www.news-star.com Open in urlscan Pro
66.148.122.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news-star.com/
Effective URL:
https://www.news-star.com/
Submission Tags: analytics-framework
Submission: On April 19 via api (April 19th 2023, 11:33:14 pm UTC) from US — Scanned from DE

Summary HTTP 204 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 34 domains to perform 204 HTTP transactions. The main IP is 66.148.122.12, located in Seattle, United States and belongs to HOPONE-GLOBAL, US. The main domain is www.news-star.com.
TLS certificate: Issued by R3 on March 29th 2023. Valid for: 3 months.

This is the only time www.news-star.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	66.148.122.12 66.148.122.12	14361 (HOPONE-GL...) (HOPONE-GLOBAL)
3	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	207.228.225.157 207.228.225.157	14361 (HOPONE-GL...) (HOPONE-GLOBAL)
19	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	104.17.189.220 104.17.189.220	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2014	15169 (GOOGLE) (GOOGLE)
11	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
14	20.40.202.28 20.40.202.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	130.211.10.17 130.211.10.17	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2.19.228.187 2.19.228.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
8	52.51.99.213 52.51.99.213	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2014	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20e... 2600:9000:20eb:4e00:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	20.150.38.36 20.150.38.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	54.72.3.113 54.72.3.113	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
17	2600:9000:225... 2600:9000:2251:1800:1a:5235:f980:93a1	() ()
2	2606:4700:440... 2606:4700:4400::ac40:99f6	() ()
2	13.224.192.181 13.224.192.181	() ()
2	2600:9000:236... 2600:9000:236e:3e00:1:6448:6d00:93a1	() ()
1	34.120.58.62 34.120.58.62	() ()
1	185.64.189.112 185.64.189.112	() ()
1	216.52.2.16 216.52.2.16	() ()
1	34.98.64.218 34.98.64.218	() ()
204	42

41 66.148.122.12 (Seattle, United States) 1 redirects

ASN14361 (HOPONE-GLOBAL, US)
PTR: sagemt.com

news-star.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.news-star.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web1.etypeservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.228.225.157 (Ashburn, United States)

ASN14361 (HOPONE-GLOBAL, US)

analytics.cherryroad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.189.220 (None, )

ASN13335 (CLOUDFLARENET, US)

www.legacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

japfg-trending-content.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 20.40.202.28 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

publisher.etype.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

717e97e007385bbc99c6c3935e9d7760.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.10.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.10.211.130.bc.googleusercontent.com

www.justapinch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.228.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.51.99.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

japfg-trending-content.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:4e00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 20.150.38.36 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

etypeproductionstorage1.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.3.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-3-113.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:2251:1800:1a:5235:f980:93a1 (None, )

ASN- ()

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:99f6 (None, )

ASN- ()

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.192.181 (None, )

ASN- ()

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:236e:3e00:1:6448:6d00:93a1 (None, )

ASN- ()

video.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.58.62 (None, )

ASN- ()

www.americanhometownmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (None, )

ASN- ()

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.16 (None, )

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (None, )

ASN- ()

justapinch-com-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	news-star.com 1 redirects news-star.com www.news-star.com	1 MB
20	googlesyndication.com 717e97e007385bbc99c6c3935e9d7760.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177 pagead2.googlesyndication.com — Cisco Umbrella Rank: 129	563 KB
19	primis.tech live.primis.tech video.primis.tech	706 KB
19	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 8927 trends.revcontent.com — Cisco Umbrella Rank: 2610 img.revcontent.com — Cisco Umbrella Rank: 13291 cdn.revcontent.com — Cisco Umbrella Rank: 10383 images.revcontent.com — Cisco Umbrella Rank: 10002 yeet.revcontent.com — Cisco Umbrella Rank: 9504	144 KB
19	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269	215 KB
14	windows.net etypeproductionstorage1.blob.core.windows.net — Cisco Umbrella Rank: 543956	2 MB
14	etype.services publisher.etype.services	106 KB
8	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 143	177 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	268 KB
5	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 6152 data.ad-score.com — Cisco Umbrella Rank: 5965	158 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	20 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4642	27 KB
2	amazon-adsystem.com c.amazon-adsystem.com	59 KB
2	confiant-integrations.net cdn.confiant-integrations.net	106 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 442	376 B
2	gstatic.com fonts.gstatic.com	80 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 725 hbopenbid.pubmatic.com	65 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	119 KB
2	appspot.com japfg-trending-content.uc.r.appspot.com — Cisco Umbrella Rank: 152613 japfg-trending-content.appspot.com — Cisco Umbrella Rank: 98117	4 KB
2	cherryroad.com analytics.cherryroad.com	2 KB
1	openx.net justapinch-com-d.openx.net	594 B
1	lijit.com ap.lijit.com	527 B
1	americanhometownmedia.com www.americanhometownmedia.com	103 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 451	392 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2256	319 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 612	627 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1915	252 B
1	justapinch.com www.justapinch.com — Cisco Umbrella Rank: 64023	22 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5261	531 B
1	etypeservices.com web1.etypeservices.com	14 B
1	legacy.com www.legacy.com — Cisco Umbrella Rank: 28137	17 KB
0	rlcdn.com Failed api.rlcdn.com Failed
204	34

	Domain	Requested by
39	www.news-star.com	www.news-star.com
19	securepubads.g.doubleclick.net	www.news-star.com securepubads.g.doubleclick.net www.googletagservices.com
17	live.primis.tech	www.news-star.com live.primis.tech
14	etypeproductionstorage1.blob.core.windows.net	publisher.etype.services
14	publisher.etype.services	www.news-star.com publisher.etype.services
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	lh3.googleusercontent.com	www.news-star.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.googletagservices.com	securepubads.g.doubleclick.net www.news-star.com
5	assets.revcontent.com	www.news-star.com assets.revcontent.com
4	yeet.revcontent.com	assets.revcontent.com
4	images.revcontent.com
4	trends.revcontent.com	assets.revcontent.com
3	js.ad-score.com	assets.revcontent.com js.ad-score.com
3	fonts.googleapis.com	client www.legacy.com live.primis.tech
3	static.addtoany.com	www.news-star.com static.addtoany.com
2	video.primis.tech
2	c.amazon-adsystem.com	live.primis.tech c.amazon-adsystem.com
2	cdn.confiant-integrations.net	www.googletagmanager.com cdn.confiant-integrations.net
2	gum.criteo.com	ads.pubmatic.com
2	data.ad-score.com	js.ad-score.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.googletagmanager.com	www.news-star.com www.google-analytics.com
2	www.google-analytics.com	www.news-star.com www.google-analytics.com
2	analytics.cherryroad.com	www.news-star.com analytics.cherryroad.com
1	justapinch-com-d.openx.net	www.americanhometownmedia.com
1	ap.lijit.com	www.americanhometownmedia.com
1	hbopenbid.pubmatic.com	live.primis.tech
1	www.americanhometownmedia.com	www.news-star.com
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	lexicon.33across.com	ads.pubmatic.com
1	cdn.revcontent.com
1	img.revcontent.com
1	japfg-trending-content.appspot.com	www.news-star.com
1	ads.pubmatic.com	assets.revcontent.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.justapinch.com	www.news-star.com
1	717e97e007385bbc99c6c3935e9d7760.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	web1.etypeservices.com	www.news-star.com
1	japfg-trending-content.uc.r.appspot.com	www.news-star.com
1	www.legacy.com	www.news-star.com www.legacy.com
1	news-star.com	1 redirects
0	api.rlcdn.com Failed	ads.pubmatic.com
204	48

This site contains links to these domains. Also see Links.

Domain
www.legacy.com
publisher.etype.services
zrecruit.cherryroad-media.com
mainst.cherryroad.com
japfg-trending-content.appspot.com
smeagol.revcontent.com
help.revcontent.com
www.revcontent.com
cherryroad-media.com
www.cherryroad.com

Subject Issuer	Validity	Valid
news-star.com R3	`2023-03-29` - `2023-06-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.cherryroad.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-10` - `2023-11-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
assets.revcontent.com R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
publisher.etype.services GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-13` - `2023-07-13`	6 months	crt.sh
web1.etypeservices.com R3	`2023-04-09` - `2023-07-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
justapinch.com Go Daddy Secure Certificate Authority - G2	`2023-04-18` - `2024-05-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
revcontent.com Amazon RSA 2048 M01	`2023-02-14` - `2023-07-16`	5 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2022-09-02` - `2023-10-04`	a year	crt.sh
img.revcontent.com R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
cdn.revcontent.com R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
images.revcontent.com R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 06	`2023-02-18` - `2024-02-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-04-13` - `2023-07-12`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.primis.tech Amazon RSA 2048 M01	`2022-10-24` - `2023-11-22`	a year	crt.sh
*.confiant-integrations.net GTS CA 1P5	`2023-03-27` - `2023-06-25`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
www.americanhometownmedia.com Go Daddy Secure Certificate Authority - G2	`2022-05-12` - `2023-06-13`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.news-star.com/
Frame ID: A073FCF5C568DAC9BE06A6F9A6DF85B7
Requests: 120 HTTP requests in this frame

Frame: https://publisher.etype.services/special-editons/17ECA56BF57B7243
Frame ID: 2992C84A06DDD8104CE808454B6E819A
Requests: 28 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: BC1269A681C233FBAFCFEAE09A411418
Requests: 1 HTTP requests in this frame

Frame: https://717e97e007385bbc99c6c3935e9d7760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 984894A3C6AEB986B6FBF90EEF7F1512
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdny-vg4NLFljFV-1PCb_G_Uxw3JPMpraJGFy3wk6oPueLP68dY6G5K5rn7dfrh165I67ukyTQru6ItZtJz8xczsiiqeWIl_I1Usun69z6piowlDbUtE8mioiCMuT1FJ_x9W3YELv_0VgAFqrhaNV_pISOIIYj4ds6tYOqkAUFAVT6PwJjn4_JQq9s1mq3ic8j7_KHUvzd8tVOL8IRojfn7vOfQMgTOO5XRPgkn9vuqb_p4xXiyjBhRH1_P7fcCW4Y8Rg_lv2ixKS_EGVgM5343AOE5KtlnyovsuEfY41chZncOB18V7L_oAMILSPGIX-GLLElIWWrEjeG8g&sai=AMfl-YS8YUyhR1B6KB272zmKh63f8Qabl1YhQhLwjgga0tlz72uxD1toVYmbFuhqoKQg0V-MGd7_oeKZfr8JWXOGIiNSfOaKcsP5oXpdii4pEzeRIB2DlOuxg4E2BUMTOIjrZW8zW8SkLhRQk02b5nKn&sig=Cg0ArKJSzJrKRdnO4RsZEAE&uach_m=[UACH]&adurl=
Frame ID: BF0CBD25C0C9285ABCD3076FFBCDEDE3
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszIxEllOa7dYb6PjLl1UGYI2u9akKnMQcO1cT69uN3PB7g0xjJ9OtlxUWIHrvEazmiMJQgQQ2hT1G3URD39DcMehuL8Nn3ewNOkjoIN-vTnJCQ7Scqa9s_LUNTrDZbPhne_K5mPdTAm75qb0gibFWWHuWDrdZ59rbxnORWHa_DM7HkgwA45zNB-buLzDYWvptZlrFdO2GukGH2UOGSXd-oXimHZAnHvNmA2muSYgqW48lXqf3WxrJarw0JpDGRXjOaki4MNXZyGVj8wHW2JY4wnavPANVxKdndzCdoipDIks3x80xlfoq0MRwCPW3ie6CDXTkrGYxpmd0&sai=AMfl-YSzs-vscbMoes1FsmYn9IV3qMRPOKmo1_xTY_pSAWIyCVdhazzNfvRumfuA-ne49Ynncq2nu3vuwq-wuivHOfOiywRDS9FAZHLQNnDPMwUhrEXap4zvbyper6OCyw9c4r1L_tdH5ylgz1SjQ2I&sig=Cg0ArKJSzE7O8sEZET_DEAE&uach_m=[UACH]&adurl=
Frame ID: E66DEB6A097A437884FF962C787C29ED
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCPyXLJvJ0tIKn2amtNhbmNyCDSZcyx7s874xOncob74P2p5bd2Qg5zGA6FqumK26CBGUqRM3_QX0IPzfPGAvAvNQwP_kKUruwcuc5bMncRbEoL8UCPIKVhwp8b-IMTLxPNTqvh3zSeK2d_nLtZPHJJ-RAEizKY3rztXwwWCBJY1sV01POHwUjq82lkrVo2KMskkhj7yJMoBRlH8rG-u2iKC4VMNPAo0uKovsxfkExZ6CmMau1PRROCMW0RZ1e5Zb0GKjBvaD2FX8dJsjkGjsodj7JSMBSzgA2znUY4Fhiv4GGHSNefeY1f-aBg3eL7PXhDRWJVMYnFg&sai=AMfl-YSM8o1U7yVGLlwtQE5d3Oyz_Vgi49IKPz4HSMe6o5G_WY4OFEvOdujtDXTNVjwGzL0Agx2s2uiKbJAX1Sn7C2vd4iZQ58qZqv37YShWf7wrrODqzO6r7xkXVzvmz0Su1K4&sig=Cg0ArKJSzI7kqyCSJfgjEAE&uach_m=[UACH]&adurl=
Frame ID: 37D46118E3FCC7A640D4B7F0AEFFAFF5
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV4eBEvuL_w6BlkZjY6F7OR1XuO6DrqHKRiV8-F8xoKWQrCdUJeE9iZ7iOUrgaBNlRHU5TtI8YZ5h1Aq4c0rSvK484xv-tXXqJt9LXtV_vvBytSSGx6ni5vzAeqeZqr5Zrbx0YKcc6qNyay0zCadGy6lteyAx1a4yygnOUfw302P8G1gLhfFkr_NCBosoWIWPpi42o8eNQpWHaAOUdIkV-6nLezWYRjKzWP5f-7TtRE0ocsM3XlfgdFNo8EEpTlX0Eq6kWxxJD4vWj8caiaWQBkFOU59OeVAJGVAs42gWF15m7IedMHZo-jwSjSDuYOkE2mgXP7yJr-w&sai=AMfl-YTQfn3KOODiJOtZB5z323JUgY77qrvfZdrg819uS8MvlD85YbvMCSiF7DFHqWJ2rneGPgCxPaYZhDwjtXR2ZCB3nLuaCcn-rgrBAzJCA4y-IhtxVsYXBQsQ8cSziUFfFGT7mKbAVKvSikg5kHY&sig=Cg0ArKJSzJbcSewZjUu0EAE&uach_m=[UACH]&adurl=
Frame ID: DEEBDB95324C8AE850673767F5C6E494
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYbrNFBVDpFlf0ag8rtinBPhYvHN3bWbV-Ehqfb27Rr3BmQxS2siJs56ZPaqdT00-NYFs-wNu1qPG_BOBk9Am9za7NymbKZlDCHhlsqkEaPiFSLYM-m7DbF6W8qgzc8ueOX_EWjBxo0xHSavN5U42IGZ3JIqvTSiZmzhA7KInmGiUMLpcqWjyXT7iwR1DCRW9fq5wQfsPmRJ-4udeTya1hnvfr6OJb77KjkknVALXzlB5wdAdmS_GssSVqZeTHSKvLlATsrsCq5y5dAR6WzN0VmCM2arN_xlYI9aQlUvLUgcVcTjlzuLL8JU9GJKbxVPMWeLSeSE0D2ZbhzVv5&sai=AMfl-YTXc7Ivah9263EoSN9iAyc173IIuO7-gvsixQwTnjeId4ZdggztpxnW6NRkF90M8DIChNUDD42xPvYUA1yMn5ihNU8xCDjURm_879Pm7hgQgDbX18RnvtFQ9AB8-hpaVio-ZKvBZy61c1uw4y7F&sig=Cg0ArKJSzJEelrjiTrzcEAE&uach_m=[UACH]&adurl=
Frame ID: F2C1E56EA07D291356ADF88FC3E132A5
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF4F8FF83762F8FB21DD57D57FFD1C79
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 71C2480D172396182A7DE728E6E091A2
Requests: 2 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?v=5b851bf&pid=1000177
Frame ID: 68FC1B0561DE01CD8643AA5ED16AFF5A
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=114535&cbuster=1681947192634&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00084,1&cbuster=1681947192&pubUrlAuto=https%3A%2F%2Fwww.news-star.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: F2C66C7A0B677A69D5B6BD8DD7FB4F06
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shawnee News-Star – Shawnee News-Star

Page URL History Show full URLs

https://news-star.com/ HTTP 301
https://www.news-star.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

204
Requests

99 %
HTTPS

56 %
IPv6

34
Domains

48
Subdomains

42
IPs

5
Countries

6231 kB
Transfer

12189 kB
Size

18
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.legacy.com/us/obituaries/news-star/browse
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/Shawnee-News-Star/Classifieds/V2/Shawnee-News-Star-Classifieds
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://zrecruit.cherryroad-media.com/
Title: Job Board

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/Shawnee-News-Star/Classifieds/V2/Shawnee-News-Star-Legals
Title: Legals

Search URL Search Domain Scan URL

URL: http://mainst.cherryroad.com/
Title: Main St

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10254&p=/recipes/bread/other-bread/the-best-crusty-bread-dutch-oven.html&s=10000&do=www.news-star.com
Title: By Pat D. in Saginaw, MIThe Best Crusty Bread (Dutch Oven)

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10254&p=/recipes/side/potatoes/mayonnaise-roasted-potatoes-2.html&s=10000&do=www.news-star.com
Title: By Susan F. in Oak Ridge, TNMayonnaise-Roasted Potatoes

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10254&p=/recipes/dessert/fruit-dessert/fruit-crisp.html&s=10000&do=www.news-star.com
Title: By Debbie l. in Biddeford, MEFruit Crisp

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10254&p=/recipes/dessert/cake/oatmeal-cake-12.html&s=10000&do=www.news-star.com
Title: By Jolayne C. in Americus, GAOatmeal Cake

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/rLPr_4uZ2VUwikVzLWT-4a1dVCftlZfii7Ojn03NITStMmBrELQ2qk1ESHi3tp1o9vhe237R-F0HtAuQlVb0s6OEKRDl-Q1ouMEJkaCVe7ntxmuU3ba6bnJrLgdNSsnpOp2g2hY4BL9udUTPD-vb3BJEp5dYAwMNCH_wZJlBoudlu191DwX-0CIL_Dfr-CRbx0ycul2R9zSzVfBKio1qz-_k84tzWUglu1g0HaEb-ZVsZFGMlBoDlmNdJELczo8_h9zmF-OTZ47ZuuY2_yp9nrZ89802xn0Y7agP5mG2LYkuldKMZwXykGfCj6iK4_1pq7WzLK4lZZ1pup5mtTI6mLvq7gzXUIROlaXSgPKziMKHG5QOvWWDyCxumQ_vc06LW65atcfopifSKCcZa-mTNsWhC0upEue6plrb5DKu5cGyctkq_hVGBnPYCH8OSLL79dct-khCeHO6bBTLQAuudppTpYvqW4Ld829zFmZbEYi_ohyAtN6pt6CCokNtqiNDkbPA75_bUQAnaWQTF5rmb2rlkm5EeCYUyi-9gsexVBicR0vdCHAU6K1Y9IyNkYWVsWTbUjkwcTXIboBOPnq5r_0WakplpSH_7UIR92CYjVmLy_n5-DkujSJGbH9SKW030E6DnIbbN_EoSYzIb9wGrlcajrpmpETVtUcgczTSrIrFB_PcaGhMgPVcnBToc0jiAaPoFqe_JA?p=GgFDMLT0gaIGOiQ1NTJhYzc2NS02YjIzLTQ3MDItODY0My1mZGJjYWI0MmUwMDJCJGFiYzYyNDg5LThjY2ItNGJmZi1iM2ZlLWUwOTYyMmI3NTY1M0oMd2hpdGUtd2Fsa2VyUIPWCliI7xBiDW5ld3Mtc3Rhci5jb21qB2Rlc2t0b3CKAQMxeDGQAQHYAbKO8AGqAgozNy41OC41Ny4x
Title: Wollen Sie hundert Jahre alt werden? So reinigen Sie Ihre VenenCardioBalance

