSBGkKZ1qEPgIEiXbtyzHIbL9kC-Lp3GYAFEFVlqfcIODY7gOtLbR006CRxaMIJfY-COHtBxityMGdF2zQ1UbJ-AffmxE99bYAHMvq8BimTtOmpTfSsqOI8w-AwmW6FJVf7DeqXeNDO7Q_LxP6uuep9OJC_gwGPivGGOWhQfZCuyDjRZPeiDt6ebH60=&ruid=c40799e2-6372-412a-9b48-0f155759e9bb&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fdailystar.trem.media%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Requested by: Host: upgulpinon.com
URL: https://upgulpinon.com/27/5174b320df6dd61bbcdfef17dda94275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dailystar.trem.media/
X-Sc: TWugaqGp2ELaR85UUAZolsHmR4ZcC0DDRJK0ABTg2tmTf650SHiww6qyhAmdC8pUDj5uFYORs9vicLtyYJfUjXdHcFQ=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 76220a50fd09ef2200eced93c3ee0fcf
pragma: no-cache
date: Thu, 23 Jun 2022 16:03:00 GMT
x-sc
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: http://dailystar.trem.media
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3D53 548 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 75ms
40ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=015440420724022033189%3Anff4gt9ffko

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

1f4b9d79a040fd09cf3b3c10cf3a19729cbeceb665b4b838f71619c753c1b26a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3551
x-xss-protection: 0
server: gws
expires: Thu, 23 Jun 2022 16:03:00 GMT

GET
H3 403 status Show response
accounts.google.com/gsi/ 37 B
92 B 158ms
157ms XHR
application/json 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=187665714343-2h7ck06gs6b6d5kd87dm1ofr74njsu7i.apps.googleusercontent.com&as=ONGFkz0mEob8%2Bn4S7imBnQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b4b7e1955ce9699c60ef4f702b7eb87655cffd3fa872cda7c42a8c547aaf366

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-scZi97nnkkUxTcFiI9ZtWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: http://dailystar.trem.media
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-scZi97nnkkUxTcFiI9ZtWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/tmg-network/ 1 MB
69 KB 27ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tmg-network/loader.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 645c281079bca7cbd33f35fddb5f5d8d98420817cc02822983061a10c3a20600

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: uLH.o04nI4WiWfY6OpvjWmwE.VX5inO7
content-encoding: gzip
etag: "b53f8aab0dd7d467406cf466191126cc"
age: 22896
x-cache: HIT
content-length: 69785
x-amz-id-2: Ezq8Hz89rjGWqLpfyE9CwzUUv/g3ZYq4VUKLVemGyKnfCWGPUi4X5dtZHjcSBgX7HIWlZJKdA6s=
x-served-by: cache-hhn4020-HHN
last-modified: Thu, 23 Jun 2022 09:41:12 GMT
server: AmazonS3
x-timer: S1656000180.332919,VS0,VE0
date: Thu, 23 Jun 2022 16:03:00 GMT
vary: Accept-Encoding
x-amz-request-id: HFY9C9DBRA8AXXAY
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 59
x-cache-hits: 83

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035737/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
349 B

6ms
6ms

Script
application/javascript

99.86.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-3.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:41:43 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: ECWYYiHay0QWpuf6v3fyTQw99HnIn6Zr30J6FnzetenyNdZMSF2oLw==

Redirect headers

location: /internal-c2/default/cs.js
date: Thu, 23 Jun 2022 16:03:00 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: UTjacBGlRoi031APVeuuXas6w-42xBs6ZHujmew7XFTHzFXu5GGhkg==
x-cache: Miss from cloudfront

OPTIONS
H2 204 batch
felix.data.tm-awx.com/ Frame 0
0 29ms
29ms Preflight 63.32.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/batch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.97.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-97-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://dailystar.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Thu, 23 Jun 2022 16:03:00 GMT

POST batch
felix.data.tm-awx.com/ 0
0

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/3e1664f444e6eb06/ 303 KB
100 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__en.js?usqp=CAI%3D

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 20:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102672
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 17:07:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 21 Jun 2023 20:18:10 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/3e1664f444e6eb06/ 41 KB
9 KB 33ms
13ms Stylesheet
text/css 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 20:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 17:07:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 21 Jun 2023 20:35:02 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 34ms
14ms Stylesheet
text/css 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 23 Jun 2022 16:11:48 GMT