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/-Ubp0jBkUVGTrYAKI-mWEmvKdWbdJp_oyCfTT2cFS8hcmf7fWj63rJUt9Sw8yD7qAOhWdvA-ilkZtdJbRvEsJKh1GGWkaN6bbox6BHfpJCvuXqLaNlu7Ei6M7QXtLB_48ME2uxj00l02GBlFj2nLFKaYk6hzDGvCbwPNF2JVjO2XQriImR7bB1cUpu6O_qTgRJRBTxnxqXzZD1hxYrqH1t0QJuVrHhbige3H75z3SyZyTbgBTEol6AoX-SJ3fVM2kc48n-QJiUSL4F10L8l49YaSAUjhZWy-BN-Nhh0pwSoyFjduoP5GSTlmUAZYrIaWfZ-_DvJ9y0vNXOX-EIyW6hWBdSWux5t7XhLI5ptrALHDX1gA5ISngd1vQQj_ieWR3dpr8ex4h4lf2ctKEeQDH2VrbPx9yUDcSPY1nqI4V0JgEKrKekJiM1MUpzq2iAkpQj2WycVcF6gusGuGSm5hOHFkBfvwZVrZ4mCt8S-aqk0xSWNSNM7htVDIv0WtAskMteIBrNoBu70?p=GgFDMLT0gaIGOiQ1NTJhYzc2NS02YjIzLTQ3MDItODY0My1mZGJjYWI0MmUwMDJCJGFiYzYyNDg5LThjY2ItNGJmZi1iM2ZlLWUwOTYyMmI3NTY1M0oMd2hpdGUtd2Fsa2VyUIPWCliI7xBiDW5ld3Mtc3Rhci5jb21qB2Rlc2t0b3CKAQMxeDGQAQLYAbKO8AGqAgozNy41OC41Ny4x
Title: 20+ Disastrous Celebrity Plastic Surgery NightmaresSurelyAwesome

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/HMY5s7ZSJf2FFuHoE2DyyPIKOJqfnY7coNjIfSpCrzQZzbfUu3BI5JFI91MhMDgfEVJekOiR1h4M1vJKnXX5u5S_lATe8qcHTtapV6BXZ5Ek-kwNw5lAe76N_kjFAiSaB3KQcHd7xcdPRgjMBgHD8j_t5Erhn3600adqEi6yvOvzkbRkINI-n3xk9gO5IfRtSzsnUHobVFgWNnP9_4YXL7VXciKmcquFrOORdz85zCmd-rMsK_b3uuPrWKmJFsJpwPZhNRP78hzXSEhMQr0Tl7zsDPHm0PCaxKTpGM3YcfqsTce_rmGLjtU3VDMVdLEjnIlsAzVNxYY8mSvRoUX2I5rI_EJvEEoVmgrGbbVUJdclpGCOriq0JUXM6Et6gTlsnpmdjfMKK_0Ak-UfNM3Uueu0NB5fqJuL6aT6dMdpyq-u9hs5CTocj44BhieN74xGiZsLHdoICZcfdP9R87AwEJJm0hSK4KlBnAxz32PmgRieI_qxbd5w1moO-bbMVdVuWx67kjsd8w2KetmcoqWzMf3_JHn6Et8UPsJz-I2maw3kvdl8DC2jMadxhqYp-wgKLLuYXZAYoRqdYuMNLBnDXqUMOuWq6aGiumCVfIU80YU-_lRCYe1hhMnJTUM9jiHsJvTIxIIyh-SdcHBKr5k8yEeTthfKz9Qy5Gq45Z36LAHREfvJnnAej7_A?p=GgFDMLT0gaIGOiQ1NTJhYzc2NS02YjIzLTQ3MDItODY0My1mZGJjYWI0MmUwMDJCJGFiYzYyNDg5LThjY2ItNGJmZi1iM2ZlLWUwOTYyMmI3NTY1M0oMd2hpdGUtd2Fsa2VyUIPWCliI7xBiDW5ld3Mtc3Rhci5jb21qB2Rlc2t0b3CKAQMxeDGQAQPYAbKO8AGqAgozNy41OC41Ny4x
Title: Do You Speak English? You May Be Able to Work a USA Job from Home in DEOnline Job | Search Ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/axwPMN2kYNwYi4nzWZMhBuaQCq1YQx1JtzXq10m2ddfBA7kjXBbTIoVOVzVJGdlTHJULrYSjeijJDri7At1bJ-K9ub6intLnuYFC3D50YFaAPHWPTpGoVsK7cnhK8ScYct3SMmdbhE5D6v4FLwRaK6MN5buYg__5N5xtk32fMIgPARI2lVBcBJJbEmADsBC6aWfIZidS1a2RSSt7EyKe1bz4gpAsbJuJxuE5eFLqJTzN6ZCwqkKs4ZfG3lYArvYDXxqeem6fM_3B4hb0e_Bt4Hlx2LWTDSlNzcBiMVax3OnAft5w4seQmMOLcJXtZpW-_0lcFlOIYg3Li6BegDLtZbvUm9r7rpFaful6Txly1E7lfM_GbtM10TgA_L52ChgYnzVg-InI6WP1xmMZvuNhUY3uEstABjQYlr1KXrp3if4_oDeR8vq6Z9VG4smY42NQe4aoiyVSMSM2BUUBkFkBMfEe_NvC7Emg7U9GSSNJCopYcC4Xc-c6_T3bNKOv7m0vRS2Liephz4eXgfHDv_yH6kU_Fi_x3SXBk5w2D4NIM_vddkcKF3OVseGDcg-Gq8txbwa8_1oN2Yuf1fglF7w_2J6HWIC157EsWXHH61bqkAOp0BhgYkJqaTS2PQbR_yM2-3swCe7I4feD-rlUBUBBt2Ctlwo5zTnERp5U?p=GgFDMLT0gaIGOiQ1NTJhYzc2NS02YjIzLTQ3MDItODY0My1mZGJjYWI0MmUwMDJCJGFiYzYyNDg5LThjY2ItNGJmZi1iM2ZlLWUwOTYyMmI3NTY1M0oMd2hpdGUtd2Fsa2VyUIPWCliI7xBiDW5ld3Mtc3Rhci5jb21qB2Rlc2t0b3CKAQMxeDGQAQTYAbKO8AGqAgozNy41OC41Ny4x
Title: Top 15 Der Gefährlichsten Tiere Der Welt, Nummer 1 Wird Sie überraschenActunimo.com

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://cherryroad-media.com/community-rules/
Title: Community Rules

Search URL Search Domain Scan URL

URL: https://www.cherryroad.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://cherryroad-media.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cherryroad-media.com/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news-star.com/ HTTP 301
https://www.news-star.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

204 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.news-star.com/
Redirect Chain

https://news-star.com/
https://www.news-star.com/

137 KB
28 KB

13485ms
12560ms

Document
text/html

66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

084dc9ea95c46384ce7f7e88f6b97b9f6f1dc853452d38381b60d6fc4b98f963

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
content-type: text/html; charset=UTF-8
date: Wed, 19 Apr 2023 23:33:02 GMT
link: <https://www.news-star.com/wp-json/>; rel="https://api.w.org/" <https://www.news-star.com/wp-json/wp/v2/pages/851>; rel="alternate"; type="application/json" <https://www.news-star.com/>; rel=shortlink
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
referrer-policy: no-referrer
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=5184000
vary: Accept-Encoding
x-content-type-options: nosniff
x-default-cache: default_cache
x-fastcgi-cache: MISS
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 178
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
content-type: text/html
date: Wed, 19 Apr 2023 23:32:52 GMT
location: https://www.news-star.com/
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
referrer-policy: no-referrer
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=5184000
x-content-type-options: nosniff
x-default-cache: default_cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 Georgia-Regular-font.ttf
www.news-star.com/wp-content/uploads/2021/05/ 140 KB
140 KB 157ms
155ms Font
application/octet-stream 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/uploads/2021/05/Georgia-Regular-font.ttf

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7d0bb20c632bb59e81a0885f573bd2173f71f73204de9058feb68ce032227072

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.news-star.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
last-modified: Wed, 25 May 2022 10:19:11 GMT
server: nginx/1.18.0 (Ubuntu)
referrer-policy: no-referrer
etag: "628e029f-22e74"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
content-length: 142964
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
www.news-star.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 476ms
473ms Stylesheet
text/css 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 13 Mar 2023 02:47:22 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"640e8eba-172a9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 classic-themes.min.css
www.news-star.com/wp-includes/css/ 217 B
892 B 477ms
474ms Stylesheet
text/css 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 13 Mar 2023 02:47:22 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"640e8eba-d9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
www.news-star.com/wp-content/plugins/paid-memberships-pro/css/ 18 KB
4 KB 478ms
475ms Stylesheet
text/css 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/plugins/paid-memberships-pro/css/frontend.css?ver=2.6.6

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

9ab2aae1e13e9678b5ff7477eb2376325e1793cd3dceeed0b980d6c59522828c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 10 Jun 2022 20:36:47 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62a3ab5f-481e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js_composer.min.css
www.news-star.com/wp-content/plugins/js_composer/assets/css/ 452 KB
44 KB 479ms
476ms Stylesheet
text/css 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.10.0

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 14 Mar 2023 02:09:29 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"640fd759-70ee5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addtoany.min.css
www.news-star.com/wp-content/plugins/add-to-any/ 1 KB
1 KB 479ms
477ms Stylesheet
text/css 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 04 Oct 2022 13:06:23 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"633c2fcf-5ef"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.css
www.news-star.com/wp-content/themes/jnews/assets/dist/ 588 KB
92 KB 480ms
478ms Stylesheet
text/css 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

feb53de7103cfe17c2e2a4468dfd1c7c54250b52f433f033b16f1dc89e4d5de5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 14 Mar 2023 01:52:07 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"640fd347-9309a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js-composer-frontend.css
www.news-star.com/wp-content/themes/jnews/assets/css/ 3 KB
996 B 481ms
479ms Stylesheet
text/css 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/themes/jnews/assets/css/js-composer-frontend.css?ver=1.0.0

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1c468f25c66a9aeaa637ca5244f64ec7f967734b2dc2aa92b667cf5316155e81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 14 Mar 2023 01:52:07 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"640fd347-bb7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scheme.css
www.news-star.com/wp-content/themes/jnews/data/import/newspaper/ 6 KB
2 KB 481ms
480ms Stylesheet
text/css 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/themes/jnews/data/import/newspaper/scheme.css?ver=1.0.0

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3a3b8f1947675166325e8785c1058e7d8a2a1946f33a67e0fedb5c0b0ec2a16d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 14 Mar 2023 01:52:06 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"640fd346-1644"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme.min.css
www.news-star.com/wp-content/themes/jnews-child/dist/ 208 KB
29 KB 482ms
480ms Stylesheet
text/css 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/themes/jnews-child/dist/theme.min.css?ver=6.1.1

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ae5e8b709455fcc6d0c794c6dcdadef5d38438725e865856d35d6a117ce8b525

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 12 Aug 2022 15:43:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62f6752e-33f7a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home_page.min.css
www.news-star.com/wp-content/themes/jnews-child/dist/ 5 KB
2 KB 483ms
481ms Stylesheet
text/css 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/themes/jnews-child/dist/home_page.min.css?ver=6.1.1

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ed0791d2019df55609fed92dbd4d8ecef07c3e556aca283d7a8e1aabdfbdfef4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 20 Jul 2022 17:53:00 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62d840fc-144a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
www.news-star.com/wp-includes/js/jquery/ 88 KB
31 KB 483ms
482ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 13 Mar 2023 02:47:22 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"640e8eba-15e54"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.news-star.com/wp-includes/js/jquery/ 11 KB
5 KB 484ms
482ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 May 2022 10:18:25 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"628e0271-2bd8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 52ms
17ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 97482
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
server: cloudflare
etag: W/"c04-5f1f2ae2e431b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 7ba8f35f2ee79b5b-FRA

GET
H2 200 addtoany.min.js Show response
www.news-star.com/wp-content/plugins/add-to-any/ 129 B
839 B 177ms
176ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 04 Oct 2022 13:06:23 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"633c2fcf-81"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.min.js Show response
www.news-star.com/wp-content/themes/jnews-child/dist/ 2 KB
1 KB 484ms
483ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/themes/jnews-child/dist/script.min.js?ver=6.1.1

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b6dcca3034056688691afb759a5900f22c16648c2f09bbc17b02afbf859d2de6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:06 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 13 Jun 2022 15:55:01 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62a75dd5-649"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK plausible.js Show response
analytics.cherryroad.com/js/ 1 KB
2 KB 688ms
95ms Script
application/javascript 207.228.225.157
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.cherryroad.com/js/plausible.js

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.228.225.157 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

Software

nginx /

Resource Hash

7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
Server: nginx
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 1332

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 124ms
67ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75e1b1dfdbdad530be5fca03b82a526fd133f241b5d66d49d2c4e6dc5eeea4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25378
x-xss-protection: 0
server: cafe
etag: 472 / 19466 / 31074032 / config-hash: 11973378874502222792
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H2 200 SHW_Nameplate_Daily-scaled.jpg
www.news-star.com/wp-content/uploads/2023/01/ 56 KB
56 KB 316ms
315ms Image
image/jpeg 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news-star.com/wp-content/uploads/2023/01/SHW_Nameplate_Daily-scaled.jpg

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

68234bdd5e6c3a1697ac661488508e67a305b533b2010eb6d62ee1a1d1cba936

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-length: 56963
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 24 Jan 2023 18:40:26 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63d0261a-de83"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Teacher-of-the-Year-300x250-revise.jpg
www.news-star.com/wp-content/uploads/2023/04/ 54 KB
55 KB 279ms
279ms Image
image/jpeg 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news-star.com/wp-content/uploads/2023/04/Teacher-of-the-Year-300x250-revise.jpg

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

bfb31a9a54357a5189b69febe6c2bf42581a8c94220ca4d90d5efa7febe1f571

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-length: 55292
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 04 Apr 2023 21:22:00 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "642c94f8-d7fc"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SNS-Nurse-of-the-Month-300x250-1.jpg
www.news-star.com/wp-content/uploads/2023/04/ 44 KB
45 KB 301ms
300ms Image
image/jpeg 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news-star.com/wp-content/uploads/2023/04/SNS-Nurse-of-the-Month-300x250-1.jpg

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3a2feb24b56b82ab902175a0f2dac33c8959b6565ecbc82967cfb14c91b3ce0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-length: 45451
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 05 Apr 2023 16:19:47 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "642d9fa3-b18b"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jeg-empty.png
www.news-star.com/wp-content/themes/jnews/assets/img/ 70 B
763 B 277ms
277ms Image
image/png 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news-star.com/wp-content/themes/jnews/assets/img/jeg-empty.png

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-length: 70
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 14 Mar 2023 01:52:07 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "640fd347-46"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 widgetLoader.js Show response
www.legacy.com/widgetloader/ 48 KB
17 KB 531ms
398ms Script
application/x-javascript 104.17.189.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legacy.com/widgetloader/widgetLoader.js?type=ROV1&ld=true&ot=1&cnt=4&sw=0&rc=0&aid=4506
Requested by: Host: www.news-star.com
URL: https://www.news-star.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.189.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1ea16400c53948fa1d1085f256fb9eae337236bc98bc1d4ae95ddd166e827586

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 20 Apr 2023 23:32:58 GMT
date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent, Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 7ba8f35fcc5b3644-FRA
content-length: 17465
x-ua-compatible: IE=edge

GET
H2 200 trxtwo.php Show response
japfg-trending-content.uc.r.appspot.com/ 12 KB
4 KB 211ms
132ms Script
text/html 2a00:1450:4001:829::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://japfg-trending-content.uc.r.appspot.com/trxtwo.php?s=10254&v=1&q=4&i=21
Requested by: Host: www.news-star.com
URL: https://www.news-star.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 6fc2a0bea2cda2fcc7e53732f4cc0730e67278ce60df27bb46b24ea08e4ae2dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 161 KB
51 KB 50ms
11ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.news-star.com
URL: https://www.news-star.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 21a4e261b3c98c9ab9cf3de0ad7c1d1ce420fd0c09f62c5a3b31adbae7bb7bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:05 GMT
server: AmazonS3
x-amz-request-id: 9QCJZ89EZRZQ7TQA
etag: "cd6ef508acd21fd90cc2de7163af0d41"
x-amz-server-side-encryption: AES256
x-hw: 1681947187.cds163.fr8.hn,1681947187.cds146.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 51622
x-amz-id-2: SjKFlDuiW9yISbxBO/UCsPMBBQQ7mXcTMuAkqw+rOZQirgLUWK7KzarNJchI0GJ6O4W0sQIvGM0=

GET
H2 200 toolbar.min.js Show response
www.news-star.com/wp-content/plugins/accessibility-toolbar/dist/ 523 KB
182 KB 188ms
188ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/plugins/accessibility-toolbar/dist/toolbar.min.js?ver=1.4.5

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a3024b9f4a8863af77a271745a863f6241c1724ba82c88ee694792de008b556a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 14 Mar 2023 01:22:15 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"640fcc47-82c62"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.adrotate.clicktracker.js Show response
www.news-star.com/wp-content/plugins/adrotate/library/ 365 B
981 B 222ms
221ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 13 Mar 2023 23:37:08 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"640fb3a4-16d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment-reply.min.js Show response
www.news-star.com/wp-includes/js/ 3 KB
2 KB 218ms
216ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-includes/js/comment-reply.min.js?ver=6.1.1

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 May 2022 10:18:25 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"628e0271-ba5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hoverIntent.min.js Show response
www.news-star.com/wp-includes/js/ 1 KB
1 KB 238ms
237ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 May 2022 10:18:25 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"628e0271-5db"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imagesloaded.min.js Show response
www.news-star.com/wp-includes/js/ 5 KB
2 KB 263ms
261ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 May 2022 10:18:25 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"628e0271-15fd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
www.news-star.com/wp-content/themes/jnews/assets/dist/ 298 KB
86 KB 284ms
283ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=1.0.0

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

48b2d240737cceb970b7b3ef8b86aef31f321c9d51f0af1fa1f4c68544e5d498

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 14 Mar 2023 01:52:07 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"640fd347-4a9ae"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js_composer_front.min.js Show response
www.news-star.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 161ms
161ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.10.0

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 14 Mar 2023 02:09:29 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"640fd759-4e52"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cr_dep_best_of_widget.js Show response
www.news-star.com/wp-content/plugins/cr-dep-best-of-wp-plugin//scripts/ 1 KB
1 KB 177ms
177ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/plugins/cr-dep-best-of-wp-plugin//scripts/cr_dep_best_of_widget.js?ver=6.1.1

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e13491499f5b076127246b7d73d8a4e086307134f138d0bf66655bd26eacc7a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 09 Aug 2022 17:58:01 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62f2a029-4eb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.news-star.com/wp-includes/js/ 18 KB
6 KB 168ms
168ms Script
application/javascript 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 May 2022 10:18:25 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"628e0271-48b9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 print.css
www.news-star.com/wp-content/plugins/paid-memberships-pro/css/ 86 B
800 B 159ms
159ms Stylesheet
text/css 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.6.6

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

914cb6fe13efdf97379c1a2910d677144821201ff3f41b67a5a6ddb367e1a27b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 10 Jun 2022 20:36:47 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62a3ab5f-56"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Apr 2023 22:11:32 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4895
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 20 Apr 2023 00:11:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
48 KB 68ms
32ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KV4F27B

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7548c2065ae21660aea80c5c9fb4dbf15fd8bfa668d7574a5b34e038cc38c32e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48761
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 22:47:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H/1.1 200
OK 17ECA56BF57B7243 Show response
publisher.etype.services/special-editons/ Frame 2992 4 KB
2 KB 624ms
132ms Document
text/html 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.etype.services/special-editons/17ECA56BF57B7243
Requested by: Host: www.news-star.com
URL: https://www.news-star.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f1d839ec6de5b5f24e4bbefacfac47176219210c6b1493b7457a1b62079823ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 1441
Content-Type: text/html; charset=utf-8
Date: Wed, 19 Apr 2023 23:33:07 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H2 200 red-blob.png
www.news-star.com/wp-content/uploads/2021/06/ 2 KB
3 KB 276ms
275ms Image
image/png 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news-star.com/wp-content/uploads/2021/06/red-blob.png

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/wp-content/themes/jnews-child/dist/theme.min.css?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a4935d49528d0a5a6b2444b81c23246aac70cb7a9a7d64e2da2af33aac28611f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-length: 2154
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 May 2022 10:19:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "628e02a0-86a"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 grey-blob.png
www.news-star.com/wp-content/uploads/2021/06/ 5 KB
6 KB 312ms
312ms Image
image/png 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news-star.com/wp-content/uploads/2021/06/grey-blob.png

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/wp-content/themes/jnews-child/dist/theme.min.css?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7d46496177f660fe1c4d3b3be0361fefa1a4fc87665736441f5234ea8ee9c762

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-length: 4996
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 May 2022 10:19:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "628e02a0-1384"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 ADA-Compliant-Logo.png
web1.etypeservices.com/wp-content/uploads/2021/11/ 14 B
14 B 670ms
153ms Image
text/html 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web1.etypeservices.com/wp-content/uploads/2021/11/ADA-Compliant-Logo.png
Requested by: Host: www.news-star.com
URL: https://www.news-star.com/wp-content/themes/jnews-child/dist/theme.min.css?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS: sagemt.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5316717f872a3b46022c0c6b37009e1a18df8809a0cd70a58d8c47fd97f9919c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "636661f9-e"
content-length: 14
content-type: text/html

GET
H2 200 fontawesome-webfont.woff2
www.news-star.com/wp-content/themes/jnews/assets/dist/font/ 75 KB
76 KB 285ms
284ms Font
application/octet-stream 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.news-star.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
last-modified: Tue, 14 Mar 2023 01:52:07 GMT
server: nginx/1.18.0 (Ubuntu)
referrer-policy: no-referrer
etag: "640fd347-12d68"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1; mode=block

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame BC12 677 B
541 B 21ms
20ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1145179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 7ba8f35f4efe9b5b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 19 Apr 2023 23:33:07 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H3 200 core.26680508.js Show response
static.addtoany.com/menu/modules/ 69 KB
25 KB 34ms
23ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.26680508.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.news-star.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4643
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:29 GMT
server: cloudflare
etag: W/"11452-5f1f2ae24215b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7ba8f35f58cb9177-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/ 400 KB
124 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 22:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3400
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126857
x-xss-protection: 0
server: cafe
etag: 11988808581808118609
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Apr 2024 22:36:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 890 B
418 B 78ms
48ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.news-star.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca5567c5403ebe82f9cd64ced3aa8a275e568eb4954e0462e0c201d0544ab076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 393
x-xss-protection: 0
expires: Wed, 19 Apr 2023 23:33:07 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 21ms
21ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=564794089&t=pageview&_s=1&dl=https%3A%2F%2Fwww.news-star.com%2F&ul=en-us&de=UTF-8&dt=Shawnee%20News-Star%20%E2%80%93%20Shawnee%20News-Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2053325749&gjid=1603857672&cid=1426471298.1681947187&tid=UA-214788847-40&_gid=1728648.1681947187&_r=1&_slc=1&z=137478080

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

173ca12c53dbd825fa2484f65be9d4fe19c8018f07ecd1f9333e51abed034c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news-star.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
932 B 85ms
27ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans|PT+Serif

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9d9c73303f3f01bf623e1a7f11a44b2d1a9c1c0ed263cbde30afbbc786e6fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 22:30:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
71 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JZJBN7C7C5&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e66712f5ef206abf93cc3fc6b5b2cba276ccf8db3b159cf70793f639d751b90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 92ms
22ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.news-star.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 68ms
23ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.news-star.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
690 B 157ms
157ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2468884115224766&correlator=3387430437798542&eid=31073320%2C31073884%2C31074032&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=21843165966%3A116205717%2CCherryRoad_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=4239096872&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681947187543&lmt=1681947187&dlt=1681947186320&idt=1182&adxs=1157&adys=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.news-star.com%2F&frm=20&vis=1&psz=300x250&msz=300x250&fws=4&ohw=1600&ga_vid=1426471298.1681947187&ga_sid=1681947188&ga_hid=564794089&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704e114e54b10c3d540803bd4d7ae85d8f8b6cf3f28e092fb7d4e19649edbc3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 660
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.news-star.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 84ms
83ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2468884115224766&correlator=3387430437798542&eid=31073320%2C31073884%2C31074032&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=22655122517%2Cshawnee_h1_leaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C728x90&ifi=2&adks=107520601&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681947187550&lmt=1681947187&dlt=1681947186320&idt=1182&adxs=143&adys=275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.news-star.com%2F&frm=20&vis=1&psz=1314x50&msz=1314x50&fws=4&ohw=1600&ga_vid=1426471298.1681947187&ga_sid=1681947188&ga_hid=564794089&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc1f3360b946e8036a2c1043c8ef263954fc238a153773cd7b709780f391c479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13230
x-xss-protection: 0
google-lineitem-id: 6144514065
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138411003586
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.news-star.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 74ms
74ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2468884115224766&correlator=3387430437798542&eid=31073320%2C31073884%2C31074032&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=22655122517%2Cshawnee_h3_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=3&adks=3919326643&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681947187553&lmt=1681947187&dlt=1681947186320&idt=1182&adxs=143&adys=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.news-star.com%2F&frm=20&vis=1&psz=299x250&msz=300x250&fws=4&ohw=1600&ga_vid=1426471298.1681947187&ga_sid=1681947188&ga_hid=564794089&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2d12c137666d74f87b9ab3c779b4fac5eb51d9c1cf084a4dffc2f4fddba64d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13281
x-xss-protection: 0
google-lineitem-id: 5950877027
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138375537385
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.news-star.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 56ms
56ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2468884115224766&correlator=3387430437798542&eid=31073320%2C31073884%2C31074032&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=22655122517%2Cshawnee_h2_right&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=4&adks=1671383788&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681947187556&lmt=1681947187&dlt=1681947186320&idt=1182&adxs=1157&adys=355&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.news-star.com%2F&frm=20&vis=1&psz=300x250&msz=300x250&fws=4&ohw=1600&ga_vid=1426471298.1681947187&ga_sid=1681947188&ga_hid=564794089&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64e55dc5b89312f03ebd2518b510b5a35ce9cf9fed2040a615bc26db5ead101a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13181
x-xss-protection: 0
google-lineitem-id: 6227575876
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138423938086
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.news-star.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 79ms
78ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2468884115224766&correlator=3387430437798542&eid=31073320%2C31073884%2C31074032&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=22655122517%2Cshawnee_h4_right&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=5&adks=1085788507&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681947187558&lmt=1681947187&dlt=1681947186320&idt=1182&adxs=1157&adys=1216&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.news-star.com%2F&frm=20&vis=1&psz=300x250&msz=300x250&fws=4&ohw=1600&ga_vid=1426471298.1681947187&ga_sid=1681947188&ga_hid=564794089&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12be5269d1c647a670d6a50d937f69600e1081cf5a8296fcba0928871f4fa82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13200
x-xss-protection: 0
google-lineitem-id: 6123718440
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138406690031
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.news-star.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 64ms
64ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2468884115224766&correlator=3387430437798542&eid=31073320%2C31073884%2C31074032&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=22655122517%2Cshawnee_ros_footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C320x50%7C728x90&ifi=6&adks=718671891&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681947187561&lmt=1681947187&dlt=1681947186320&idt=1182&adxs=315&adys=2918&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.news-star.com%2F&frm=20&vis=1&psz=1600x50&msz=1600x50&fws=4&ohw=1600&ga_vid=1426471298.1681947187&ga_sid=1681947188&ga_hid=564794089&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f646842a87b1c04b83841a9b24b5c9c19ffb2008cb5333ebc364ae78bd38f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13227
x-xss-protection: 0
google-lineitem-id: 6142789644
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138414855460
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.news-star.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
717e97e007385bbc99c6c3935e9d7760.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9848 6 KB
3 KB 85ms
22ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://717e97e007385bbc99c6c3935e9d7760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 23:33:07 GMT
expires: Thu, 18 Apr 2024 23:33:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zy5hk_6dlkr1fCHwdZgKoMXQJWhBwYXVMmY1NUX5CuGEZ1ifkmhHuBXYuctFK9rBOR0Ifq8_XzYiRJ7Lvm4cSehRQwNitCs=w450-h375-c-rj-l75
lh3.googleusercontent.com/ 42 KB
42 KB 116ms
49ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/zy5hk_6dlkr1fCHwdZgKoMXQJWhBwYXVMmY1NUX5CuGEZ1ifkmhHuBXYuctFK9rBOR0Ifq8_XzYiRJ7Lvm4cSehRQwNitCs=w450-h375-c-rj-l75

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb71fa34962dd68703df6691338fa645cf32299171e17c74be69c55812efbe3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42859
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Apr 2023 23:33:07 GMT

GET
H2 200 XxO8GpIQcgkWV58x8I1AfLHGUPze_MrecTf8CQ1lsrc2xJVLhdcYSMI-E4GM4QKntQuVSbrtrtVrmZUWvLzp0RvBiu6VAlcOQ0tnQGE=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1 KB
1 KB 116ms
49ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/XxO8GpIQcgkWV58x8I1AfLHGUPze_MrecTf8CQ1lsrc2xJVLhdcYSMI-E4GM4QKntQuVSbrtrtVrmZUWvLzp0RvBiu6VAlcOQ0tnQGE=s42-p-rj-l68-e365

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a19a356741e542145b8c793af8228b24fe2a829d0c23c77c3c104b192c1c45bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
expires: Thu, 18 Apr 2024 23:33:07 GMT

GET
H2 200 p1DPdj7YRTiDvQD_SyBE0nv_J1edy_yqqDB4eIHTze_elXKX5MtTV6-RxkZMHs25nmojrX1QXI4V_T1tf8POl197oHRus-YEGk4BmoKEMYs=w450-h375-c-rj-l75
lh3.googleusercontent.com/ 29 KB
29 KB 82ms
15ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p1DPdj7YRTiDvQD_SyBE0nv_J1edy_yqqDB4eIHTze_elXKX5MtTV6-RxkZMHs25nmojrX1QXI4V_T1tf8POl197oHRus-YEGk4BmoKEMYs=w450-h375-c-rj-l75

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e75a9a7ddc551ab27abfa4c3c85970e42e5f2e7349afe651db1fda8912cc8929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:15:47 GMT
x-content-type-options: nosniff
age: 1040
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29866
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Apr 2023 23:15:47 GMT

GET
H2 200 MvVU7_IYqdKlL463c_t_iVRBl7E8opivTJAaZEFAkPRUwfZt91hEKlCA6mnfO24YsEnPRWFBqNa7pv4ww9UVWJSOyBN4HZw0cJv7NelXy1NHmHXIO1-8=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1 KB
1 KB 82ms
15ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/MvVU7_IYqdKlL463c_t_iVRBl7E8opivTJAaZEFAkPRUwfZt91hEKlCA6mnfO24YsEnPRWFBqNa7pv4ww9UVWJSOyBN4HZw0cJv7NelXy1NHmHXIO1-8=s42-p-rj-l68-e365

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

742f8b6353637386a4c7f07fffcb68f3200f560276bd69a24f1f604f05234f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:15:47 GMT
x-content-type-options: nosniff
age: 1040
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1172
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
expires: Thu, 18 Apr 2024 23:15:47 GMT

GET
H2 200 YKrkSKNllbYDoJZAPwysvdIcSAUTEyadBscJSSHCoQgEwflBYwXAPaQonDTZleCLRm8BpooImKMtcX8Kb0FUftbGkxiB=w450-h375-c-rj-l75
lh3.googleusercontent.com/ 57 KB
57 KB 95ms
28ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YKrkSKNllbYDoJZAPwysvdIcSAUTEyadBscJSSHCoQgEwflBYwXAPaQonDTZleCLRm8BpooImKMtcX8Kb0FUftbGkxiB=w450-h375-c-rj-l75

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

911d7e1d5185c15f5233f33d3eb6b1ebd2035f30c8c5eb6f86d7d52f0a1dfcea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 21:27:44 GMT
x-content-type-options: nosniff
age: 7523
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58315
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Apr 2023 21:27:44 GMT

GET
H2 200 U9nkRqeTI0fkuLOlpebxjG3jp5ED3rwwTx8iepWo3VfEyCGDKRr0V8ibPtNRXC19B2g1XNfEd4WOzXJgXBy8ocFh5RYgge31ah4SX8w=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1 KB
1 KB 81ms
14ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/U9nkRqeTI0fkuLOlpebxjG3jp5ED3rwwTx8iepWo3VfEyCGDKRr0V8ibPtNRXC19B2g1XNfEd4WOzXJgXBy8ocFh5RYgge31ah4SX8w=s42-p-rj-l68-e365

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d04408d5ad5dd8169fec9d83452c699857c6a511da03ca28c57aa44869773ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 21:27:44 GMT
x-content-type-options: nosniff
age: 7523
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1156
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
expires: Thu, 18 Apr 2024 21:27:44 GMT

GET
H2 200 YZ9MH2wdlJdCYw83__WEwmWJNDdmDC-G1gxTRgzM9uRH676tU-vbYTf3Y-Rawash8vdXgAF_uHV2Z0sNg2KTbHcovY1TKpc=w450-h375-c-rj-l75
lh3.googleusercontent.com/ 44 KB
44 KB 35ms
35ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YZ9MH2wdlJdCYw83__WEwmWJNDdmDC-G1gxTRgzM9uRH676tU-vbYTf3Y-Rawash8vdXgAF_uHV2Z0sNg2KTbHcovY1TKpc=w450-h375-c-rj-l75

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6c958b3ea583cf0a2e50ee6ad6e8ef42ddd4b8269d760492fbd6d6dcc956d51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 20:26:59 GMT
x-content-type-options: nosniff
age: 11168
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44577
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Apr 2023 20:26:59 GMT

GET
H2 200 4gffykdJl-LDj6JedsrqWqMnUtjA4ettukBlAIr1tIizpxQEFxmVGikaNUjgS0RbQxgGDH2rJEpNPKqLRGh42SMyQEm0S9BakYfmmk0=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 962 B
1 KB 35ms
34ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/4gffykdJl-LDj6JedsrqWqMnUtjA4ettukBlAIr1tIizpxQEFxmVGikaNUjgS0RbQxgGDH2rJEpNPKqLRGh42SMyQEm0S9BakYfmmk0=s42-p-rj-l68-e365

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

50c9201fab5a8a851d4a225b1fdb97338c461b2aaee7357c235f26dfa7126168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 20:26:59 GMT
x-content-type-options: nosniff
age: 11168
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 962
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
expires: Thu, 18 Apr 2024 20:26:59 GMT

GET
H2 200 sprite_icons_6dc7d94.png
www.justapinch.com/images/ 22 KB
22 KB 233ms
16ms Image
image/png 130.211.10.17
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by: Host: www.news-star.com
URL: https://www.news-star.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.10.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.10.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news-star.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 12:39:33 GMT
via: 1.1 google
last-modified: Tue, 11 Apr 2023 14:42:56 GMT
server: nginx
age: 557614
x-who: gcloud-web-2
content-type: image/png
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22292
expires: Fri, 12 Apr 2024 12:39:33 GMT

GET
H2 200 jegicon.woff
www.news-star.com/wp-content/themes/jnews/assets/dist/font/ 7 KB
8 KB 153ms
152ms Font
application/font-woff 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news-star.com/wp-content/themes/jnews/assets/dist/font/jegicon.woff

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.news-star.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
last-modified: Tue, 14 Mar 2023 01:52:07 GMT
server: nginx/1.18.0 (Ubuntu)
referrer-policy: no-referrer
etag: "640fd347-1be8"
x-frame-options: SAMEORIGIN
content-type: application/font-woff
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
content-length: 7144
x-xss-protection: 1; mode=block

GET
H2 200 04-17-03-262404_1.jpg
www.news-star.com/wp-content/uploads/2023/04/ 33 KB
34 KB 153ms
153ms Image
image/jpeg 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news-star.com/wp-content/uploads/2023/04/04-17-03-262404_1.jpg

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2abaa2f7540612cb9e838187f9ce81e7f6b86f44bedbb95dbc0ea05375808227

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-length: 33690
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 17 Apr 2023 15:08:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "643d60dc-839a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 04-17-05-262562_1.jpg
www.news-star.com/wp-content/uploads/2023/04/ 70 KB
71 KB 153ms
152ms Image
image/jpeg 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news-star.com/wp-content/uploads/2023/04/04-17-05-262562_1.jpg

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

acd2d49d3d35234b751a11a6f6058bc7a7b583d9ae90a4558abe5c20eb358971

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-length: 71698
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 17 Apr 2023 17:38:13 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "643d8405-11812"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 04-12-02-259138_1-750x394.jpg
www.news-star.com/wp-content/uploads/2023/04/ 45 KB
46 KB 154ms
154ms Image
image/jpeg 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news-star.com/wp-content/uploads/2023/04/04-12-02-259138_1-750x394.jpg

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7353f38aea7531cf75b6956444c88ad39ef2a01de31d30c39322a5c084c034db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-length: 46457
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 12 Apr 2023 14:03:11 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6436ba1f-b579"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 04-13-06-261913_1-500x344.jpg
www.news-star.com/wp-content/uploads/2023/04/ 51 KB
52 KB 156ms
155ms Image
image/jpeg 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news-star.com/wp-content/uploads/2023/04/04-13-06-261913_1-500x344.jpg

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

79667d73e01957bf9a1ec39fa698272189513be7f0fecad9ebb19d3dca73a684

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-length: 52726
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 13 Apr 2023 18:23:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64384890-cdf6"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 04-17-01-262419_1.jpg
www.news-star.com/wp-content/uploads/2023/04/ 5 KB
6 KB 152ms
152ms Image
image/jpeg 66.148.122.12
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news-star.com/wp-content/uploads/2023/04/04-17-01-262419_1.jpg

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.148.122.12 Seattle, United States, ASN14361 (HOPONE-GLOBAL, US),

Reverse DNS

sagemt.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

8ed644a7ac423794f1438a7852f4c91d6a49a34715f00a0b070bc2fa65b98daf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=5184000
content-length: 5502
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 17 Apr 2023 13:48:06 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "643d4e16-157e"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
permissions-policy: accelerometer=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(), usb=()
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 49ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JZJBN7C7C5&gtm=45je34c0&_p=564794089&cid=1426471298.1681947187&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBA&_s=1&sid=1681947187&sct=1&seg=0&dl=https%3A%2F%2Fwww.news-star.com%2F&dt=Shawnee%20News-Star%20%E2%80%93%20Shawnee%20News-Star&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZJBN7C7C5&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news-star.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BF0C 0
0 52ms
51ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdny-vg4NLFljFV-1PCb_G_Uxw3JPMpraJGFy3wk6oPueLP68dY6G5K5rn7dfrh165I67ukyTQru6ItZtJz8xczsiiqeWIl_I1Usun69z6piowlDbUtE8mioiCMuT1FJ_x9W3YELv_0VgAFqrhaNV_pISOIIYj4ds6tYOqkAUFAVT6PwJjn4_JQq9s1mq3ic8j7_KHUvzd8tVOL8IRojfn7vOfQMgTOO5XRPgkn9vuqb_p4xXiyjBhRH1_P7fcCW4Y8Rg_lv2ixKS_EGVgM5343AOE5KtlnyovsuEfY41chZncOB18V7L_oAMILSPGIX-GLLElIWWrEjeG8g&sai=AMfl-YS8YUyhR1B6KB272zmKh63f8Qabl1YhQhLwjgga0tlz72uxD1toVYmbFuhqoKQg0V-MGd7_oeKZfr8JWXOGIiNSfOaKcsP5oXpdii4pEzeRIB2DlOuxg4E2BUMTOIjrZW8zW8SkLhRQk02b5nKn&sig=Cg0ArKJSzJrKRdnO4RsZEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame BF0C 3 KB
2 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 18:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 18:52:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF0C 159 KB
49 KB 92ms
36ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H2 200 9576717907167784445
tpc.googlesyndication.com/simgad/ Frame BF0C 107 KB
107 KB 169ms
118ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9576717907167784445

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cea4563c715980dcdc3270e88fe6c3bf9e968679e2e937853073d73d9bd16ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109640
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 22:48:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Apr 2024 23:33:07 GMT