GET
H2 200 impl.20220623-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 668 KB
138 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220623-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tmg-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a4fe930bedb0e3d98f2503da5eab788268c8d643caa9bee196e2bbfbc22f3cb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 9sBPTnzAQbZkbYMI4LyXJLf4JmOVjTj3
content-encoding: br
etag: "3646cb395f6a3ba852cd69e58e1c3757"
age: 26663
x-cache: HIT
content-length: 141197
x-amz-id-2: Le0RI7lcdP6s+Rz4SwDmFhi+DpCTcw3P6HhZeOCWw0QaDdml4Q3lAV9IfRm6sH8EWUMjtegPL3Q=
x-served-by: cache-hhn4020-HHN
last-modified: Thu, 23 Jun 2022 08:01:34 GMT
server: AmazonS3-br
x-timer: S1656000180.462140,VS0,VE0
date: Thu, 23 Jun 2022 16:03:00 GMT
vary: Accept-Encoding
x-amz-request-id: TR3B9N1B0BBHWYVM
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 84
x-cache-hits: 17373

POST /
mydmp.exelator.com/on-site-tag-load/ 0
0

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 140 KB
52 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__en.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab992bf6b5fcae6932e2cc00a43c3dd359e35def6594319c2ea036b14844fcd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:03:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "15674369592883648275"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
Expires: Thu, 23 Jun 2022 16:03:00 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 24ms
7ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 08:44:59 GMT
x-content-type-options: nosniff
age: 112681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 22 Jun 2023 08:44:59 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 31ms
5ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Protocol: HTTP/1.1
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:03:00 GMT
Content-Length: 0

GET
H2 200 ingest
i.viafoura.co/v3/dailystar.trem.media/ 67 B
324 B 104ms
97ms Image
image/png 52.72.67.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/dailystar.trem.media/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22dailystar.trem.media%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1656000180%2C%22isRecirculation%22%3Afalse%2C%22uniqueId%22%3A%220906d7ab-75b3-4c5c-8f5e-b27d76e3447b%22%2C%22firstVisit%22%3A1656000180%2C%22previousVisit%22%3A1656000180%2C%22currentVisit%22%3A1656000180%2C%22visitCount%22%3A1%2C%22referrerStart%22%3A1656000180%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%7D%2C%22meta%22%3A%7B%22domain%22%3A%22dailystar.trem.media%22%2C%22pageImage%22%3A%22%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22http%3A%2F%2Fdailystar.secsportz.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22title%22%3A%22The%20Daily%20Star%3A%20Home%20of%20Fun%20Stuff%22%2C%22page_type%22%3A%22section%22%2C%22page_description%22%3A%22All%20the%20best%20news%20stories%2C%20sport%20%26%20showbiz%20from%20the%20Daily%20Star%2C%20the%20top%20destination%20for%20big%20laughs.%22%2C%22topics%22%3A%5B%5D%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Afalse%2C%22container_id%22%3A%22%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22The%20Daily%20Star%3A%20Home%20of%20Fun%20Stuff%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%223df9bca2-7284-4976-98e2-1f2279f0d4c0%22%2C%22w%22%3A%5B%22vf-tray-trigger%22%5D%2C%22v%22%3A1%2C%22event_type%22%3A%22analytics.view_lite%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.67.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-67-212.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 445.json Show response
id5-sync.com/g/v2/ 213 B
626 B 34ms
7ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/445.json

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e63675561ebcebc22c6d91aa8acad00da6d6d010856159f7aac5a39c52f2c911

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://dailystar.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://dailystar.trem.media
date: Thu, 23 Jun 2022 16:03:00 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 642ms
156ms XHR
application/octet-stream 100.20.195.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.195.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-195-132.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dailystar.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 23 Jun 2022 16:03:01 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

POST
H2 200 log
onsite-tag-logs.apps.nielsen.com/ 0
264 B 313ms
101ms Ping
application/octet-stream 34.192.95.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite-tag-logs.apps.nielsen.com/log
Requested by: Host: cdn.exelator.com
URL: https://cdn.exelator.com/build/static.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.95.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-95-221.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dailystar.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 23 Jun 2022 16:03:00 GMT
server: nginx/1.16.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame AF8F 15 KB
6 KB 52ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dailystar.trem.media

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://dailystar.trem.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 16:03:00 GMT
server-processing-duration-in-ticks: 2472
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame AF8F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=trem.media&sn=ChromeSyncframe&so=0&topUrl=dailystar.trem.media&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Sv4v5nxRclJjUDhmellpMG8vL0tLbDY2dUNSci9PVXJZUVl1OFQ2VTZhVE04QUgyRUNZaDBJeW9TMzhmQ3k0MndiUUlJRytRbUwxU3M3TGMxSnduOWs4ZlB0cVlPSXdURURzSTVjTkRPQktSMjFvRlVYenNoMUxVNTR3YT...

446 B
638 B

69ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Sv4v5nxRclJjUDhmellpMG8vL0tLbDY2dUNSci9PVXJZUVl1OFQ2VTZhVE04QUgyRUNZaDBJeW9TMzhmQ3k0MndiUUlJRytRbUwxU3M3TGMxSnduOWs4ZlB0cVlPSXdURURzSTVjTkRPQktSMjFvRlVYenNoMUxVNTR3YTI3RHdYODZDbEFtYVkzMHY0SEhRMTF3ZXFaakg0RjNpVy9FbFhrK3FzRkhZS1B6M3d3ZGJ1RnZ2bzFxaUgwcWszVy81SFZwZGlub0pvV2RoNlNrdExvZ2Z1emw3dngzTjl1NUJEZG4yRXNsL1djU0FCTWFaZWlFZHNGbHlDdTI3cmdlMHR2eklzNTJ0b21hbGVZWWJCdFZuY0hxZ0R5dz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0daf0d545609c28c386def78e4b2acb8c9d994c37e9b0f919f719fc85aceb74e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:03:00 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5214
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:03:00 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Sv4v5nxRclJjUDhmellpMG8vL0tLbDY2dUNSci9PVXJZUVl1OFQ2VTZhVE04QUgyRUNZaDBJeW9TMzhmQ3k0MndiUUlJRytRbUwxU3M3TGMxSnduOWs4ZlB0cVlPSXdURURzSTVjTkRPQktSMjFvRlVYenNoMUxVNTR3YTI3RHdYODZDbEFtYVkzMHY0SEhRMTF3ZXFaakg0RjNpVy9FbFhrK3FzRkhZS1B6M3d3ZGJ1RnZ2bzFxaUgwcWszVy81SFZwZGlub0pvV2RoNlNrdExvZ2Z1emw3dngzTjl1NUJEZG4yRXNsL1djU0FCTWFaZWlFZHNGbHlDdTI3cmdlMHR2eklzNTJ0b21hbGVZWWJCdFZuY0hxZ0R5dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1689
content-length: 541
expires: 0

POST
H2 204 batch Show response
felix.data.tm-awx.com/ 0
57 B 33ms
31ms XHR
text/plain 63.32.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/batch
Requested by: Host: felix.data.tm-awx.com
URL: https://felix.data.tm-awx.com/felix.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.97.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-97-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dailystar.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 23 Jun 2022 16:03:01 GMT

OPTIONS
H2 204 batch
felix.data.tm-awx.com/ Frame 0
0 30ms
30ms Preflight 63.32.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/batch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.97.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-97-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://dailystar.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Thu, 23 Jun 2022 16:03:01 GMT

GET
H/1.1 200
OK ping
ping.chartbeat.net/ 43 B
294 B 97ms
97ms Image
image/gif 3.219.107.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ping.chartbeat.net/ping?h=dailystar.trem.media&p=%2F&u=BMBw4zD5lJbBD8cf76&d=dailystar.trem.media&g=33715&g0=home&g1=No%20Author&n=1&f=00001&c=0.02&x=0&m=0&y=20792&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&b=3960&t=C5Szf5q7qGsB1WsVzDb-_k7NfdCp&V=134&tz=0&_acct=anon&sn=2&sv=BYB3o0BimvpRBrfAm_DZ9msThGJgQ&sd=1&im=043b2ff3&_
Protocol: HTTP/1.1
Server: 3.219.107.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-107-219.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 16:03:01 GMT
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 pull.js Show response
s2-prod.dailystar.co.uk/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/ 3 KB
2 KB 6ms
6ms Script
application/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/pull.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da419ff498c7bf7e67fa787df3c8d4d41eb6eb3eb08d1425367f97658fc779db

Request headers

Referer: http://dailystar.trem.media/
Origin: http://dailystar.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 04:07:35 GMT
content-encoding: gzip
last-modified: Thu, 06 Jan 2022 09:58:28 GMT
server: AmazonS3
age: 42930
etag: W/"d31ca542a1dd6489e4677b90a30d1585"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: jLVhsema1HTCRgWNtmL2u2RrSya99F7O14_KXhpbbfLJRw2o5V5gLw==
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)

GET
H2 200 style.css
s2-prod.dailystar.co.uk/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/ 2 KB
1 KB 6ms
6ms Stylesheet
text/css 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/style.css
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/18a22362c0f4744c0bbbf2743e56a0b97a29779b2a95e25d0473ce31d4f6c082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 814c152f43a797e7b4de80f579f6e95a89f9ac32d4ad3eb0eb84a1293833dbe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 01:03:37 GMT
content-encoding: gzip
last-modified: Thu, 06 Jan 2022 09:58:28 GMT
server: AmazonS3
age: 54050
etag: W/"ab102a71f8eb762173c7d1b902847b31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: b-2m6MfotMhiY43i54eaecq4p62sankI8WalLMddiD1stXNsNtKQgA==
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)