GET
DATA 200
OK truncated
/ Frame BF0C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b757a0dee6c422633be4a50591ef9b24d0d784ef79308f547bbe7c58211d03bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E66D 0
0 52ms
52ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszIxEllOa7dYb6PjLl1UGYI2u9akKnMQcO1cT69uN3PB7g0xjJ9OtlxUWIHrvEazmiMJQgQQ2hT1G3URD39DcMehuL8Nn3ewNOkjoIN-vTnJCQ7Scqa9s_LUNTrDZbPhne_K5mPdTAm75qb0gibFWWHuWDrdZ59rbxnORWHa_DM7HkgwA45zNB-buLzDYWvptZlrFdO2GukGH2UOGSXd-oXimHZAnHvNmA2muSYgqW48lXqf3WxrJarw0JpDGRXjOaki4MNXZyGVj8wHW2JY4wnavPANVxKdndzCdoipDIks3x80xlfoq0MRwCPW3ie6CDXTkrGYxpmd0&sai=AMfl-YSzs-vscbMoes1FsmYn9IV3qMRPOKmo1_xTY_pSAWIyCVdhazzNfvRumfuA-ne49Ynncq2nu3vuwq-wuivHOfOiywRDS9FAZHLQNnDPMwUhrEXap4zvbyper6OCyw9c4r1L_tdH5ylgz1SjQ2I&sig=Cg0ArKJSzE7O8sEZET_DEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame E66D 3 KB
1 KB 23ms
15ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 18:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 18:52:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E66D 159 KB
49 KB 120ms
78ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H2 200 17099934414290107396
tpc.googlesyndication.com/simgad/ Frame E66D 272 KB
273 KB 65ms
52ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17099934414290107396

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4a1a351a1fb887cb118f334763ba492b4a604f4d7a56b41dc7596a940f0bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 12:42:46 GMT
x-content-type-options: nosniff
age: 125421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278891
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 18:15:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Apr 2024 12:42:46 GMT

GET
H/1.1 200
OK bootstrap.min.css
publisher.etype.services/assets/global/plugin/bootstrap/css/ Frame 2992 118 KB
19 KB 128ms
127ms Stylesheet
text/css 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.etype.services/assets/global/plugin/bootstrap/css/bootstrap.min.css
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/special-editons/17ECA56BF57B7243
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/special-editons/17ECA56BF57B7243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 23:33:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Jan 2023 07:42:46 GMT
Server: Microsoft-IIS/10.0
ETag: "05f8ba02227d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 19629

GET
H/1.1 200
OK jquery.bxslider.css
publisher.etype.services/assets/global/plugin/bxslider/css/ Frame 2992 5 KB
1 KB 128ms
127ms Stylesheet
text/css 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.etype.services/assets/global/plugin/bxslider/css/jquery.bxslider.css
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/special-editons/17ECA56BF57B7243
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 894011cff758a43f1db57b26424ea2befcdc85b25e09c91e139040a22cb10e7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/special-editons/17ECA56BF57B7243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 23:33:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Jan 2023 07:43:55 GMT
Server: Microsoft-IIS/10.0
ETag: "80efabc92227d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 1213

GET
H/1.1 200
OK jquery.min.js Show response
publisher.etype.services/assets/global/plugin/ Frame 2992 95 KB
33 KB 258ms
128ms Script
application/x-javascript 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.etype.services/assets/global/plugin/jquery.min.js
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/special-editons/17ECA56BF57B7243
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/special-editons/17ECA56BF57B7243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 23:33:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Jan 2023 07:41:43 GMT
Server: Microsoft-IIS/10.0
ETag: "8055fe7a2227d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 33844

GET
H/1.1 200
OK bootstrap.min.js Show response
publisher.etype.services/assets/global/plugin/bootstrap/js/ Frame 2992 36 KB
10 KB 380ms
130ms Script
application/x-javascript 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.etype.services/assets/global/plugin/bootstrap/js/bootstrap.min.js
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/special-editons/17ECA56BF57B7243
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/special-editons/17ECA56BF57B7243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 23:33:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Jan 2023 07:42:55 GMT
Server: Microsoft-IIS/10.0
ETag: "80a9e8a52227d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 9839

GET
H/1.1 200
OK jquery.bxslider.js Show response
publisher.etype.services/assets/global/plugin/bxslider/js/ Frame 2992 64 KB
14 KB 380ms
128ms Script
application/x-javascript 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.etype.services/assets/global/plugin/bxslider/js/jquery.bxslider.js
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/special-editons/17ECA56BF57B7243
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3f84897d884f47f9c98b1656962479b41fde99934e6a3abae8128995b7d81f7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/special-editons/17ECA56BF57B7243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 23:33:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Jan 2023 07:44:00 GMT
Server: Microsoft-IIS/10.0
ETag: "0e0a6cc2227d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 14163

GET
H/1.1 200
OK js_Common.js Show response
publisher.etype.services/Scripts/ Frame 2992 24 KB
6 KB 395ms
138ms Script
application/x-javascript 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.etype.services/Scripts/js_Common.js
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/special-editons/17ECA56BF57B7243
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 38587d14ecdbee0b173c6773618ab712a02d30f4e8effa50d4ce23dbdafb2cc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/special-editons/17ECA56BF57B7243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 23:33:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2023 13:38:40 GMT
Server: Microsoft-IIS/10.0
ETag: "0f0d87cf93ad91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 6307

GET
H/1.1 200
OK js_SpecialSectionWidget.js Show response
publisher.etype.services/Scripts/ Frame 2992 8 KB
2 KB 394ms
127ms Script
application/x-javascript 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.etype.services/Scripts/js_SpecialSectionWidget.js
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/special-editons/17ECA56BF57B7243
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b637638d704015822114b8c9c1f726b106517e106b5fca956dcf4ea3148126ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/special-editons/17ECA56BF57B7243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 23:33:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2023 13:38:49 GMT
Server: Microsoft-IIS/10.0
ETag: "803a3682f93ad91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 1206

GET
H/1.1 200
OK common.ashx Show response
publisher.etype.services/ajax/ Frame 2992 3 KB
2 KB 396ms
129ms Script
text/plain 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.etype.services/ajax/common.ashx
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/special-editons/17ECA56BF57B7243
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d9788f957a0264a11cf4beeac5436e49aa2b908d80c60bcf6681a4e4e8113318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/special-editons/17ECA56BF57B7243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 23:33:08 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Cache-Control: private
Content-Length: 1354
Expires: Wed, 19 Apr 2023 23:34:08 GMT

GET
H/1.1 200
OK eTypeWebsite.SpecialSectionWidget,eTypeWebsite.ashx Show response
publisher.etype.services/ajax/ Frame 2992 3 KB
2 KB 508ms
127ms Script
text/plain 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.etype.services/ajax/eTypeWebsite.SpecialSectionWidget,eTypeWebsite.ashx
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/special-editons/17ECA56BF57B7243
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e6347309453f94375e038094fca0441218e992441dfb54ed0fbc4a047d45db22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/special-editons/17ECA56BF57B7243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 23:33:08 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Cache-Control: private
Content-Length: 1339
Expires: Wed, 19 Apr 2023 23:33:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 37D4 0
0 51ms
51ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCPyXLJvJ0tIKn2amtNhbmNyCDSZcyx7s874xOncob74P2p5bd2Qg5zGA6FqumK26CBGUqRM3_QX0IPzfPGAvAvNQwP_kKUruwcuc5bMncRbEoL8UCPIKVhwp8b-IMTLxPNTqvh3zSeK2d_nLtZPHJJ-RAEizKY3rztXwwWCBJY1sV01POHwUjq82lkrVo2KMskkhj7yJMoBRlH8rG-u2iKC4VMNPAo0uKovsxfkExZ6CmMau1PRROCMW0RZ1e5Zb0GKjBvaD2FX8dJsjkGjsodj7JSMBSzgA2znUY4Fhiv4GGHSNefeY1f-aBg3eL7PXhDRWJVMYnFg&sai=AMfl-YSM8o1U7yVGLlwtQE5d3Oyz_Vgi49IKPz4HSMe6o5G_WY4OFEvOdujtDXTNVjwGzL0Agx2s2uiKbJAX1Sn7C2vd4iZQ58qZqv37YShWf7wrrODqzO6r7xkXVzvmz0Su1K4&sig=Cg0ArKJSzI7kqyCSJfgjEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 37D4 3 KB
1 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 18:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 18:52:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 37D4 159 KB
49 KB 80ms
62ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H2 200 1238843511883909433
tpc.googlesyndication.com/simgad/ Frame 37D4 50 KB
50 KB 29ms
16ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1238843511883909433

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b808d20a01170f042d1d5dca1f9fced55f903f08d82a7bdc6ab4aefc3c5bb5e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 20:13:14 GMT
x-content-type-options: nosniff
age: 443993
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50939
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 16:11:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Apr 2024 20:13:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 37D4 0
0 84ms
24ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrQcLYumA626nHepTAq4NYVbniolBwoVaEKu3SyHDX8vTH5uOo8ec1sWLBkTlR1EXeEYmqVO8sbn663j2ZgY_2-GTBhA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame E66D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d78ccfcc7808614d9f6dec910d68b156eff47813aa843603bf7dc17e0b2381d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 37D4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71a694292b2eacfe4de8fcd9ac5fdbc39299c0deb51f90632160e3ec1fbc7455

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DEEB 0
0 66ms
66ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV4eBEvuL_w6BlkZjY6F7OR1XuO6DrqHKRiV8-F8xoKWQrCdUJeE9iZ7iOUrgaBNlRHU5TtI8YZ5h1Aq4c0rSvK484xv-tXXqJt9LXtV_vvBytSSGx6ni5vzAeqeZqr5Zrbx0YKcc6qNyay0zCadGy6lteyAx1a4yygnOUfw302P8G1gLhfFkr_NCBosoWIWPpi42o8eNQpWHaAOUdIkV-6nLezWYRjKzWP5f-7TtRE0ocsM3XlfgdFNo8EEpTlX0Eq6kWxxJD4vWj8caiaWQBkFOU59OeVAJGVAs42gWF15m7IedMHZo-jwSjSDuYOkE2mgXP7yJr-w&sai=AMfl-YTQfn3KOODiJOtZB5z323JUgY77qrvfZdrg819uS8MvlD85YbvMCSiF7DFHqWJ2rneGPgCxPaYZhDwjtXR2ZCB3nLuaCcn-rgrBAzJCA4y-IhtxVsYXBQsQ8cSziUFfFGT7mKbAVKvSikg5kHY&sig=Cg0ArKJSzJbcSewZjUu0EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame DEEB 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 18:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 18:52:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DEEB 159 KB
49 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H2 200 13788203139080719904
tpc.googlesyndication.com/simgad/ Frame DEEB 72 KB
72 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13788203139080719904

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee35c2f04d0b8bf3a32e8102128ffe1d827c962666cc8352ccef83477f570c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:48:20 GMT
x-content-type-options: nosniff
age: 74687
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73283
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 21:50:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Apr 2024 02:48:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2C1 0
0 55ms
55ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYbrNFBVDpFlf0ag8rtinBPhYvHN3bWbV-Ehqfb27Rr3BmQxS2siJs56ZPaqdT00-NYFs-wNu1qPG_BOBk9Am9za7NymbKZlDCHhlsqkEaPiFSLYM-m7DbF6W8qgzc8ueOX_EWjBxo0xHSavN5U42IGZ3JIqvTSiZmzhA7KInmGiUMLpcqWjyXT7iwR1DCRW9fq5wQfsPmRJ-4udeTya1hnvfr6OJb77KjkknVALXzlB5wdAdmS_GssSVqZeTHSKvLlATsrsCq5y5dAR6WzN0VmCM2arN_xlYI9aQlUvLUgcVcTjlzuLL8JU9GJKbxVPMWeLSeSE0D2ZbhzVv5&sai=AMfl-YTXc7Ivah9263EoSN9iAyc173IIuO7-gvsixQwTnjeId4ZdggztpxnW6NRkF90M8DIChNUDD42xPvYUA1yMn5ihNU8xCDjURm_879Pm7hgQgDbX18RnvtFQ9AB8-hpaVio-ZKvBZy61c1uw4y7F&sig=Cg0ArKJSzJEelrjiTrzcEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame F2C1 3 KB
1 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 18:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 18:52:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2C1 159 KB
49 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H2 200 5001094306429769400
tpc.googlesyndication.com/simgad/ Frame F2C1 14 KB
14 KB 60ms
59ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5001094306429769400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c169e91e4593c5a08e3ed9c64cca4dd4a5d16b9f3c4e40be881dda25e40514eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 07:09:57 GMT
x-content-type-options: nosniff
age: 145390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14381
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 17:31:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Apr 2024 07:09:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
851 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700%7CQuattrocento

Requested by

Host: www.legacy.com
URL: https://www.legacy.com/widgetloader/widgetLoader.js?type=ROV1&ld=true&ot=1&cnt=4&sw=0&rc=0&aid=4506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77f1a877bb9db6390e51f4955c0c2c6cdc526fc72e10e71704a458337a84f6d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 23:33:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET 4506
www.legacy.com/api/v1/affiliates/recentobituaries/ 0
0

GET
DATA 200
OK truncated
/ Frame DEEB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d10876ad6dbebeba44dc403c0808dde6863a3996f9030609b313c53c13a23799

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F2C1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2925c2fd78a8545613e05e65a62920991b7697337d7df6dd7f298298c314c3c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 202
Accepted event Show response
analytics.cherryroad.com/api/ 2 B
356 B 359ms
166ms XHR
text/plain 207.228.225.157
HOPONE-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.cherryroad.com/api/event
Requested by: Host: analytics.cherryroad.com
URL: https://analytics.cherryroad.com/js/plausible.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 207.228.225.157 Ashburn, United States, ASN14361 (HOPONE-GLOBAL, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 19 Apr 2023 23:33:08 GMT
Server: nginx
Content-Type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2
x-request-id: F1d6DmDTTXEcOJoAvXkR

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 210 KB
65 KB 52ms
8ms Script
application/javascript 2.19.228.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 20:34:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=43112
accept-ranges: bytes
content-length: 65523
expires: Thu, 20 Apr 2023 11:31:39 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 71ms
31ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700%7CQuattrocento

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news-star.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:18 GMT
x-content-type-options: nosniff
age: 133309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:18 GMT

GET
H2 200 OZpEg_xvsDZQL_LKIF7q4jP3w2j6.woff2
fonts.gstatic.com/s/quattrocento/v17/ 35 KB
36 KB 55ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocento/v17/OZpEg_xvsDZQL_LKIF7q4jP3w2j6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700%7CQuattrocento

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe65e8f74381d5afc5a63c298f62b26c4b68531e9e2792e6fa63f4af24842596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news-star.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 02:07:56 GMT
x-content-type-options: nosniff
age: 595511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35872
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Apr 2024 02:07:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 37D4 0
0 51ms
50ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1O7Tus0N1bbNlgcdzWWetgb6EB5x2XPgqNGlqCXY13FNxvQGJird5cO3gXBlngfvg7p376Jvw9Psm6Xujb9bsLiyk3CUb4xbkr_BLnTIzqzircSBV4uxGdkeJhfzIh4keD7smxfYd39ih9W-R7KA1s2aJwPOX6cJdEf2wQtHJZsLKr1EBnAXilWjrm3RJRh-O-SochYyacEQL75HcqNa09XLg_TzKsut-22rBd0kCVM9pHDnGKvp9jyFI7A4Iy7DJFeACYd1hw7eiwGzTm7Dmj8Sfcyt-WFyrd7ODi4UbeMRvtT3Zc10sDEt8BBfYKNJK7FmVzc7vHZ-C&sai=AMfl-YQ_R7GnLSsABphxU4iN_cOZtSq-vwU-Imv3B9YRcG9USXNF_ej8D9BBgcAwuGMm52pooSjopsfBDTpnbvx9VEpMvnsmuNsquodsfxs5VGPGGrkqb-WVZ5eHpRqFIPgoB10&sig=Cg0ArKJSzB8wwtWOnoCtEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DEEB 0
0 50ms
50ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkBV6xxkpDHDsbjW_Bbt7hxZaGejT8gKSvaeJ-gokYTBzZah7OlyZp6TSc6x_1GJK5anI0EDYZZ5EYUb2yZKBHgk4_RlsuS55LLT-S-7EK7CEjovEybOKOlTcWGJ3zDsywlsZiXiI8ZKokR4SQz-LcZvP52XaoXWG31pzpx6PgkDTibtkJDpWrsU8PPrQlVneNqY2Zbo93lnvTO4712j5pyz56L6NJjC5xGikVPuLAj6maK7fJoHcdyyl2cg2oCd78MHjjHY5KD7hTelCU1xUWW7riw8RJuEZVZREMG5-IVgk3fUcjSkJDO0gGylKtQnnFaeG8rifH0TBz&sai=AMfl-YT43lXtb86wLwNTd4PVEyQJLi0bqwCPJ70BvbP_BO_fnhGSamAUlffnugtjVAlB4ecSsIW8rWGKwtmMQCElJVEvZizDdaasShnApHosupYFgWIVGdMHOrZb25iegWHqGIff4acAjRVZneVaDwc&sig=Cg0ArKJSzAzNz9x3GMHaEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E66D 0
0 55ms
54ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqT6uPspz1JKkmtJ6n1mYheQlYZkfar7W8d3A3pluqJ8PwV_0tsk7r8vVLkgUVzTIHiFKf-ESLoh_470Tjmk0Vusq-TcR0TRBOAz7rH2p-_oIkp1ayyk5HAJC3l4fOwERrpgxgPi3hnFA5YaPKoPPJNZ8Ck4eEcVMypeeIaHOUBgWUxjC4m5_aAcxFpOCIdaftDkg6HYUbOwUa6Z5hsTz4pXNekqo6NLsV4IRvmH9C6oWRVe41aEeHqQZDhAbJRIOHTElZM8VNgtWHu6kTvBfJVhSOwysNBCBvbiuF3VHzRfpqVRznx9LYkiKRiyYJcOMnehtY9EFJhLoqug&sai=AMfl-YQM40ilLhfYqLVnw_BFvq-yRJJYuMAUoMLRfy-KjaM9DvZRAQV-8Rd4FpRKG6PGi419MXjjOfg3_cD8-LaGdu8MUelxFPjm7F3BKmQ0M1_W1X9CziEXhiOrGEIC-jvBuZa0B_M3AbH3FHB6aQk&sig=Cg0ArKJSzJXchy3YVoNwEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2C1 0
0 51ms
51ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOFrbRfmkcdWBcYgqf1Ued2pAF6ynZzUGzbHb8xGC_DYDi42q-CDUjWw6AXB1tS5kykePtG4HAHgo7c1NS1hoRjFPG_uBXpO1p-inekfDoeZX8AQwQ4Ruy9wdQDQX7i_lkm_PeDDO8Zujh32k2RZhi40-S_BWUUeoQEL7dWRiH8dgfmRuyfHh-NIjdTqfYVtljiQbYOvIitu-NI6wjKekrqxmOOELmrB2fwl_TDKhW53e2lBVLf7ckWy-8h5S2v40NIGr294ZvDWxHUPhTemuBzX2g2x-O8GgAMUfaBVQDcEhw0v1u1LOYCFFozBk-bOCamVpoEF87XGNA7txgF-M&sai=AMfl-YTmjryuQsUgqIl3STTdFmPPrFjgVYnI48utcOBoGFC-Z6DPntZ3xonEwg49NLw6x2keJM-6MN52wgg3MZLxeUOsopsfcNeP4oG3nabnMVRVM6nrbusPvsv5VNUnmdMLc3h0L5fvrIKvLRNLGPd9&sig=Cg0ArKJSzLr2b6JqRXfLEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Apr 2023 23:33:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BF0C 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_TZXlo5ORzFMpJj2Z3DRKTNFce9ceWjRg_Uuc1Lq36QTxOsNvVuc9L0_fT3tQ1OAU8s4e-tY9E6g-cjtMNT8pxasmlaPxbaZcaMQW99js5xn4KUovuaCyZBNbCQZ_uWJJM2Zjn7CQZt1nW9L-pBQbFByTeZI5cZ-dlYALkPoVxDsyDYNNFXfvJP9aXN6BdYwRKbYcjx4BTy_XYKulKzxLrXOSPy8kvy_m9EsZFrOM5jbPrnyS2valsCRq2MjrHQ-rJBi_AocwP46jJNu8nxl5IOXyJpt2maTWWkl4xDepxcVDVickpsgj10I0ABN0xTscRMR2u9QK9Mq0efRV&sai=AMfl-YRA5D2wrywJh43aJKALlMjcaowKb1p3bqRErI4zlyr5Hjtz18SnqyYfr3yoT7Pbfe-EMba2Vc-eEJXV7kchItEUY9zDOl0USbsC1r8RXnitmUvyeo-ZOLcruNz26NevM4kZsTpS3LrDTUVzR2vR&sig=Cg0ArKJSzNXmupQPvAbrEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Apr 2023 23:33:08 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
299 B 146ms
53ms Fetch
text/html 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=276360