GET
H/1.1 404
Not Found data.js
dailystar.trem.media/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/ 548 B
739 B 42ms
42ms Other
text/html 193.233.202.181
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://dailystar.trem.media/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/data.js
Protocol: HTTP/1.1
Server: 193.233.202.181 Ashburn, United States, ASN200019 (ALEXHOST, MD),
Reverse DNS: trem.media
Software: tino-panel /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dailystar.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:03:03 GMT
Server: tino-panel
Connection: keep-alive
Content-Length: 548
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 SignikaNegative-Bold.woff2
s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/ 12 KB
12 KB 32ms
32ms Font
binary/octet-stream 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/SignikaNegative-Bold.woff2
Requested by: Host: s2-prod.dailystar.co.uk
URL: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 460b42d997671850a0ae86ce54e3a3aa6b0957ea3e76f8706d2c9fce2b8a894e

Request headers

Referer: https://s2-prod.dailystar.co.uk/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/style.css
Origin: http://dailystar.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 20:34:38 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 08:58:53 GMT
server: AmazonS3
age: 70106
etag: "0878f337da5ac933819c3eaf691db0a5"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 12272
x-amz-cf-id: iLll1q_NuWORAHNgub-9CzF5ZFOsZoCm3pWG9IY9NdyQFoNttklg8A==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187594&gdpr=1

Domain: felix.data.tm-awx.com
URL: https://felix.data.tm-awx.com/batch

Domain: mydmp.exelator.com
URL: https://mydmp.exelator.com/on-site-tag-load/?p=1042&g=3&j=d

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=72

Verdicts & Comments Add Verdict or Comment

238 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
upgulpinon.com/42	1970-01-20 12:45:36	Name: scm Value: 1
upgulpinon.com/42	1970-01-20 12:45:36	Name: OAID Value: 7a77304ace894fafb7df51d1fc1d7634
upgulpinon.com/42	1970-01-20 12:45:36	Name: oaidts Value: 1656000178
dailystar.trem.media/	1969-12-31 23:59:59	Name: GS_RESTRICT Value: 0
.cdn-server.top/	1970-01-20 04:43:48	Name: yxpi Value: d41d8cd98f00b204e9800998ecf8427e
.trem.media/	1970-01-20 04:01:26	Name: _gid Value: GA1.2.941460338.1656000179
.trem.media/	1970-01-20 04:00:00	Name: _gat Value: 1
.stmg-prod.mirror.co.uk/	1970-01-20 21:31:12	Name: _ga Value: GA1.4.1439911363.1656000179
.trem.media/	1970-01-20 06:09:36	Name: _gcl_au Value: 1.1.274184749.1656000180
my.rtmark.net/	1970-01-20 12:45:36	Name: ID Value: ec46b74c15dd46b1afa76bf564512420
.trem.media/	1970-01-20 04:00:00	Name: _gat_UA-110513849-54 Value: 1
dailystar.trem.media/	1970-01-20 04:01:26	Name: _lr_geo_location Value: DE
uk-script.dotmetrics.net/	1970-01-20 04:10:04	Name: AWSALBCORS Value: dTWyJ/QUG3xBs++j9UdpbUdPXglXfozecY0P1VKCzLGKEENH82D/OjWzX0wgxA5r6HiENGxJVfhFH8nVQQkaoqPifdn5EwLNYs35XA6GMjY5Aa2/VTtdvgBnicu9
.dotmetrics.net/	1970-01-20 12:45:36	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 12:45:36	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=cfdfbe0c-d20b-4e66-8bce-b418badad30f&Created=06/23/2022 16:02:59&UserMode=0&guid=21ce45a4-312a-4d25-86be-43641d705099&ver=1
upgulpinon.com/	1970-01-20 12:45:36	Name: scm Value: 1
upgulpinon.com/	1970-01-20 12:45:36	Name: OAID Value: ec46b74c15dd46b1afa76bf564512420
upgulpinon.com/	1970-01-20 12:45:36	Name: oaidts Value: 1656000179
.trem.media/	1970-01-20 21:31:12	Name: _ga_B287MYQDTC Value: GS1.1.1656000179.1.0.1656000179.0
.trem.media/	1970-01-20 21:31:12	Name: _ga Value: GA1.1.1439911363.1656000179
.trem.media/	1970-01-20 13:28:48	Name: _cb Value: BMBw4zD5lJbBD8cf76
.trem.media/	1970-01-20 13:28:48	Name: _chartbeat2 Value: .1656000179984.1656000179984.1.BYB3o0BimvpRBrfAm_DZ9msThGJgQ.1
.trem.media/	1970-01-20 04:00:01	Name: _cb_svref Value: null
.proper.io/	1970-01-20 04:00:01	Name: __cf_bm Value: hpNAns7Ov7BwEzKV.GgB1IPPPSBZ480Vt7iSqwPGD4g-1656000180-0-AZ8jzeuR8jK06AePrDXBBmH3xsnO63JEGTEoJ1FyPfvus9iIM0s0l1Ql+ZCGaGVbqiaHz/Njo9OVIpAxfFF7dHqv+uKZBUISq4rJ1Tvv02SW
upgulpinon.com/	1970-01-20 12:45:36	Name: oaidvc Value: 1
upgulpinon.com/	1970-01-20 04:00:03	Name: CNT Value: 1_v1_B9RRAAEAAADeSgAA
dailystar.trem.media/	1970-01-20 04:00:01	Name: _vfb Value: dailystar%2Etrem%2Emedia..1.10.1656000180....
dailystar.trem.media/	1970-01-20 12:45:36	Name: _vfa Value: dailystar%2Etrem%2Emedia..0906d7ab-75b3-4c5c-8f5e-b27d76e3447b.1656000180.1656000180.1656000180.1
dailystar.trem.media/	1970-01-20 04:00:00	Name: _vfz Value: dailystar%2Etrem%2Emedia..1656000180.1.medium=direct\|source=\|sharer_uuid=\|terms=
.viafoura.co/	1970-01-20 12:45:36	Name: vfDeviceId Value: 0ed08c6d-dccb-4334-b47f-3028aa6c00e9
dailystar.trem.media/	1970-01-20 04:00:03	Name: _lr_retry_request Value: true
dailystar.trem.media/	1970-01-20 04:43:12	Name: _lr_env_src_ats Value: false
.dailystar.trem.media/	1970-01-20 04:00:01	Name: properSessionData Value: eyJ1dWlkIjoiYzIyZGJlZWEtOTY3NC00OTRlLTgzMmItMDY1OTUzZjk4NDExIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6e30sImF1Y3Rpb25fY291bnQiOjAsImxhc3RfdGhyZXNob2xkIjowfQ==
.criteo.com/	1970-01-20 13:21:36	Name: uid Value: f629f300-5c1d-4b6a-8c16-0a8ce2cd9c05
.trem.media/	1970-01-20 13:21:36	Name: cto_bundle Value: 2IgKtl9YbmlOVEJaQ21aYiUyRmxwJTJCbHVTaUdIRU15JTJGT2J1SVd2JTJGZmRHMEJMZmpNd2o3TDN6WG1mTG5NNlBkJTJGZ0d4NzV5RG0lMkJzekZ3OG5zQVMzczR5T0pDTmQ3RUxWVU5VSTE2eG1pMjJpQyUyQjVzUGtMREdwb21qbEQ2YjVLdW1PQTZ4cW9Mc3VrTDM5QVQ1UDZPbUVTV0FVdCUyQnJ3JTNEJTNE