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-99-213.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Wed, 19 Apr 2023 23:33:08 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.news-star.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 23
content-length: 52

GET
H2 204 sync
trends.revcontent.com/ 0
0 132ms
40ms Fetch 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://www.news-star.com
date: Wed, 19 Apr 2023 23:33:08 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 12 KB
7 KB 143ms
143ms Fetch
application/json 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=276360&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.news-star.com%2F&icr_url=&va=0&time=1681947188176&up=pc&bn=chrome&bv=112&widget_width=1314&style_id=0&idhub[pubcid]=82d3760e-e910-49d8-a723-11a41cfa6bb6&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-99-213.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

6f14b91b14c4637a27cb6b6173683cb02c0244fd40c6025d2bfbe50722c6ec33

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Wed, 19 Apr 2023 23:33:08 GMT
strict-transport-security: max-age=931536000; includeSubDomains
content-encoding: gzip
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news-star.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 112

POST
H/1.1 200
OK eTypeWebsite.SpecialSectionWidget,eTypeWebsite.ashx Show response
publisher.etype.services/ajax/ Frame 2992 7 KB
2 KB 223ms
223ms XHR
text/html 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.etype.services/ajax/eTypeWebsite.SpecialSectionWidget,eTypeWebsite.ashx?_method=GetSpecialEditionList&_session=rw
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/ajax/common.ashx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b387236b9d741df5f1011ecbbc45bf92f3ba7bbb5671531d34c33562684113af

Request headers

Referer: https://publisher.etype.services/special-editons/17ECA56BF57B7243
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 19 Apr 2023 23:33:08 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 1559
Expires: Wed, 19 Apr 2023 23:33:08 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 111ms
63ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69647234c8d375daf4e6dd3f1e77696130b93de45c0e0782f532072f0db6b84e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11236
x-xss-protection: 0

GET
H2 200 tcx-ping.php Show response
japfg-trending-content.appspot.com/ 201 B
282 B 516ms
467ms Script
text/html 2a00:1450:4001:813::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://japfg-trending-content.appspot.com/tcx-ping.php?s=10254&t=Shawnee%20News-Star%20%E2%80%93%20Shawnee%20News-Star&h=www.news-star.com&p=%2F&w=2&a=ldgr4--ldgr9&_debug=1
Requested by: Host: www.news-star.com
URL: https://www.news-star.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: a1fdff4f56776081bad6c396fe97e047efbc2614f46c75de306ddf0ae6a59de7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 112ms
43ms Fetch 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-99-213.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region: eu-west-1c
date: Wed, 19 Apr 2023 23:33:08 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
access-control-allow-origin: https://www.news-star.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7

GET
H2 200 brandWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 65 KB
17 KB 19ms
19ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 83f2f162f1f1fd6ca3bfe7bd1898836ecaa17998ad6c7aef61574aeed93d7066

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:06 GMT
server: AmazonS3
x-amz-request-id: 9QCNF1ZB8H7BMTZ7
etag: "616105096e8e3f19c2d714ea283fa7c6"
x-amz-server-side-encryption: AES256
x-hw: 1681947188.cds163.fr8.hn,1681947188.cds327.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 16999
x-amz-id-2: eHXPvAs19mVeDwDqS7+cZ+wFCvumhntRMQz5Mc8i3prWrQnkgJXP7d/Ra7CYadFAt7lRGejzDPhUDc0DF6Cr38ghvTWOCXRH8R72glFup1Y=

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 23 KB
7 KB 19ms
19ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: ceb731414616837d5947ccd22c0f009ddc9cc7b4730a4932f9debde250e9c471

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:09 GMT
server: AmazonS3
x-amz-request-id: 9QCGKY52RGCAFFHH
etag: "9e580ab6dfd6f2042f90670df9f979b9"
x-amz-server-side-encryption: AES256
x-hw: 1681947188.cds163.fr8.hn,1681947188.cds154.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 7092
x-amz-id-2: WRgNXgs3YvX/5PAtiD4ldJ+Hwg2mZQhizWnvHCn71uuf/Du9aKNlM0GRfT4sEX1lP1vg98OJSI8=

GET
H2 200 feedWidget.delivery.js Show response
assets.revcontent.com/master/ 30 KB
9 KB 23ms
23ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 40151d802d9a94b8b02f5e3a46e99997ef5a258e808a811c0b6d982e6d0d6668

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:07 GMT
server: AmazonS3
x-amz-request-id: RZS4Z6XBSGDHFYW0
etag: "a7d4bc4637b9f5ecf8384512c8e19a27"
x-amz-server-side-encryption: AES256
x-hw: 1681947188.cds163.fr8.hn,1681947188.cds266.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 9188
x-amz-id-2: 2zVQg7Noh6Vj1hvFP+0nTpIbD41QkEhln9aD+8SgF6lz/k2dGhMYfo9ckiMbQiPOfYLcl0R+Pcc=

GET
H2 200 commonModal.delivery.js Show response
assets.revcontent.com/master/ 3 KB
2 KB 21ms
21ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/commonModal.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: e3b51420d0d2ec905c232e07b8c28926305a18268dbc98e5134b0d172e0f340c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:06 GMT
server: AmazonS3
x-amz-request-id: 9QCW6D1QXRBQ1VH2
etag: "4edf14e0d4b88a88795237f9870e408b"
x-amz-server-side-encryption: AES256
x-hw: 1681947188.cds163.fr8.hn,1681947188.cds002.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 1666
x-amz-id-2: 5xFdIO9/zv5tPcN/Uw4zL+6+g2PU/LL/DraxUi/2Hpzr265g3mhg9SqNPO2TRwoI1rDuhcHWevo=

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ 439 KB
140 KB 57ms
9ms Script
application/javascript 2600:9000:20eb:4e00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4e00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95c31562dc3b3fc49d6c2f9ac9e1c28ca60ed70c27aae32fac27dde4d4f1c955

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 21:28:39 GMT
Content-Encoding: br
Via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
Age: 7469
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 19 Apr 2023 21:28:39 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: rK7KRYK2-scVZxYPo_jr3FfwoPOn4r8GU4LRr2RE9R88qloJjnC-YQ==
Expires: Thu, 20 Apr 2023 21:28:39 GMT

GET
H2 200 /
img.revcontent.com/ 1 KB
1 KB 51ms
11ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
last-modified: Thu, 02 Jun 2022 15:22:42 GMT
etag: "1654183362"
x-hw: 1681947188.cds126.fr8.hn,1681947188.cds260.fr8.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1351

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 23:33:08 GMT

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 2 KB
2 KB 47ms
10ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
last-modified: Wed, 12 Apr 2023 19:12:49 GMT
etag: "1681326769"
x-hw: 1681947188.cds326.fr8.hn,1681947188.cds337.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=17
accept-ranges: bytes
content-length: 2091

GET
H2 200 63c6a3bfd15776-05990272.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 11 KB
12 KB 54ms
15ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/63c6a3bfd15776-05990272.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

1712db2ac9948f052b629d35a83530960b4f24075b69c2a8b3f7323697f20235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news-star.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=3;cpu=1;start=2023-01-17T17:21:17.621Z;desc=hit,rtt;dur=0
content-length: 11699
x-request-id: 35b81a8080cd96feaf3c17b9ea1ea9b9
last-modified: Tue, 17 Jan 2023 13:36:23 GMT
server: Cloudinary
etag: "fba682e55e5aa4ce3c38c5e14920b5b2"
x-hw: 1681947188.cds223.fr8.hn,1681947188.cds246.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6000947dbf7ae1-76938827.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 11 KB
11 KB 51ms
15ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6000947dbf7ae1-76938827.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

d01e47bb8834a14c76103f00ca2a152e044aaf4a352d94862c6ab459d1e3ff57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news-star.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=174;start=2023-04-13T22:38:13.092Z;desc=miss,rtt;dur=10;cloudinary;dur=54;start=2023-04-13T22:38:13.160Z
content-length: 11345
last-modified: Thu, 11 Nov 2021 18:46:01 GMT
server: cloudflare
etag: "e0dee9f576f817adc4fdc714cfdb8c6b"
x-hw: 1681947188.cds223.fr8.hn,1681947188.cds259.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 7b7732b3cdd5b33c-PRG
timing-allow-origin: *

GET
H2 200 6a481d08173f52d6f1d2fc21492d7e81.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 13 KB
14 KB 53ms
20ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6a481d08173f52d6f1d2fc21492d7e81.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

6f6264f04d843c514e8b7a830c18a6ac059bf15f500ea1b8d37a619e84e71f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news-star.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 17:50:51 GMT
server: Cloudinary
etag: "a36491d720b1a3019f083c4e3889349e"
x-hw: 1681947188.cds223.fr8.hn,1681947188.cds213.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=0;start=2022-12-07T17:52:23.287Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 13679

GET
H2 200 642e949d2ccb44-11238038.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 11 KB
11 KB 52ms
22ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/642e949d2ccb44-11238038.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

f9d46ca57e0b35c07ed7c77f780f2c4dc9076c6aec6cf4a7a2c3c28ea5ff8fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news-star.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=143;start=2023-04-07T21:20:59.411Z;desc=miss,rtt;dur=1;cloudinary;dur=38;start=2023-04-07T21:20:59.468Z
content-length: 10818
last-modified: Fri, 07 Apr 2023 21:17:43 GMT
server: cloudflare
etag: "c6d7256ceac2331c49734419c8c1fd94"
x-hw: 1681947188.cds223.fr8.hn,1681947188.cds280.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 7b45515349eb9a2d-FRA
timing-allow-origin: *

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF4F 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 18:52:59 GMT
expires: Thu, 18 Apr 2024 18:52:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 71C2 783 B
999 B 25ms
24ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

233696a35bae0b239911dab07d77ee042651199052127cd5dceae5ada3752909

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WvM2HEXY1IfMRI_-OnMogQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-WvM2HEXY1IfMRI_-OnMogQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 23:33:08 GMT
expires: Wed, 19 Apr 2023 23:33:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame CF4F 36 KB
14 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:55:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 15:55:36 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 50 B
720 B 532ms
138ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=HmbZuMMqgDZlFOkZSOJqSUiBZhYMXKeR-FE7fPshldVrrKDQa03zCEUzB-E0zJPcRkYlXjPw==&pm_ct=9422abf0c38ce1dcd8822846&pm_pl=1681947188517&pm_td=11&pid=1000177&en=1.1&callback=__pm_glbl_dwe9OCWOuDwDy80BMFLUzq9E._gc1&tt=opt&v=5b851bf
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e8a2b59ba6284dd0b365349f4587e5cd1fa5dd4e9d3dd246bd4f562e0af26d2a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 19 Apr 2023 23:33:08 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.news-star.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 50

GET
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame 68FC 46 KB
16 KB 9ms
9ms Document
text/html 2600:9000:20eb:4e00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?v=5b851bf&pid=1000177
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4e00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6198906618e16d690a96c26c2b84c2f3f1914b5378934bbb0e98571bf7d2ef2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 7470
Cache-Control: public, max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 19 Apr 2023 21:28:38 GMT
Last-Modified: Wed, 19 Apr 2023 20:57:14 GMT
Transfer-Encoding: chunked
Via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
X-Amz-Cf-Id: zlHsA7eD6xo9DCwfCf_26HomSVsoDXO74qUsOc2zz9VSeV70tgQmfg==
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront

POST
H/1.1 200
OK eTypeWebsite.SpecialSectionWidget,eTypeWebsite.ashx Show response
publisher.etype.services/ajax/ Frame 2992 247 B
594 B 153ms
153ms XHR
text/html 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher.etype.services/ajax/eTypeWebsite.SpecialSectionWidget,eTypeWebsite.ashx?_method=GetPubSpecSecWidConfigOnPublicationId&_session=rw
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/ajax/common.ashx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a44b1d47983a8562bab76664d05f8800b11ee06e0a0a3aaae142ec8c89c0edeb

Request headers

Referer: https://publisher.etype.services/special-editons/17ECA56BF57B7243
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 19 Apr 2023 23:33:08 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 286
Expires: Wed, 19 Apr 2023 23:33:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 71C2 0
0 48ms
48ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304170101&jk=2468884115224766&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

HEAD
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame 68FC 0
563 B 10ms
9ms XHR
text/html 2600:9000:20eb:4e00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?v=5b851bf&pid=1000177
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?v=5b851bf&pid=1000177
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4e00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.ad-score.com/x.html?v=5b851bf&pid=1000177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 21:28:38 GMT
Content-Encoding: gzip
Via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
Last-Modified: Wed, 19 Apr 2023 20:57:14 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 7470
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Id: fmjXZ5U1u6Jx3kohufnrFk5HmzCgcPijPtwtDu8mHreOyWwCdMyRTw==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CF4F 0
10 B 16ms
16ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ks2HyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK bx_loader.gif
publisher.etype.services/assets/global/plugin/bxslider/images/ Frame 2992 8 KB
9 KB 125ms
125ms Image
image/gif 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://publisher.etype.services/assets/global/plugin/bxslider/images/bx_loader.gif
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/assets/global/plugin/bxslider/css/jquery.bxslider.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/assets/global/plugin/bxslider/css/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 23:33:08 GMT
Last-Modified: Fri, 13 Jan 2023 07:43:56 GMT
Server: Microsoft-IIS/10.0
ETag: "c6fe93ca2227d91:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 8581

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-08-26/299752/ Frame 2992 160 KB
161 KB 595ms
129ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-08-26/299752/thumbnail.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 981cbb443b687a8a75cd46f5ba465b14f93288ede3ad28e40510397a69b00e36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:08 GMT
Last-Modified: Fri, 26 Aug 2022 23:23:09 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DA87B9F0753798
Content-Type: .jpg
x-ms-request-id: 29017010-a01e-0051-1b17-73d8be000000
x-ms-version: 2009-09-19
Content-Length: 164026

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-11-10/312796/ Frame 2992 147 KB
147 KB 595ms
130ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-11-10/312796/thumbnail.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d433cb148eb4eef9efc4e68cf9a57bc9ab93b6a8b6834bbe1ad8a812c2570500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:09 GMT
Last-Modified: Thu, 10 Nov 2022 23:39:50 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DAC374DC4A1776
Content-Type: .jpg
x-ms-request-id: 41427dde-601e-004e-5b17-736bba000000
x-ms-version: 2009-09-19
Content-Length: 150453

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-09-22/304346/ Frame 2992 177 KB
177 KB 596ms
129ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-09-22/304346/thumbnail.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 88ad4d37f6492e16332932f9a6fb34b7f466b9766c5aa0fe6b5cd9b78968e466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:08 GMT
Last-Modified: Thu, 22 Sep 2022 21:31:06 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DA9CE1C244EC5F
Content-Type: .jpg
x-ms-request-id: 89dc2d67-701e-0042-2d17-73fcb2000000
x-ms-version: 2009-09-19
Content-Length: 181054

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-12-27/320431/ Frame 2992 150 KB
150 KB 597ms
129ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-12-27/320431/thumbnail.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3286819eba3fa0acba629da69c91bbf88e23fdd122066a89fa9effc2c10f2273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:08 GMT
Last-Modified: Tue, 27 Dec 2022 20:40:30 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DAE84A980B23AF
Content-Type: .jpg
x-ms-request-id: b93076d3-c01e-0025-3a17-73ec4e000000
x-ms-version: 2009-09-19
Content-Length: 153381

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-12-27/320432/ Frame 2992 170 KB
171 KB 601ms
131ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-12-27/320432/thumbnail.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e835a77d111f81e55a5d5262856528c470f9547493726053f0c73871fe3c6e35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:09 GMT
Last-Modified: Tue, 27 Dec 2022 20:49:39 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DAE84BDFA7B989
Content-Type: .jpg
x-ms-request-id: 3a6de8be-601e-0071-6117-73a319000000
x-ms-version: 2009-09-19
Content-Length: 174339

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-12-27/320433/ Frame 2992 170 KB
170 KB 602ms
129ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-12-27/320433/thumbnail.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c23424ac891c95e2607e6da526bc4910b9aa2b2532cb432733adb5372c8efb63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:09 GMT
Last-Modified: Tue, 27 Dec 2022 20:38:45 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DAE84A59AE7660
Content-Type: .jpg
x-ms-request-id: c89002ff-e01e-006f-3217-734fc1000000
x-ms-version: 2009-09-19
Content-Length: 173664

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2023-03-27/334932/ Frame 2992 85 KB
86 KB 129ms
128ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2023-03-27/334932/thumbnail.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9e33938e78a752de61dc41342b8dded449abd1b89283c9e60b55d4e27bf26076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:09 GMT
Last-Modified: Mon, 27 Mar 2023 14:48:07 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DB2ED246F9FA23
Content-Type: .jpg
x-ms-request-id: 41427ec1-601e-004e-2a17-736bba000000
x-ms-version: 2009-09-19
Content-Length: 87205

OPTIONS
H2 200 page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 67ms
41ms Preflight 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.news-star.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
content-length: 0
date: Wed, 19 Apr 2023 23:33:08 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 7
x-rc-region: eu-west-1c

OPTIONS
H2 200 widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 67ms
41ms Preflight 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.news-star.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
content-length: 0
date: Wed, 19 Apr 2023 23:33:08 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 6
x-rc-region: eu-west-1c

POST
H2 204 page-view
yeet.revcontent.com/yeet/events/ 0
0 41ms
41ms Fetch 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: *
date: Wed, 19 Apr 2023 23:33:08 GMT
x-envoy-upstream-service-time: 7
server: envoy
vary: Origin

POST
H2 204 widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 41ms
40ms Fetch 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: *
date: Wed, 19 Apr 2023 23:33:08 GMT
x-envoy-upstream-service-time: 7
server: envoy
vary: Origin