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://dailystar.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/transparent.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://dailystar.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/transparent-wide.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://dailystar.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/transparent.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://dailystar.trem.media/ Message: Access to XMLHttpRequest at 'http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187594&gdpr=1' from origin 'http://dailystar.trem.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187594&gdpr=1 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://signal-segments.s-onetag.com/desktop/dailystar.trem.media Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.viafoura.co/v2/dailystar.trem.media/bootstrap/v2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signal-segments.s-onetag.com/desktop/dailystar.trem.media/%2F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://accounts.google.com/gsi/status?client_id=187665714343-2h7ck06gs6b6d5kd87dm1ofr74njsu7i.apps.googleusercontent.com&as=ONGFkz0mEob8%2Bn4S7imBnQ Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: http://dailystar.trem.media/ Message: Access to XMLHttpRequest at 'https://felix.data.tm-awx.com/batch' from origin 'http://dailystar.trem.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://felix.data.tm-awx.com/batch Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://dailystar.trem.media/ Message: Access to XMLHttpRequest at 'https://mydmp.exelator.com/on-site-tag-load/?p=1042&g=3&j=d' from origin 'http://dailystar.trem.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://mydmp.exelator.com/on-site-tag-load/?p=1042&g=3&j=d Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://dailystar.trem.media/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=72' from origin 'http://dailystar.trem.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=72 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://dailystar.trem.media/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/data.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://.cdn.ampproject.org/ https://bing-amp.com/ https://.tm-aws.com/ https://*.tm-awx.com/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abcheck.proper.io
accounts.google.com
api.rlcdn.com
api.viafoura.co
ats-wrapper.privacymanager.io
bids.proper.io
c.amazon-adsystem.com
cdn-server.top
cdn.adsafeprotected.com
cdn.exelator.com
cdn.taboola.com
cdn.viafoura.net
clients1.google.com
config.lrcontent.com
cse.google.com
dailystar.trem.media
edge.quantserve.com
felix.data.tm-awx.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
get.s-onetag.com
global.proper.io
googleads.g.doubleclick.net
gum.criteo.com
i.viafoura.co
i2-prod.dailystar.co.uk
i2-prod.mirror.co.uk
id5-sync.com
interstitial-08.com
js-sec.indexww.com
littlecdn.com
livecomments.viafoura.co
mab.chartbeat.com
macro.adnami.io
match.adsrvr.org
mug.criteo.com
my.rtmark.net
mydmp.exelator.com
notifications.viafoura.co
onetag-geo.s-onetag.com
onsite-tag-logs.apps.nielsen.com
p1.w-q-f-a.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
quantcast.mgr.consensu.org
reach-id.orbit.tm-awx.com
region1.google-analytics.com
rules.quantcount.com
s2-prod.dailystar.co.uk
sb.scorecardresearch.com
script.4dex.io
scripts.webcontentassessor.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
static.chartbeat.com
static.criteo.net
static.hotjar.com
stmg-prod.mirror.co.uk
uk-script.dotmetrics.net
unphionetor.com
upgulpinon.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.reachgeneric.co.uk
api.rlcdn.com
felix.data.tm-awx.com
match.adsrvr.org
mydmp.exelator.com
100.20.195.132
139.45.195.8
139.45.197.151
139.45.197.236
139.45.197.242
141.95.98.65
142.250.185.194
143.204.215.18
143.204.215.62
143.204.215.76
151.101.65.44
151.101.66.217
178.250.2.146
185.66.200.222
193.233.202.181
2001:4860:4802:32::36
216.104.36.155
23.35.236.247
2600:1f18:44f0:4864:da45:4818:d48e:3ab0
2600:9000:2057:2400:8:2ae1:d740:93a1
2600:9000:2057:6400:18:1fcd:351:7bc1
2600:9000:206f:4200:9:46dc:4700:93a1
2600:9000:206f:c200:6:44e3:f8c0:93a1
2606:4700:10::ac43:835
2606:4700:10::ac43:a62
2606:4700:20::ac43:4bf1
2606:4700::6811:4f22
2606:4700::6812:5ba
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:801::2004
2a00:1450:4001:803::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::200d
2a00:1450:4001:828::2002
2a00:1450:4001:82f::200e
2a00:1450:400e:80f::200a
2a02:2638:1::13
2a02:2638::3
2a04:4e42:200::714
3.219.107.219
34.192.95.221
34.198.78.204
34.251.139.125
52.31.146.195
52.72.67.212
63.32.97.26
65.9.66.108
65.9.66.112
65.9.66.18
65.9.66.34
65.9.66.58
65.9.66.74
65.9.66.80
65.9.66.98
65.9.71.118
99.86.4.117
99.86.4.3
99.86.4.41
99.86.4.5
99.86.4.92
004f5032634a668de76e588c87a95720ef2fa7c3964dcbe80206c490925e497d
015b9fa00cb4cc03645a3f4979e679552c0d74e4d4ff69a01b4e49b7e39b616d
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
02adae7c235657dfdeb5520b509422650b5ef633dfb340ba65951ce2f3511e9b
044f8d29fd7244c78aa8bd774859862e552d441e403ce76b037e6e7ceb4c9e12
04d9cdb60bac5bf32e6b7f24454d57bf69b1eb22b0f9a0bbd8020352123c6fb6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019
0b4b7e1955ce9699c60ef4f702b7eb87655cffd3fa872cda7c42a8c547aaf366
0bb80d4910ae056cd072f47c590278151b9436441de1ee0d8182df170d8cafc8
0c9167acffc1227365284e60c353db4c6218e353ebc65dab2b60f100dfc71b06
0daf0d545609c28c386def78e4b2acb8c9d994c37e9b0f919f719fc85aceb74e
0e396c44938ac792546ac6681c44921a2f64c28e51fe363ddfa43ade287152c4
0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a
0feeb8209a515ab363034713abc6f13983e9d4c03738defc680aaf1433fd01bf
109a908f84c6d056deabc0fa5ab190c4a76be2ba5d5dfc9562fba38ee35180e0
1435892f80f5dbef825cd7503205f825dd522342ebe34164b6a57d95b40a6e91
15a2bc9af09b75ce70d1f15a7c64324237a37ff97bbedc8d58b2d85e09c9ac52
15d1ba84ceffc0c2d46006156e945cb8045c19262d617971bda5b1de0d6a0903
1bdd95e393ea9592f2e2253ac44bfad1ba0d8bed8a6ce62b731967975e6ef334
1be5c3b3315568f9c4def1c7680ec779ee12ddf9cfb18c15c0f8f5fe314ba5e0
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1f4b9d79a040fd09cf3b3c10cf3a19729cbeceb665b4b838f71619c753c1b26a
2207fcd49173cc015e51613f5e57b0adac1621a5b0aaa026b297da18be7ef1a4
251d46e021e4c60496293fe188fbec785cbb2af89abfd695966c74d94157a8c3
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
318afadc3469d03fa560f1d26fce699bc5f824f137b490f646868ec56b997fe5
32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
348d4c604efa99a4799d05216dfc9137821590aec4534a730c6d281680dab452
351961b87d26da1c6157d365a3b1f73dd5431b282b9a8566678981af988c1d59
38d0814476339f4cac58c66327a1998447494fd73701ebce153e5e5c8873d679
3a0f281d3fa7cabecedf233dd179db5d99a78614ef165f64204a2b115701b55b
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3cffc7c33ee5bd9bf126ab3b9fd0256b2805d6bb679c1e04df4f65d1a31e1586
3dc307462e4228f050ff6258ad9d6bda21449461724c11d87af36a21573f1aef
3ecb41291b7df5f937e5bef51145c588781d886784568b7774b9be35f6ff261c
460b42d997671850a0ae86ce54e3a3aa6b0957ea3e76f8706d2c9fce2b8a894e
474206bc3afbd887970bf29b9c35a637fa1875fe2dd6e55c1a67c2791bcad01c
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
4a1c8ab4ca415a5d80cdb0cba251da480b3f8020d125009cb7f06acfa272d640
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
53db6cd1251b062283e247a8b440462e01232a214a93ce981da3e50203956c66
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
55da1915062ffd387f2ad684155fe1f05d06bbe8ed8a59a074a73bb7837b6616
56c7b1df846f7f3c387d9d7eddc21e2cfbb9c0111d95a838e644ddddd32d0f22
581d3a625e9af7f423072c97ed940e38a08da586275ca088455775f62b63e021
592348d2c78612521554e30c97f8829e9b8509948f9967ebe0753cdc640fd1d1
5ca71b1bc796bcfb39ca0577c61934079447add2e82e52fc506de2a8d85e8b44
5ec0f7ad86e6a384b60c59819dafa21fb1f6fff307e783a650d417d0cc9717e2
618105bb69330a9559d3a25428b96da5714a89f9a012996e3c69ae9974e9bb15
645c281079bca7cbd33f35fddb5f5d8d98420817cc02822983061a10c3a20600
647f147f524b70167e3673a009837c51be56f1bd6014a2de142660c24801fd9f
6662811ee02cbc81b948b00e6b059179542b85e0339c2f12adbdec359da94b79
67218cedf3fe2e9c5f13da640d16d5326b6b338665306e3282c77b27d9300f90
689fdabbf7cb0792ac119b0ac7abb8f7e4a9350ff08d631eea985d52b96c9c11
6b68f5155320d6a1028f864aed431881b37fc526e6786d00bfda51bd70586664
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eada00d73c67f0ff483b7b1fa4625793e7da0442a37e0e2b96df77f9b4413ac
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
7513a1f725012c714cc6212cd9b4f8eed8e67cee8e5cd722ae1d5c8c2c628cb2
77d0b73e037a5f35f00ea8a670e9fa470b81b382216efdf1cf3f5020d84600b2
78d8aa00a4effdea0749f3b5a48a3e5967e73c4ce6454d2abd09bc8e3823abbc
7b2c0922b2f10da0c50814ef64bac4c5529cdf8b485562fa8d5a0f4a4bcbe89c
7e140d8a05464766143212b1494858bb7f892fed4f7d6c62176436edf8ab789d
7e8794049f56d1019b1fb3625a0a02d1350902c1e1e353bdb79d75ced3114c7e
814c152f43a797e7b4de80f579f6e95a89f9ac32d4ad3eb0eb84a1293833dbe5
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
8762eea9e92be52825376151e2b1e6e144172f0d98d0eb62498886cbfe635f04