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF0C 42 B
174 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSt_XLrD4KbS9PYN07ooNZZhhSQ_dxqMnrFQ3_c3wzeIPnwLJDaHCroHZXHNssAQ6ySelfT6p1HkKox2CjRZ_HT1s_HwW2V-34gui4lg1jBlVbE7P0&sig=Cg0ArKJSzGUa8RZwenuzEAE&id=lidar2&mcvt=1000&p=395,1157,645,1457&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1671383788&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681947187667&rpt=304&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F2C1 42 B
108 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuydYHPD2i6aDftdAJsBTlPpEsKqOMEidwbBnnqShmsM5thQWtUDrqbmEJr_JMsOqMBrZFVFFzeFfjuqRaoqDyeZqO87TQnfSa8pNFNMGQ58IJiNPLB&sig=Cg0ArKJSzKXahZK8IMPPEAE&id=lidar2&mcvt=1002&p=275,436,365,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=107520601&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681947187734&rpt=227&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
273 B 311ms
311ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=HmbZuMMqgDZlFOkZSOJqSUiBZhYMXKeR-FE7fPshldVrrKDQa03zCEUzB-E0zJPcRkYlXjPw==&pm_ct=9422abf0c38ce1dcd8822846&pm_pl=1681947188517&pm_td=548&pid=1000177&en=1.1&callback=__pm_glbl_dwe9OCWOuDwDy80BMFLUzq9E._gc2&tt=opt&v=5b851bf
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.news-star.com
Date: Wed, 19 Apr 2023 23:33:09 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304170101&jk=2468884115224766&bg=!2tml2Y3NAAZA7GLoYOw7ADkAdvg8Ws0jn2ZxyGrxoZQSW51UWzcGMPsActYXq0eTu_QDy425DdRF0gTbuvZtHW1JKzL89NczSwICAAAAl1IAAAACaAEHmQLErOQ2N8GpD012v3jd3DM_h4hCmzoUuenaXqRZw_vITDG3TW3efrUgrDTcMwcyCSoS1rkcwzrxn3teAtVfqa5PPB5ecfZXW9tUJ06hme63NDZhrA5IElArwVoHyusgqEXnoi5FAk3anjqtQcyYT-9nfjudQbzzB_ClftfjhWN7AdvEe-S3lv5B6KST34fFV7lI-JpN9V7npM8wLbrvxQmUC84OB5hcH5yMkmT61UyKIEDOymvAd0PdcvI9EcvqOvYxMSzH9UhJpuB89K5l4KSSUdGLwPZmPMJlGML7OK4HDh9XAB5Y3zYrnvbJq1nKfjvzXCpPPzfRjljQNvRi8R5MqjXQd7C7HyfKsJQtYYsP9CSU03bZKLnsRD1r3x6fxS4MIUVjMQiT99HrcejyqrlHqg2c37OFb7KChhaaBPfAO5eXFjlKRpsJP_wCheMeI-PWPYj0HVa8UZPrfVkexUcrqAndtAnPnt0NyEGlwWfKp0z_crQFkhW0CD2_OPMfi3Ashk0hYvgodB-SFpBE3LLSvrduAabUvOzm953Sy0ABNDx9LoiSTJ1HUY6iTTFbLhu8aP7lYAyF8Pm4WXjv9iU5sz1woB1GuXNNLhSqByq0bAODzinq4DzLxc0LdD3FOcmJG45Fdd8EATecw9oWpRol2Y9Avq5HML2uVzoIwa-5eAmCXtC1enJpKTvGOfZy-AssDi5wkqB6-SSJFm_gQAzbULaWG61tGG6hoQAjHmOZhPemRZN7KBqcbsqhQKdpWRSlticbA90KPrLrO5nfquSe6x3WnvHIW0hSqZoFLGK0oa2_H6r-h1jFsSh8JbJawSDZYXFGRWLERChlKEx9Np6-00QjywgieNMp_hY8kGYpydlgMtKjgijCBv8OmJ-8GCaqmDijY3HjQn2_CcUepuxfrL6QYCU870DklQE3TgSaVUyC6v-K
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 50ms
16ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.news-star.com%2F&domain=www.news-star.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.news-star.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.news-star.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 19 Apr 2023 23:33:09 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 252762
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
252 B 197ms
100ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001kQgaMAAS&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 19 Apr 2023 23:33:09 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.news-star.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
376 B 49ms
16ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.news-star.com%2F&domain=www.news-star.com&cw=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news-star.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 243534
expires: 0

POST
H/1.1 200 1285.json Show response
id5-sync.com/g/v2/ 216 B
627 B 97ms
18ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1285.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

1826f8bc556f194624de10594632b35f2298b415d9fb88e6ffb8a93412425f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.news-star.com
date: Wed, 19 Apr 2023 23:33:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
319 B 98ms
30ms XHR
application/json 54.72.3.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.3.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-3-113.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:10 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.news-star.com
cache-control: no-cache
x-server: 10.45.9.65
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
392 B 113ms
36ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 79c13ed25a7b0cf178f41ce901f34d65f16245a18a3cc10b5fd08935e34da371

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 19 Apr 2023 23:33:10 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news-star.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 19 May 2023 23:33:10 GMT

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-08-26/299752/ Frame 2992 160 KB
161 KB 130ms
130ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-08-26/299752/thumbnail.jpg
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/assets/global/plugin/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 981cbb443b687a8a75cd46f5ba465b14f93288ede3ad28e40510397a69b00e36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:09 GMT
Last-Modified: Fri, 26 Aug 2022 23:23:09 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DA87B9F0753798
Content-Type: .jpg
x-ms-request-id: 89dc2fa0-701e-0042-4a17-73fcb2000000
x-ms-version: 2009-09-19
Content-Length: 164026

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-11-10/312796/ Frame 2992 147 KB
147 KB 137ms
135ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-11-10/312796/thumbnail.jpg
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/assets/global/plugin/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d433cb148eb4eef9efc4e68cf9a57bc9ab93b6a8b6834bbe1ad8a812c2570500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:09 GMT
Last-Modified: Thu, 10 Nov 2022 23:39:50 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DAC374DC4A1776
Content-Type: .jpg
x-ms-request-id: b930789b-c01e-0025-5617-73ec4e000000
x-ms-version: 2009-09-19
Content-Length: 150453

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-09-22/304346/ Frame 2992 177 KB
177 KB 130ms
129ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-09-22/304346/thumbnail.jpg
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/assets/global/plugin/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 88ad4d37f6492e16332932f9a6fb34b7f466b9766c5aa0fe6b5cd9b78968e466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:10 GMT
Last-Modified: Thu, 22 Sep 2022 21:31:06 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DA9CE1C244EC5F
Content-Type: .jpg
x-ms-request-id: 41427fa6-601e-004e-7b17-736bba000000
x-ms-version: 2009-09-19
Content-Length: 181054

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-12-27/320431/ Frame 2992 150 KB
150 KB 1336ms
1335ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-12-27/320431/thumbnail.jpg
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/assets/global/plugin/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3286819eba3fa0acba629da69c91bbf88e23fdd122066a89fa9effc2c10f2273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:10 GMT
Last-Modified: Tue, 27 Dec 2022 20:40:30 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DAE84A980B23AF
Content-Type: .jpg
x-ms-request-id: c89004c2-e01e-006f-6117-734fc1000000
x-ms-version: 2009-09-19
Content-Length: 153381

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-12-27/320432/ Frame 2992 170 KB
171 KB 956ms
954ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-12-27/320432/thumbnail.jpg
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/assets/global/plugin/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e835a77d111f81e55a5d5262856528c470f9547493726053f0c73871fe3c6e35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:10 GMT
Last-Modified: Tue, 27 Dec 2022 20:49:39 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DAE84BDFA7B989
Content-Type: .jpg
x-ms-request-id: 3a6dea79-601e-0071-7f17-73a319000000
x-ms-version: 2009-09-19
Content-Length: 174339

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-12-27/320433/ Frame 2992 170 KB
170 KB 135ms
134ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2022-12-27/320433/thumbnail.jpg
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/assets/global/plugin/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c23424ac891c95e2607e6da526bc4910b9aa2b2532cb432733adb5372c8efb63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:09 GMT
Last-Modified: Tue, 27 Dec 2022 20:38:45 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DAE84A59AE7660
Content-Type: .jpg
x-ms-request-id: 290171b4-a01e-0051-2717-73d8be000000
x-ms-version: 2009-09-19
Content-Length: 173664

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2023-03-27/334932/ Frame 2992 85 KB
86 KB 607ms
475ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Jobs/675/2023-03-27/334932/thumbnail.jpg
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/assets/global/plugin/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9e33938e78a752de61dc41342b8dded449abd1b89283c9e60b55d4e27bf26076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 19 Apr 2023 23:33:10 GMT
Last-Modified: Mon, 27 Mar 2023 14:48:07 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DB2ED246F9FA23
Content-Type: .jpg
x-ms-request-id: 41428050-601e-004e-1717-736bba000000
x-ms-version: 2009-09-19
Content-Length: 87205

GET
H/1.1 200
OK controls.png
publisher.etype.services/assets/global/plugin/bxslider/images/ Frame 2992 3 KB
3 KB 830ms
829ms Image
image/png 20.40.202.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://publisher.etype.services/assets/global/plugin/bxslider/images/controls.png
Requested by: Host: publisher.etype.services
URL: https://publisher.etype.services/assets/global/plugin/bxslider/css/jquery.bxslider.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.28 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 257206c4fd6bcee36927eb0ef2ba087b5dfc6c9a18df7f8553878bf847616226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://publisher.etype.services/assets/global/plugin/bxslider/css/jquery.bxslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 23:33:10 GMT
Last-Modified: Fri, 13 Jan 2023 07:43:57 GMT
Server: Microsoft-IIS/10.0
ETag: "49e6ddca2227d91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 2806

GET
H2 200 liveView.php Show response
live.primis.tech/live/ 46 KB
17 KB 347ms
20ms Script
text/javascript 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=114535&cbuster=1681947192634&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00084,1
Requested by: Host: www.news-star.com
URL: https://www.news-star.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: bdc8bbcee8aa8d0e278356b12835283889e961e6d1c044bf2f1e2acd87046332

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: cqWHA-6CLM5OJiP5NG45Nh9-wJ9iIahV3-OW4s_GI4qz-z9KfUIsQw==

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/ 142 KB
32 KB 530ms
204ms Script
text/javascript 2606:4700:4400::ac40:99f6

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV4F27B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:99f6 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b795217fa0b8bc28fac5f730b95b12d32163719b677218a42fcbf255df7b64b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:13 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 19 Apr 2023 21:32:10 GMT
server: cloudflare
x-amz-request-id: T16D3GZ7KDZRJPE8
etag: W/"bc8278a039be0595b316c78a1b8b69de"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7ba8f38408622c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ImDxUbayqt98jOTo6mzYxE1XOtLnxME8F71GL3qYO2PPIX+nIevU24Qn5nsIVsBNt9dXuj09kvs=

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame F2C6 5 KB
2 KB 21ms
21ms Script
text/javascript 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=114535&cbuster=1681947192634&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00084,1&cbuster=1681947192&pubUrlAuto=https%3A%2F%2Fwww.news-star.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114535&cbuster=1681947192634&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00084,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7b29ff7bf8060330b652f7427194b93593e9f54cc8021130a0f6ddd337a01a57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: y3XWnq44t9HMs_E5nxTvvA-BiTGPn3YTFcBLstqnV8TT2Yqx-1sy2A==

GET
H2 200 iab_consent_sdk.v1.0.js Show response
live.primis.tech/content/ClientDetections/ Frame F2C6 19 KB
8 KB 19ms
18ms Script
application/javascript 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114535&cbuster=1681947192634&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00084,1&cbuster=1681947192&pubUrlAuto=https%3A%2F%2Fwww.news-star.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Wed, 12 Feb 2020 15:01:36 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"5e441350-4be0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: jw1wlB5i1UtV53MrsbAgRz48Gd8f3e4kTp6vmP93JefuDKg4SgWdUQ==
expires: Thu, 18 Apr 2024 23:33:12 GMT

GET
H2 200 DetectGDPR2.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame F2C6 9 KB
4 KB 40ms
39ms Script
application/javascript 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114535&cbuster=1681947192634&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00084,1&cbuster=1681947192&pubUrlAuto=https%3A%2F%2Fwww.news-star.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"6024fccc-228f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: ibPb7aOjeMOh-ZTowy-CMbXK5Y5g1F55T4Sofdfyj8wrr6OlhDLsrA==
expires: Thu, 18 Apr 2024 23:33:12 GMT

GET
H2 200 DetectGDPR.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame F2C6 8 KB
3 KB 38ms
37ms Script
application/javascript 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114535&cbuster=1681947192634&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00084,1&cbuster=1681947192&pubUrlAuto=https%3A%2F%2Fwww.news-star.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"6024fccc-1ef8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 1rNYU_2sQX0DESvzb3Pl5CMJ9X_A34r60JFHw432kR5QHCN_OgM_WQ==
expires: Thu, 18 Apr 2024 23:33:12 GMT

GET
H2 200 hls.0.12.4_3.min.js Show response
live.primis.tech/content/video/hls/ Frame F2C6 258 KB
115 KB 19ms
19ms Script
application/javascript 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114535&cbuster=1681947192634&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00084,1&cbuster=1681947192&pubUrlAuto=https%3A%2F%2Fwww.news-star.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 12:48:36 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"623b1724-409bc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: DxCoAaGZTQEDOHBzW4W82IWFifIy21VfzbME5YeGQKiEoJP54mKo7Q==
expires: Thu, 18 Apr 2024 23:33:12 GMT

GET
H2 200 prebidVid.7.16.0_8.min.js Show response
live.primis.tech/content/prebid/ Frame F2C6 514 KB
258 KB 20ms
19ms Script
application/javascript 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_8.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114535&cbuster=1681947192634&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00084,1&cbuster=1681947192&pubUrlAuto=https%3A%2F%2Fwww.news-star.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 9ac5a7ed180980e32f7784d9aca819bc93d7906f2d17f24070433983b5f4728d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:13 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 15:23:59 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"6413348f-809c9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: MiRL1St5DHD0scA0Rk6hrd750A_5pEXrYE2Ay3dlji_LdQdgqaHtiw==
expires: Thu, 18 Apr 2024 23:33:13 GMT

GET
H2 200 liveVideo.php Show response
live.primis.tech/live/ Frame F2C6 553 KB
216 KB 36ms
36ms Script
text/html 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30342D32305F30327D7B7331373235363932377D7B4335377D7B53643364334C6D356C64334D74633352686369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a00%3Ac98%3A2030%3Aa004%3A1%3A%3A12&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00084%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1681947193&csuuid=64407a3902547&debugInfo=17256927_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256927&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1235&geoLong=8.6648&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.news-star.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114535&cbuster=1681947192634&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00084,1&cbuster=1681947192&pubUrlAuto=https%3A%2F%2Fwww.news-star.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 3b3899ea841a84cde911289630296902bde119aa0e3f3b91b5e7e732ed76cca2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:13 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
x-amz-cf-id: bxBTXnwc7PBjRjVL5z8Wf-i99jaBy5yNP53kb0l60Ymng5f42JWciw==

GET
H2 200 primisslate.css
live.primis.tech/content/video/css/ 18 KB
7 KB 18ms
18ms Stylesheet
text/css 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/css/primisslate.css
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30342D32305F30327D7B7331373235363932377D7B4335377D7B53643364334C6D356C64334D74633352686369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a00%3Ac98%3A2030%3Aa004%3A1%3A%3A12&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00084%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1681947193&csuuid=64407a3902547&debugInfo=17256927_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256927&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1235&geoLong=8.6648&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.news-star.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4081306e365ebaa5a82ac37991f041a39b5e20cbd5722b4b7e055a330ad33e02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Mon, 17 Apr 2023 10:52:25 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"643d24e9-4688"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: ZUsgFAajXJ83QceA2SiqSWpfYovqudVIq8X9Wn8ZUQZ1RfWVqqu2GQ==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame F2C6 226 KB
56 KB 82ms
9ms Script
application/javascript 13.224.192.181

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30342D32305F30327D7B7331373235363932377D7B4335377D7B53643364334C6D356C64334D74633352686369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a00%3Ac98%3A2030%3Aa004%3A1%3A%3A12&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00084%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1681947193&csuuid=64407a3902547&debugInfo=17256927_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256927&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1235&geoLong=8.6648&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.news-star.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 22:49:46 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 20:25:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 2608
x-amz-server-side-encryption: AES256
etag: W/"d0373f28cbce103f094bc2631a9c8dd5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 18575bpaPdlZSGhS7sJr2qmLa_Qb3bqxYg8Tc-cfD7RCkH9h9HR_pg==

GET
H3 200 css
fonts.googleapis.com/ 1 KB
422 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&display=swap

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30342D32305F30327D7B7331373235363932377D7B4335377D7B53643364334C6D356C64334D74633352686369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a00%3Ac98%3A2030%3Aa004%3A1%3A%3A12&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00084%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1681947193&csuuid=64407a3902547&debugInfo=17256927_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256927&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1235&geoLong=8.6648&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.news-star.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00573904e0947050a672688a2de7001e7919dee72aeaca2ca76a019769bf779a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Apr 2023 23:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 21:41:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Apr 2023 23:33:13 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame F2C6 54 KB
7 KB 47ms
46ms XHR
application/json 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNwM5OGIjYmY1ZWE1ODEjOTx3OTU3OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFNUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRZrx9UnGyNR00lTyqWnE5UZ3uNRGf1TaceMU56n3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzq4T0RVrE5dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx9ESXqORGN5TzcBS2ZRLz5BLWy1ZUyDOERapyViSHceVz9ISXBUTF9xnVqYTzkzryyDQxuJTyqDWzpzqzyxX2NioaRyoaRsnWQ9Mwp3NDplMlZ2nWRsY29hqGVhqF9xZXNwPUVaZ25iZlgGpzVhY2teVG9up3QzqzyxX2NioaRyoaRsqGy0oGU9RWqaoz9aK0ZlZW5wnCgUo2FmqCZ2nWRsY29hqGVhqF9xqXJuqGyiow02MSZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kMTx3NSZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM0MxQmMwMjNUYmMDMlN0Q3QwpmMmEmNmMlMmUmNwM5MmImNmqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQmNTZDNwQmMmRENmQ2MmMmNTI2ODYmNwxmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMDMjN0Q3QwU5MmImMwM1N0Q3QwY2MmE3RDqCNEMmNmM4MmxmODqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTAhMTImNSZaZW9Mo25aPTthNwY0OCZ1p2VlSXBBZGRlPTJuMDAyM0FwOTtyM0ElMDMjJTNBYTAjNCUmQTEyM0EyM0EkMvZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTElLwAhNTYkNS4kMwEeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYW1ypzywYW5bo21yqG93oz1yZGyuLzNioSUlQmAjMDt0JTJDMSZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwQ0MDquMmxjMwU0NlZwYaVmqGVlPTE2ODE5NDpkOTMkNDYzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30342D32305F30327D7B7331373235363932377D7B4335377D7B53643364334C6D356C64334D74633352686369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a00%3Ac98%3A2030%3Aa004%3A1%3A%3A12&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00084%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1681947193&csuuid=64407a3902547&debugInfo=17256927_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256927&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1235&geoLong=8.6648&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.news-star.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 80c5630bd998428bbd2d4fe7f03d70379900fa22a0208cd0d5d279b3373d1f8a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.news-star.com
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 7192
x-amz-cf-id: j6rkx8sbl9iv7G86nJmpV3O8aln50YMlj0eBwyXy5CrG0TpiKSHWuw==

GET
H2 200 liveView.php
live.primis.tech/live/ 0
421 B 21ms
20ms Image
text/html 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY4MTx0NmE5MlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE0NTM1JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql5hZXqmLXN0YXIhY29gJaN1YxyxPXq3ql5hZXqmLXN0YXIhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmAmNDJEMmImMDVGMmAmMwqEN0I3MmMkMmpmMwM1MmYmOTMlMmp3RDqCNDMmNTM3N0Q3QwUmNwQmMmY0MmM0QmZEMmU2QmY0MmM0RDp0NwMmMmUlNwt2MmY5MmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmImNTqEN0I2NwMkN0Q3QwRDMmpmODM5Mmt3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MzEjMCUmQWM5OCUmQTIjMmAyM0FuMDA0JTNBMSUmQSUmQTElJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkMv4jLwU2MTUhMTIkJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NDQjN2EmOTAlNTQ3JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2ODE5NDpkOTMkMmYzqWyxPVNyn2yhZG9TUGkurWVlNwQ0MDquMmxjOTQ2NlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: Jyf0QmZdHJ3swE6ckPytDEVc9ufM1CqzFeY-jDeXnW3dPMJyxLoIig==