879b0f220cd896e8c1faeb6706c88b74926410943384406132aa2788bae0a578
879faf9ce07be8f80ace620c4cc7642505a28ed35137cbd0e35cc22065f221e5
87e5314ff5f855d6c7e2d0d8d7207633a3b7b8555a417ba4d267ffbf7a80f929
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
8a33ef9c853607ed85c0aa618ccd964f19a97352f4684c7c3bb3e2c81565bea8
8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52
8c22e5178495a9e76d2a1fbaff6b2a43cca64cc2947d1bb47f2bd282ec73093b
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8db9e95c255ccdfb1bef85cb26da263bfeb9ba1eb70d835ec74a363ef27df708
8ee51a87f0dd401e0eafcf8f1aab23e4047c242083aab966cba22a31325b8d67
8f647f7e843aa228b7900e0a52d6fd1d2e4a2ca9eb8ff12228a7bb867c6a1421
93c5809a50d386dad38d1f9eccdc910485c337a93ed931fae7d4da8ccaddd1bf
950741fc258dd3fd7633ab26cfd76a18ddddc5e83f0591c3f57991cd32275156
957488292f6d47df455a24d4f4cf0eb2b06698fe1eb7384dbf3ebaf54423cead
9c2b7f1a52d4c817ac27718a7f9d8949bdaac5ef1ffcc690ebfa0ad27f101cc9
9ea84a19bfbab3823dc72882b2351312651422245bfc13630a55c500193ac022
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a15197a1cbd23883086fe64e28c5369335c5266f4a044cbc4af4f76c647e03ec
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c9a21ede44774a26110c312c2c5398e074132f6e243011c15b4bfd660702ab
a4fe930bedb0e3d98f2503da5eab788268c8d643caa9bee196e2bbfbc22f3cb3
a993fb966f108b2fd812f7ed27d9984f4ba2bf94b5f0375d8caa830c2ec751ba
aaff62dc57b4cc3c82a9ebfcf6627c13b789e15a06aa31b487e2deaec6cad09a
ab992bf6b5fcae6932e2cc00a43c3dd359e35def6594319c2ea036b14844fcd7
ab99f5f97dd8638d873236490e1e62b4a5a4348eccbcf805a1003766b637068e
adc827aacbe4194e6313eaac434ecb6c643fa6d8cedc3c25a48af11388974b65
ae14da10bf8fb8a4ec2821435c4e3187deb551321fed1744bc9274b37af92685
b2dc92dc684ce77a25f03cde358bab90f0d7909a46340b85b412a2e80c8ecb62
b4a1f1546748a61f0d710d015b5d547fb08e3b18ddbafe9ee36acbf6447c5464
b4c755132c3059a31345d54017a39e8f503d95bf4cb55a5a3b2eea3ee117b52f
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b5c4b278ca30fa881cef4ecb3538c00e855fe7983706f2e04347368a541f7dd3
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b75b3b21ae775a45091f0e3bf542ad86aa9b243dc2d6548d85090c79a1ccf68b
bd8054ca19f986ccd51f0e5d4498239e466f2f3bc6a086fc0dd147667214179e
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
bfcf2ba331c9a489e9e9f479caa98139d5e70e605f54c46493253f116ac71655
c06bf0f9677b7c1b7de07fd7c247b574afd994a67c75976277d1a5a01eb2ffa6
c1f1de1e298fabb8508ff99f14528f79af6ebd09c501d921251533e5835dba8d
c49b2ee84a59ab689422742a1f0c338029d99fc386a01c8328b399636efa0a0d
c5295a2a5eae1ba3e72e80669387cd3020e4f2c27a7e498c9bc7f3fc9998b3eb
c7531c434a25ade419ad9ae7ba7b16224f1ef6dddeb66f60f5df8a7f9bc800a0
c79d183a3ab8457485feeed21d3d21499fe491c2cb2b04e155574d27b1d4fef5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf80e14911412fe32030d032d116636d21c0d249c64e6e57c87568c3cb465f69
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
d28a575c57591aa6256f31f4982e8f37132bef8525060bae2b2bfee3df42ba95
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d654f4437df946fd29232af21c258842e88e5c9abf40e2637640c6f7dd8cd485
da419ff498c7bf7e67fa787df3c8d4d41eb6eb3eb08d1425367f97658fc779db
dc23df356f0f56eb7d1b86f71e852b1a69133868e0a324f1908dc04b5888bac8
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3db77aae878d34bd1d735e2b61bbca80f52ca7f2f4b13cd0e0d716e0350ea2
dff7ef2e5bd2799cddbee2881e527464815d0601af4d8fb6f99e7be634463dcb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e419d0e7334b7fc463cc6b953462e574fc3e4b19412d4cde78578e32e1358933
e42c957df60f32f8eec6ed242a6ec03b463b4747fe1271d0c2e6ae44267e1d86
e58e8a7be7dad76e3d1da9b723405a06ed0e6c3956d494397b97a92398540a6f
e63675561ebcebc22c6d91aa8acad00da6d6d010856159f7aac5a39c52f2c911
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed2afa2565753583faf967bdcd69182e999f75200e8af54dbd1630dcb173fe9b
f26b43d77b38124d08f7cbb0088c1ceb0310f73ced275ffd0a435d28c0b8e370
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08
fce1c1379b8639497005980d599d8312f6194dd427b296a83d346de5b488750b

dailystar.trem.media Open in urlscan Pro 193.233.202.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

177 Requests

85 %HTTPS

39 %IPv6

47 Domains

68 Subdomains

63 IPs

6 Countries

3509 kBTransfer

10867 kBSize

35 Cookies

34 Outgoing links

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dailystar.trem.media Open in urlscan Pro
193.233.202.181 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

85 %
HTTPS

39 %
IPv6

47
Domains

68
Subdomains

63
IPs

6
Countries

3509 kB
Transfer

10867 kB
Size

35
Cookies

177 HTTP transactions
2 data transactions