GET
H2 200 vid6398b0c65ea58109979579.jpg
video.primis.tech/uploads/cn19/video/users/converted/22235/video_5df2c67d5a683172725343/ 18 KB
18 KB 70ms
11ms Image
image/jpeg 2600:9000:236e:3e00:1:6448:6d00:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn19/video/users/converted/22235/video_5df2c67d5a683172725343/vid6398b0c65ea58109979579.jpg?cbuster=1670951117
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 9dff86236cf2576cf2a6087ddf3031e7f90c9d486434cf8771c7c587cfc7a43f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:16:06 GMT
via: 1.1 216f781ed7a0653429ac7a72888ca4c4.cloudfront.net (CloudFront), 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO5-C1, FRA60-P1
age: 58626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17935
last-modified: Tue, 13 Dec 2022 17:06:38 GMT
server: nginx
etag: "ced65071a09b4ec24bde7e7369f0380b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: uXNaEnsvM8_uAKi6rIVpgJCBS6Tz0F7uY4aVaXpe1eg6NWY9-EWwBg==
expires: Thu, 20 Apr 2023 07:16:06 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame F2C6 76 KB
8 KB 53ms
53ms XHR
application/json 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNwM5OGIjYmY1ZWE1ODEjOTx3OTU3OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFNUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRZrx9UnGyNR00lTyqWnE5UZ3uNRGf1TaceMU56n3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzq4T0RVrE5dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx9ESXqORGN5TzcBS2ZRLz5BLWy1ZUyDOERapyViSHceVz9ISXBUTF9xnVqYTzkzryyDQxuJTyqDWzpzqzyxX2NioaRyoaRsnWQ9Mwp3NDplMlZ2nWRsY29hqGVhqF9xZXNwPUVaZ25iZlgGpzVhY2teVG9up3QzqzyxX2NioaRyoaRsqGy0oGU9RWqaoz9aK0ZlZW5wnCgUo2FmqCZ2nWRsY29hqGVhqF9xqXJuqGyiow02MSZjoGFwZW1yoaRTqHJyYW1UrXByPTEzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kMTx3NSZ4PTM0MlZ5PTE5MlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM0MxQmMwMjNUYmMDMlN0Q3QwpmMmEmNmMlMmUmNwM5MmImNmqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQmNTZDNwQmMmRENmQ2MmMmNTI2ODYmNwxmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMDMjN0Q3QwU5MmImMwM1N0Q3QwY2MmE3RDqCNEMmNmM4MmxmODqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTAhMTImNSZaZW9Mo25aPTthNwY0OCZ1p2VlSXBBZGRlPTJuMDAyM0FwOTtyM0ElMDMjJTNBYTAjNCUmQTEyM0EyM0EkMvZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTElLwAhNTYkNS4kMwEeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYW1ypzywYW5bo21yqG93oz1yZGyuLzNioSUlQmAjMDt0JTJDMSZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwQ0MDquMmxjMwU0NlZwYaVmqGVlPTE2ODE5NDpkOTMkNwpzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30342D32305F30327D7B7331373235363932377D7B4335377D7B53643364334C6D356C64334D74633352686369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a00%3Ac98%3A2030%3Aa004%3A1%3A%3A12&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00084%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1681947193&csuuid=64407a3902547&debugInfo=17256927_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256927&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1235&geoLong=8.6648&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.news-star.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: fcb936c1a106e65cc9e27d69e59da286dc6a7bdaeba7ce603177f509d1fc4639

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.news-star.com
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 8075
x-amz-cf-id: O3Qx0-4GJQz69VeSfPi1bbVrvMD1olQSd8aX_SDKwyQAApi0sj_SYQ==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame F2C6 37 KB
7 KB 46ms
45ms XHR
application/json 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNwM5OGIjYmY1ZWE1ODEjOTx3OTU3OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFNUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRZrx9UnGyNR00lTyqWnE5UZ3uNRGf1TaceMU56n3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzq4T0RVrE5dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx9ESXqORGN5TzcBS2ZRLz5BLWy1ZUyDOERapyViSHceVz9ISXBUTF9xnVqYTzkzryyDQxuJTyqDWzpzqzyxX2NioaRyoaRsnWQ9Mwp3NDplMlZ2nWRsY29hqGVhqF9xZXNwPUVaZ25iZlgGpzVhY2teVG9up3QzqzyxX2NioaRyoaRsqGy0oGU9RWqaoz9aK0ZlZW5wnCgUo2FmqCZ2nWRsY29hqGVhqF9xqXJuqGyiow02MSZjoGFwZW1yoaRTqHJyYW1UrXByPTEzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kMTx3NSZ4PTM0MlZ5PTE5MlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM0MxQmMwMjNUYmMDMlN0Q3QwpmMmEmNmMlMmUmNwM5MmImNmqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQmNTZDNwQmMmRENmQ2MmMmNTI2ODYmNwxmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMDMjN0Q3QwU5MmImMwM1N0Q3QwY2MmE3RDqCNEMmNmM4MmxmODqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTAhMTImNSZaZW9Mo25aPTthNwY0OCZ1p2VlSXBBZGRlPTJuMDAyM0FwOTtyM0ElMDMjJTNBYTAjNCUmQTEyM0EyM0EkMvZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTElLwAhNTYkNS4kMwEeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYW1ypzywYW5bo21yqG93oz1yZGyuLzNioSUlQmAjMDt0JTJDMSZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwQ0MDquMmxjMwU0NlZwYaVmqGVlPTE2ODE5NDpkOTMkNwtzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30342D32305F30327D7B7331373235363932377D7B4335377D7B53643364334C6D356C64334D74633352686369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a00%3Ac98%3A2030%3Aa004%3A1%3A%3A12&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00084%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1681947193&csuuid=64407a3902547&debugInfo=17256927_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256927&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1235&geoLong=8.6648&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.news-star.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4cbe7bb9745de687f607acc1ead1b089df44b5cce93a66242963b53805b9e972

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.news-star.com
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 6891
x-amz-cf-id: bWyrzj47AeVMCqXegtEZ-L2_-XeRmu0_clNv9G2mMSXU1HUm1i40gw==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame F2C6 21 KB
6 KB 47ms
46ms XHR
application/json 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNwM5OGIjYmY1ZWE1ODEjOTx3OTU3OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFNUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRZrx9UnGyNR00lTyqWnE5UZ3uNRGf1TaceMU56n3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzq4T0RVrE5dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx9ESXqORGN5TzcBS2ZRLz5BLWy1ZUyDOERapyViSHceVz9ISXBUTF9xnVqYTzkzryyDQxuJTyqDWzpzqzyxX2NioaRyoaRsnWQ9Mwp3NDplMlZ2nWRsY29hqGVhqF9xZXNwPUVaZ25iZlgGpzVhY2teVG9up3QzqzyxX2NioaRyoaRsqGy0oGU9RWqaoz9aK0ZlZW5wnCgUo2FmqCZ2nWRsY29hqGVhqF9xqXJuqGyiow02MSZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kMTx3NSZ4PTM0MlZ5PTE5MlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM0MxQmMwMjNUYmMDMlN0Q3QwpmMmEmNmMlMmUmNwM5MmImNmqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQmNTZDNwQmMmRENmQ2MmMmNTI2ODYmNwxmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMDMjN0Q3QwU5MmImMwM1N0Q3QwY2MmE3RDqCNEMmNmM4MmxmODqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTAhMTImNSZaZW9Mo25aPTthNwY0OCZ1p2VlSXBBZGRlPTJuMDAyM0FwOTtyM0ElMDMjJTNBYTAjNCUmQTEyM0EyM0EkMvZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTElLwAhNTYkNS4kMwEeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYW1ypzywYW5bo21yqG93oz1yZGyuLzNioSUlQmAjMDt0JTJDMSZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwQ0MDquMmxjMwU0NlZwYaVmqGVlPTE2ODE5NDpkOTMkNwtzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30342D32305F30327D7B7331373235363932377D7B4335377D7B53643364334C6D356C64334D74633352686369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a00%3Ac98%3A2030%3Aa004%3A1%3A%3A12&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00084%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1681947193&csuuid=64407a3902547&debugInfo=17256927_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256927&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1235&geoLong=8.6648&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.news-star.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a4f4341c04d4c1e2403520f89ab9c545073062f1f958e7f2bcbe1b6d531766ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.news-star.com
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 5545
x-amz-cf-id: aEG4gCPI3WxIUGFx4DLiYgkQ1meWq00ykMlrkLIeF4FdyNflyPjdfw==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame F2C6 78 KB
9 KB 54ms
54ms XHR
application/json 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNwM5OGIjYmY1ZWE1ODEjOTx3OTU3OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFNUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRZrx9UnGyNR00lTyqWnE5UZ3uNRGf1TaceMU56n3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzq4T0RVrE5dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx9ESXqORGN5TzcBS2ZRLz5BLWy1ZUyDOERapyViSHceVz9ISXBUTF9xnVqYTzkzryyDQxuJTyqDWzpzqzyxX2NioaRyoaRsnWQ9Mwp3NDplMlZ2nWRsY29hqGVhqF9xZXNwPUVaZ25iZlgGpzVhY2teVG9up3QzqzyxX2NioaRyoaRsqGy0oGU9RWqaoz9aK0ZlZW5wnCgUo2FmqCZ2nWRsY29hqGVhqF9xqXJuqGyiow02MSZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kMTx3NSZ4PTM0MlZ5PTE5MlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM0MxQmMwMjNUYmMDMlN0Q3QwpmMmEmNmMlMmUmNwM5MmImNmqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQmNTZDNwQmMmRENmQ2MmMmNTI2ODYmNwxmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMDMjN0Q3QwU5MmImMwM1N0Q3QwY2MmE3RDqCNEMmNmM4MmxmODqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTAhMTImNSZaZW9Mo25aPTthNwY0OCZ1p2VlSXBBZGRlPTJuMDAyM0FwOTtyM0ElMDMjJTNBYTAjNCUmQTEyM0EyM0EkMvZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTElLwAhNTYkNS4kMwEeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYW1ypzywYW5bo21yqG93oz1yZGyuLzNioSUlQmAjMDt0JTJDMSZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwQ0MDquMmxjMwU0NlZwYaVmqGVlPTE2ODE5NDpkOTMkNwtzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30342D32305F30327D7B7331373235363932377D7B4335377D7B53643364334C6D356C64334D74633352686369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a00%3Ac98%3A2030%3Aa004%3A1%3A%3A12&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00084%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1681947193&csuuid=64407a3902547&debugInfo=17256927_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256927&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.news-star.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1235&geoLong=8.6648&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.news-star.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a748372cf228deacc6dd8ffebd2738049532244bebe54d2a857105d68f56bb65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.news-star.com
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 9019
x-amz-cf-id: tS1l0XxrhMIxGKmBcID091VutOHgaHRoRnO8pNPkuldJkNC5fvbmQw==

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202304111045/ 239 KB
74 KB 18ms
17ms Script
application/javascript 2606:4700:4400::ac40:99f6

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202304111045/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:99f6 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 90db7c2929c1f8fa3cb7be282e5c88ce131312749bb86d8eed33f6757e57f772

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Apr 2023 14:47:39 GMT
server: cloudflare
x-amz-request-id: X5WVS5ASANG0VPZX
age: 714618
etag: W/"7371672e2ad6b3b9469c4dc5cc2f6c08"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7ba8f38589752c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: aoDQGOLMQY9+GaPfbdOkJraXGql7xl62EXnSV/RNuezH2t/ySZ+UDzOFK3NoG6yb/78TcuiE//Y=

GET
H2 200 diberp-tcx-v7.13.0.js Show response
www.americanhometownmedia.com/static/ 328 KB
103 KB 82ms
15ms Script
text/javascript 34.120.58.62

General

Check archive.org

Show headers Download Go to

Full URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by: Host: www.news-star.com
URL: https://www.news-star.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.58.62 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 18:30:59 GMT
content-encoding: gzip
age: 190934
x-guploader-uploadid: ADPycdvFj8y1Qxtz0rgzWyAx8rnpzS9tYHqIg2A8J0Cm-4Humyb6Q65dQVcWzxGL12GAdtbf76P0Lva1NS6j3zh21yFPmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104504
last-modified: Mon, 29 Aug 2022 14:20:21 GMT
server: UploadServer
etag: "f085c7609fb7c47fb72fd768d721373e"
vary: Accept-Encoding,Origin
x-goog-generation: 1661782821233427
x-goog-hash: crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
content-type: text/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 104504
accept-ranges: bytes
expires: Tue, 16 Apr 2024 18:30:59 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 74 KB
25 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.news-star.com
URL: https://www.news-star.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e518db1e1833f09a135991b298388dfc9316d191df321185fcd2c9e96f2b776c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25089
x-xss-protection: 0
server: cafe
etag: 609 / 19466 / 31074033 / config-hash: 11973378874502222792
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 23:33:13 GMT

GET
H2 200 liveInternalSsp.php Show response
live.primis.tech/live/ Frame F2C6 25 B
492 B 355ms
355ms XHR
text/html 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0EmNDMyMxMyMwJbZWyanHQyMwIyM0EkOTMyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMlUlQlUlMzyjJTIlJTNBJTIlMzEjMCUmQWM5OCUmQTIjMmAyM0FuMDA0JTNBMSUmQSUmQTElJTIlJTJDJTIlZ2ViSWQyMwIyM0E1NlUlQlUlMzFfpGuuMxqyolUlMvUmQSUlMxRFJTIlJTJDJTIlZGV2nWNyqHyjZSUlMvUmQTIyMxMyMwJ0rHREZXZcY2V0rXByJTIlJTNBJTIlZGVmn3RipCUlMvUlQlUlMzJlo3qmZXIyMwIyM0EyMwJwnHJioWUyMwIyMxMyMwJiplUlMvUmQSUlMyqcozRiq3MyMwIyMxMyMwJ0rHRPplUlMvUmQSUlMaqcozRiq3MyMwIyMxMyMwJxZXZcY2VNo2RyoCUlMvUmQSUlMvUlMvUlQlUlMz9mVzVlp2yiovUlMvUmQSUlMwEjLwAyMwIyMxMyMwJxZXZcY2VNYW51ZzFwqHVlZXIyMwIyM0EyMwIyMwIyMxMyMwJxZXZcY2VDo2RyTzFgZSUlMvUmQSUlMvUlMvUlQlUlMaVmZXJBZ2VhqCUlMvUmQSUlMx1irzyfoGEyMxY1LwAyMwAbV2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0KSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjKEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giKSUlMENbpz9gZSUlRwEkMv4jLwU2MTUhMTIkJTIjU2FzYXJcJTJGNTM3LwM2JTIlJTJDJTIloGF0JTIlJTNBJTIlNTAhMTImNSUlMvUlQlUlMzkiovUlMvUmQSUlMwthNwY0OCUlMvUlQlUlMzFjpE5uoWUyMwIyM0EyMwIyMwIyMxMyMwJupHBJZCUlMvUmQSUlMvUlMvUlQlUlMzymQXBjJTIlJTNBMCUlQlUlMzFjpEJ1ozRfZUyxJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvUlMvUlQlUlMzFjpFN0o3JyVXJfJTIlJTNBJTIlJTIlJTJDJTIlYXBjUHJcqzFwrVBioGywrSUlMvUmQSUlMvUlMvUlQlUlMzFjpEymUGFcZCUlMvUmQSUlMvUlMvUlQlUlMzFjpERyqzVfo3BypvUlMvUmQSUlMvUlMvUlQlUlMzyzYSUlMvUmQSUlMvUlMvUlQlUlMzyzqvUlMvUmQSUlMvUlMvUlQlUlMzF0qHMyMwIyM0EjJTJDJTIlYXBjVzVlp2yiovUlMvUmQSUlMvUlMvUlQlUlMaJyZzVlpzVlJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvUlMvUlQlUlMaBuZ2UyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaq3ql5hZXqmLXN0YXIhY29gJTJGJTIlJTJDJTIlZ2RjpvUlMvUmQTEyMxMyMwJaZHBlQ29hp2VhqCUlMvUmQSUlMvUlMvUlQlUlMzymV2VQYXNmR2RjpvUlMvUmQSUlMwAyMwIyMxMyMwJwY3BuJTIlJTNBMCUlQlUlMzNwpGFDo25mZW50JTIlJTNBJTIlJTIlJTJDJTIlZG9gYWyhJTIlJTNBJTIlq3q3Lz5yq3Mgp3Rupv5wo20yMwIyMxMyMwJ3ZWJmnXRyJTIlJTNBJTIlq3q3LaNyn2yhZG8hY29gJTIlJTJDJTIlp2VwqXJyJTIlJTNBMSUlQlUlMzqyo1NiqXJwZSUlMvUmQSUlMxyQJTIlJTJDJTIlY29jpGEyMwIyM0EjJTJDJTIlqXVcZCUlMvUmQSUlMwY0NDA3YTM5MDI1NDpyMwIyMxMyMwJvoG9wn0JlYW5xplUlMvUmQSU1QvU1RCUlQlUlMzV4qFVmZXJJZHMyMwIyM0EyNUIyN0IyMwJmo3VlY2UyMwIyM0EyMwJcZDUgp3yhYl5wo20yMwIyMxMyMwJ1nWRmJTIlJTNBJTVCJTqCJTIlnWQyMwIyM0EyMwIjJTIlJTJDJTIlYXR5pGUyMwIyM0EkJTJDJTIlZXu0JTIlJTNBJTqCJTIloGyhn1R5pGUyMwIyM0EjJTqEJTqEJTVEJTqEJTJDJTqCJTIlp291pzNyJTIlJTNBJTIlpHVvY2yxLz9lZlUlMvUlQlUlMaVcZHMyMwIyM0EyNUIyN0IyMwJcZCUlMvUmQSUlMzZzZWNyNwp2LTI3NWUgNDM0NS1vNTpjLTI0NTI5NTVvYmBxNvUlMvUlQlUlMzF0rXByJTIlJTNBMSU3RCU1RCU3RCU1RCUlQlUlMz1lYWyxQWkfo3qyZCUlMvUmQTAyMxMyMwJxZWJ1Z0yhZz9loWF0nW9hJTIlJTNBJTIlJTIlJTJDJTIlp2y0ZUyxJTIlJTNBMTE0NTM1JTJDJTIlpHVvoGymnGVlSWQyMwIyM0ElMwImNSUlQlUlMaNwnGFcovUlMvUmQSU3QvUlMaZypvUlMvUmQSUlMwEhMCUlMvUlQlUlMzNioXBfZXRyJTIlJTNBMSUlQlUlMz5iZGVmJTIlJTNBJTVCJTqCJTIlYXNcJTIlJTNBJTIlYW1ypzywYW5bo21yqG93oz1yZGyuLzNioSUlMvUlQlUlMaNcZCUlMvUmQSUlMwAjMDt0JTIlJTJDJTIlnHAyMwIyM0EkJTqEJTJDJTqCJTIlYXNcJTIlJTNBJTIlpHJcoWymLaRyY2tyMwIyMxMyMwJmnWQyMwIyM0EyMwIlMwImNSUlMvUlQlUlMzujJTIlJTNBMSU3RCU1RCU3RCUlQlUlMaJyZ2yiovUlMvUmQSUlMxZSJTIlJTJDJTIlY2FgpGFcZ25mJTIlJTNBJTqCJTIlODM0NTUyMwIyM0EyN0IyMwJ0pzFwn2VlJTIlJTNBJTIlY2FgpGFcZ25GpzVkQ2FjJTNEMCUlNTJGMCUlNzNuoXBunWqhSWQyM0Q4MmQ1NSUlNaNjYWNyMxFxSWQyM0QkNmI1NmAmNCUlMvUlQlUlMaBlZWJcZE5mp3BJozRyrCUlMvUmQTAyMxMyMwJmpGFwZTJBZEyxJTIlJTNBJTIlMTplNTpjMmQyMwIyMxMyMwJxZWFfJTIlJTNBJTqCJTIlnXNSqGJEZWFfJTIlJTNBMCUlQlUlMaJ0YxRyYWkJZCUlMvUmQSUlMvUlMvUlQlUlMaJ0YyNyYXRJZCUlMvUmQSUlMvUlMvU3RCUlQlUlMaJ0YyqTZWF0JTIlJTNBJTIlJTIlJTJDJTIlY2FgpGFcZ25JZCUlMvUmQTtmNDU1JTJDJTIlY2FgpGFcZ25TY29jZSUlMvUmQSUlMaB1YzkcYlUlMvUlQlUlMzyhqGVlozFfQaV5ZXJVnWQyMwIyM0EyMwIyMwIyMxMyMwJynWROYW1yJTIlJTNBJTIlrWFbo28hY29gJTIlJTJDJTIlYWRVp2VlSWQyMwIyM0EmMTAmMSUlQlUlMzJwYXQyMwIyM0EyMwIyMwIyMxMyMwJvYXNyRzkio3IyMwIyM0EjLwt0JTJDJTIlZXu0JTIlJTNBJTqCJTIlpGFlqG5ypvUlMvUmQSUlMwElOCUlMvUlQlUlMaJyqyNbYXJyJTIlJTNBJTIlMS4jMCUlMvUlQlUlMaBfYWNyoWVhqEyxJTIlJTNBJTIlOGE5Nwx1ODIjMTqzN2ZxYzU2YWRxYmJvNwVwYTAjMTAyMwIyMxMyMwJupHBJZCUlMvUmQSUlMwuuOTY5MDUmMDE3ZwqzZGJyMGU1ZGMlYWZxZWQjMDBxJTIlJTJDJTIlpHVvSWQyMwIyM0EyMwJQpzygnXNUq29IQvUlMvU3RCUlQlUlMzJ1rWVlVWyxJTIlJTNBJTIlJTIlJTJDJTIlpzVzZXJyozNySWQyMwIyM0EkJTJDJTIlYzyxZzkio3IyMwIyM0EyMwIjLwt0JTIlJTJDJTIlp2NbYWyhJTIlJTNBJTqCJTIlqzVlJTIlJTNBJTIlMS4jJTIlJTJDJTIlY29gpGkyqGUyMwIyM0EkJTJDJTIloz9xZXMyMwIyM0EyNUIyN0IyMwJup2xyMwIyM0EyMwJuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTIlJTJDJTIlp2yxJTIlJTNBJTIlMDAjODQyMwIyMxMyMwJbpCUlMvUmQTEyN0QyMxMyN0IyMwJup2xyMwIyM0EyMwJjpzygnXMhqGVwnCUlMvUlQlUlMaNcZCUlMvUmQSUlMwIlMwM1JTIlJTJDJTIlnHAyMwIyM0EkJTqEJTVEJTqEJTqEJTqEJTJDJTIlpGkuY2VgZW50Q2F0JTIlJTNBJTVCJTIlSUFCMTEyMwIyNUQyMxMyMwJjoGF5YzFwn21yqGuiZCUlMvUmQSU1QwYyNUQyMxMyMwJhYXZcZ2F0o3JMYW5aqWFaZSUlMvUmQSUlMzVhJTIlJTJDJTIlpGFaZWNuqCUlMvUmQSU1QvUlMxyBQwEkJTIlJTVEJTJDJTIlY29hqGVhqGNuqCUlMvUmQSU1QvUlMxyBQwtyMwIyNUQyN0Q%3D%5C%22%22%7D
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_8.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:12 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.news-star.com
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: NIiPqDUUx5So89w3NszqlLopEU4437cgG9nhUvRQXu2mTKMGQsfrFw==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame F2C6 0
118 B 130ms
78ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_8.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.news-star.com
date: Wed, 19 Apr 2023 23:33:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 liveView.php
live.primis.tech/live/ 43 B
473 B 21ms
21ms Image
image/gif 2600:9000:2251:1800:1a:5235:f980:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwtkOTQ3MTxmJaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTplNTpjMmQzrD0mNDMzrT0kOTMzoXN0YT0kNmI1NwxlNlZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9jYXNmRG9gYWyhPXq3ql5hZXqmLXN0YXIhY29gJaN1YxyxPXq3ql5hZXqmLXN0YXIhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0lYTAjJTNBYmx4JTNBMwAmMCUmQWEjMDQyM0EkJTNBJTNBMTIzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTElLwAhNTYkNS4kMwEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY0NDA3YTM5MDI1NDpzpaZhPSR7VyBsUyZOX01BQ1JPsSZuqHRyoXB0TXVfqGyjoGyypw0lMCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZjoGFwZW1yoaRTqHJyYW1UrXByPTMzp3NjX2y1pm0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2ODE5NDpkOTMlMmYzqWyxPVNyn2yhZG9TUGkurWVlNwQ0MDquMmxjOTQ2NlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phozV3pl1mqGFlLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:1a:5235:f980:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:13 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
x-amz-cf-id: -kxNvZSEuewS4MB1o4WR9IPmDFJWerGktSY2VtncrrwAlUI6H47zhA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame F2C6 6 KB
3 KB 30ms
12ms XHR
application/javascript 13.224.192.181

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding: gzip
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
date: Wed, 19 Apr 2023 23:33:13 GMT
x-amz-cf-pop: FRA2-C1
age: 23489
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 13 Apr 2023 22:29:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: MLfyg8L_w_j-tBxfWAmFTFpjIyA3sb9LBPUQMg67p0AeatPHC3llxQ==

GET
H2 200 vid6398b0c65ea58109979579.jpg
video.primis.tech/uploads/cn19/video/users/converted/22235/video_5df2c67d5a683172725343/ 18 KB
18 KB 10ms
10ms Image
image/jpeg 2600:9000:236e:3e00:1:6448:6d00:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn19/video/users/converted/22235/video_5df2c67d5a683172725343/vid6398b0c65ea58109979579.jpg?cbuster=1670951117
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 9dff86236cf2576cf2a6087ddf3031e7f90c9d486434cf8771c7c587cfc7a43f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news-star.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:16:06 GMT
via: 1.1 216f781ed7a0653429ac7a72888ca4c4.cloudfront.net (CloudFront), 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO5-C1, FRA60-P1
age: 58626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17935
last-modified: Tue, 13 Dec 2022 17:06:38 GMT
server: nginx
etag: "ced65071a09b4ec24bde7e7369f0380b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Civa3LyQoUkazypjbxHqyIv7X9EYO34CziHAJvVouSsm9pWVFh7fFA==
expires: Thu, 20 Apr 2023 07:16:06 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 23 B
527 B 83ms
26ms XHR
application/json 216.52.2.16

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d65444050dd5572df82f27fca3c960e883d333c4f7d84552b007756d1728610c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 19 Apr 2023 23:33:13 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.news-star.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

GET
H2 200 arj Show response
justapinch-com-d.openx.net/w/1.0/ 174 B
594 B 136ms
88ms XHR
application/json 34.98.64.218

General

Check archive.org

Show headers Download Go to

Full URL: https://justapinch-com-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.news-star.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=290b04fc-087a-4fb4-b17e-1a07c4653ffe%2C8c564bd3-7072-43c4-b356-dcaf861fa240&nocache=1681947193343&gdpr_consent=&gdpr=0&schain=1.0%2C1!americanhometownmedia.com%2C00084%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=ahm_widg_id_7%2Cahm_widg_id_13&aucs=%2C&auid=558229079%2C558229079
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: b4d43cf1399dfbde3268e511b164fc08fe5205566e15803cfcdf1c357bd0e71c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 23:33:13 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.news-star.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.legacy.com
URL: https://www.legacy.com/api/v1/affiliates/recentobituaries/4506?num=4&photoFirst=False&obittype=1&random=False&callback=legacy.recentObituaries.renderTemplate

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=13781

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.news-star.com/	1969-12-31 23:59:59	Name: pmpro_visit Value: 1
.news-star.com/	1970-01-20 11:13:53	Name: _gid Value: GA1.2.1728648.1681947187
.news-star.com/	1970-01-20 11:12:27	Name: _gat Value: 1
www.news-star.com/	1970-01-20 20:48:27	Name: adatb_user Value: {%22options%22:{%22contrast%22:{%22label%22:%22Default%22%2C%22class%22:%22ll-at-contrast-default%22}%2C%22fontSize%22:{%22label%22:%22Default%22%2C%22class%22:%22ll-at-fontsize-default%22}%2C%22fontFamily%22:{%22label%22:%22Default%22%2C%22class%22:%22ll-at-fontfamily-default%22}%2C%22clickTTS%22:{%22enabled%22:false}}%2C%22uid%22:%22379i9mdne2im507i1kdfs%22}
.publisher.etype.services/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: fa95d55a2ae1564c6e6a97fe8e069a1d7fba7f15f6c59f1b8ad445637c002055
.news-star.com/	1970-01-20 20:48:27	Name: _ga_JZJBN7C7C5 Value: GS1.1.1681947187.1.0.1681947187.0.0.0
.news-star.com/	1970-01-20 20:48:27	Name: _ga Value: GA1.1.1426471298.1681947187
.doubleclick.net/	1970-01-20 20:34:03	Name: IDE Value: AHWqTUn_2DSyoS7y727Ws25Kr6EIc6qF3sYCwucWpsR3mtW115HXuBtUPAAwk0eOks4
.news-star.com/	1970-01-20 20:34:03	Name: __gads Value: ID=36a441adb679e477:T=1681947187:S=ALNI_MYeDExUEp7slK3MdQj_3pSfcdraOw
.news-star.com/	1970-01-20 20:34:03	Name: __gpi Value: UID=00000bd8456e5cdd:T=1681947187:RT=1681947187:S=ALNI_MYjSSbW84Aufj_miB7mMJ5ii2TeGQ
www.news-star.com/	1970-01-20 11:55:39	Name: _pbjs_userid_consent_data Value: 3524755945110770
.news-star.com/	1970-01-20 15:31:39	Name: _pubcid Value: 82d3760e-e910-49d8-a723-11a41cfa6bb6
js.ad-score.com/	1970-01-20 20:48:27	Name: token Value: ekPkQksRKMyEt-rjl0-uHQBnPdBNmany
www.news-star.com/	1970-01-20 11:13:53	Name: pmtimesig Value: [[1681947188536,0]]
data.ad-score.com/	1970-01-20 20:48:27	Name: token Value: KDjPEiVRwTWzU-g91m-UVvbBUnfvsvJB
www.news-star.com/	1970-01-20 11:12:30	Name: _lr_retry_request Value: true
www.news-star.com/	1970-01-20 11:55:39	Name: _lr_env_src_ats Value: false
www.news-star.com/	1970-01-20 12:38:51	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-04-19T23%3A33%3A10%22%7D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.legacy.com/api/v1/affiliates/recentobituaries/4506?num=4&photoFirst=False&obittype=1&random=False&callback=legacy.recentObituaries.renderTemplate Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://web1.etypeservices.com/wp-content/uploads/2021/11/ADA-Compliant-Logo.png Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security	error	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: Refused to create a worker from 'blob:https://www.news-star.com/75e94ec8-466f-4631-b7a5-9b180bad6ad2' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' https:". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
javascript	error	URL: https://www.news-star.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://www.news-star.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13781 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' https: blob:; frame-src 'self' 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

717e97e007385bbc99c6c3935e9d7760.safeframe.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
analytics.cherryroad.com
ap.lijit.com
api.rlcdn.com
assets.revcontent.com
c.amazon-adsystem.com
cdn.confiant-integrations.net
cdn.revcontent.com
data.ad-score.com
etypeproductionstorage1.blob.core.windows.net
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hbopenbid.pubmatic.com
id.crwdcntrl.net
id5-sync.com
images.revcontent.com
img.revcontent.com
japfg-trending-content.appspot.com
japfg-trending-content.uc.r.appspot.com
js.ad-score.com
justapinch-com-d.openx.net
lexicon.33across.com
lh3.googleusercontent.com
live.primis.tech
match.adsrvr.org
news-star.com
pagead2.googlesyndication.com
publisher.etype.services
region1.google-analytics.com
securepubads.g.doubleclick.net
static.addtoany.com
tpc.googlesyndication.com
trends.revcontent.com
video.primis.tech
web1.etypeservices.com
www.americanhometownmedia.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.justapinch.com
www.legacy.com
www.news-star.com
yeet.revcontent.com
api.rlcdn.com
www.legacy.com
104.17.189.220
13.224.192.181
130.211.10.17
130.211.115.4
15.197.193.217
151.139.128.10
162.19.138.116
185.64.189.112
2.19.228.187
20.150.38.36
20.40.202.28
2001:4860:4802:34::36
207.228.225.157
216.52.2.16
2600:1901:0:8344::
2600:9000:20eb:4e00:a:deb0:3380:93a1
2600:9000:2251:1800:1a:5235:f980:93a1
2600:9000:236e:3e00:1:6448:6d00:93a1
2606:4700:10::6816:46c5
2606:4700:4400::ac40:99f6
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2014
2a00:1450:4001:829::2002
2a00:1450:4001:829::2014
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2008
2a02:2638:d::d
34.120.58.62
34.98.64.218
52.51.99.213
54.72.3.113
66.148.122.12
00573904e0947050a672688a2de7001e7919dee72aeaca2ca76a019769bf779a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
084dc9ea95c46384ce7f7e88f6b97b9f6f1dc853452d38381b60d6fc4b98f963
12be5269d1c647a670d6a50d937f69600e1081cf5a8296fcba0928871f4fa82a
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1712db2ac9948f052b629d35a83530960b4f24075b69c2a8b3f7323697f20235
173ca12c53dbd825fa2484f65be9d4fe19c8018f07ecd1f9333e51abed034c45
1826f8bc556f194624de10594632b35f2298b415d9fb88e6ffb8a93412425f11
1c468f25c66a9aeaa637ca5244f64ec7f967734b2dc2aa92b667cf5316155e81
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1ea16400c53948fa1d1085f256fb9eae337236bc98bc1d4ae95ddd166e827586
21a4e261b3c98c9ab9cf3de0ad7c1d1ce420fd0c09f62c5a3b31adbae7bb7bdd
223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3
22f646842a87b1c04b83841a9b24b5c9c19ffb2008cb5333ebc364ae78bd38f4
233696a35bae0b239911dab07d77ee042651199052127cd5dceae5ada3752909
257206c4fd6bcee36927eb0ef2ba087b5dfc6c9a18df7f8553878bf847616226
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2925c2fd78a8545613e05e65a62920991b7697337d7df6dd7f298298c314c3c0
2abaa2f7540612cb9e838187f9ce81e7f6b86f44bedbb95dbc0ea05375808227
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3286819eba3fa0acba629da69c91bbf88e23fdd122066a89fa9effc2c10f2273
38587d14ecdbee0b173c6773618ab712a02d30f4e8effa50d4ce23dbdafb2cc3
3a2feb24b56b82ab902175a0f2dac33c8959b6565ecbc82967cfb14c91b3ce0f
3a3b8f1947675166325e8785c1058e7d8a2a1946f33a67e0fedb5c0b0ec2a16d
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
3b3899ea841a84cde911289630296902bde119aa0e3f3b91b5e7e732ed76cca2
3f84897d884f47f9c98b1656962479b41fde99934e6a3abae8128995b7d81f7b
40151d802d9a94b8b02f5e3a46e99997ef5a258e808a811c0b6d982e6d0d6668
4081306e365ebaa5a82ac37991f041a39b5e20cbd5722b4b7e055a330ad33e02
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48b2d240737cceb970b7b3ef8b86aef31f321c9d51f0af1fa1f4c68544e5d498
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85
4cbe7bb9745de687f607acc1ead1b089df44b5cce93a66242963b53805b9e972
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
50c9201fab5a8a851d4a225b1fdb97338c461b2aaee7357c235f26dfa7126168
5316717f872a3b46022c0c6b37009e1a18df8809a0cd70a58d8c47fd97f9919c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6198906618e16d690a96c26c2b84c2f3f1914b5378934bbb0e98571bf7d2ef2a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64e55dc5b89312f03ebd2518b510b5a35ce9cf9fed2040a615bc26db5ead101a
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
68234bdd5e6c3a1697ac661488508e67a305b533b2010eb6d62ee1a1d1cba936
69647234c8d375daf4e6dd3f1e77696130b93de45c0e0782f532072f0db6b84e
6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e
6b795217fa0b8bc28fac5f730b95b12d32163719b677218a42fcbf255df7b64b
6c958b3ea583cf0a2e50ee6ad6e8ef42ddd4b8269d760492fbd6d6dcc956d51d
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
6f14b91b14c4637a27cb6b6173683cb02c0244fd40c6025d2bfbe50722c6ec33
6f6264f04d843c514e8b7a830c18a6ac059bf15f500ea1b8d37a619e84e71f85
6fc2a0bea2cda2fcc7e53732f4cc0730e67278ce60df27bb46b24ea08e4ae2dd
704e114e54b10c3d540803bd4d7ae85d8f8b6cf3f28e092fb7d4e19649edbc3c
71a694292b2eacfe4de8fcd9ac5fdbc39299c0deb51f90632160e3ec1fbc7455
7353f38aea7531cf75b6956444c88ad39ef2a01de31d30c39322a5c084c034db
73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd
742f8b6353637386a4c7f07fffcb68f3200f560276bd69a24f1f604f05234f5c
7548c2065ae21660aea80c5c9fb4dbf15fd8bfa668d7574a5b34e038cc38c32e
75e1b1dfdbdad530be5fca03b82a526fd133f241b5d66d49d2c4e6dc5eeea4b4
77f1a877bb9db6390e51f4955c0c2c6cdc526fc72e10e71704a458337a84f6d2
79667d73e01957bf9a1ec39fa698272189513be7f0fecad9ebb19d3dca73a684
79c13ed25a7b0cf178f41ce901f34d65f16245a18a3cc10b5fd08935e34da371
7b29ff7bf8060330b652f7427194b93593e9f54cc8021130a0f6ddd337a01a57
7d0bb20c632bb59e81a0885f573bd2173f71f73204de9058feb68ce032227072
7d46496177f660fe1c4d3b3be0361fefa1a4fc87665736441f5234ea8ee9c762
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
80c5630bd998428bbd2d4fe7f03d70379900fa22a0208cd0d5d279b3373d1f8a
83f2f162f1f1fd6ca3bfe7bd1898836ecaa17998ad6c7aef61574aeed93d7066
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88ad4d37f6492e16332932f9a6fb34b7f466b9766c5aa0fe6b5cd9b78968e466
894011cff758a43f1db57b26424ea2befcdc85b25e09c91e139040a22cb10e7f
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8cea4563c715980dcdc3270e88fe6c3bf9e968679e2e937853073d73d9bd16ac
8ed644a7ac423794f1438a7852f4c91d6a49a34715f00a0b070bc2fa65b98daf
901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe
90db7c2929c1f8fa3cb7be282e5c88ce131312749bb86d8eed33f6757e57f772
911d7e1d5185c15f5233f33d3eb6b1ebd2035f30c8c5eb6f86d7d52f0a1dfcea
914cb6fe13efdf97379c1a2910d677144821201ff3f41b67a5a6ddb367e1a27b
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
95c31562dc3b3fc49d6c2f9ac9e1c28ca60ed70c27aae32fac27dde4d4f1c955
981cbb443b687a8a75cd46f5ba465b14f93288ede3ad28e40510397a69b00e36
9ab2aae1e13e9678b5ff7477eb2376325e1793cd3dceeed0b980d6c59522828c
9ac5a7ed180980e32f7784d9aca819bc93d7906f2d17f24070433983b5f4728d
9dff86236cf2576cf2a6087ddf3031e7f90c9d486434cf8771c7c587cfc7a43f
9e33938e78a752de61dc41342b8dded449abd1b89283c9e60b55d4e27bf26076
a19a356741e542145b8c793af8228b24fe2a829d0c23c77c3c104b192c1c45bc
a1fdff4f56776081bad6c396fe97e047efbc2614f46c75de306ddf0ae6a59de7
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3024b9f4a8863af77a271745a863f6241c1724ba82c88ee694792de008b556a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a44b1d47983a8562bab76664d05f8800b11ee06e0a0a3aaae142ec8c89c0edeb
a4935d49528d0a5a6b2444b81c23246aac70cb7a9a7d64e2da2af33aac28611f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f4341c04d4c1e2403520f89ab9c545073062f1f958e7f2bcbe1b6d531766ec
a748372cf228deacc6dd8ffebd2738049532244bebe54d2a857105d68f56bb65
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
acd2d49d3d35234b751a11a6f6058bc7a7b583d9ae90a4558abe5c20eb358971
ae5e8b709455fcc6d0c794c6dcdadef5d38438725e865856d35d6a117ce8b525
b2d12c137666d74f87b9ab3c779b4fac5eb51d9c1cf084a4dffc2f4fddba64d4
b387236b9d741df5f1011ecbbc45bf92f3ba7bbb5671531d34c33562684113af
b4d43cf1399dfbde3268e511b164fc08fe5205566e15803cfcdf1c357bd0e71c
b637638d704015822114b8c9c1f726b106517e106b5fca956dcf4ea3148126ad
b6dcca3034056688691afb759a5900f22c16648c2f09bbc17b02afbf859d2de6
b757a0dee6c422633be4a50591ef9b24d0d784ef79308f547bbe7c58211d03bf
b808d20a01170f042d1d5dca1f9fced55f903f08d82a7bdc6ab4aefc3c5bb5e5
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bdc8bbcee8aa8d0e278356b12835283889e961e6d1c044bf2f1e2acd87046332
bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2
bfb31a9a54357a5189b69febe6c2bf42581a8c94220ca4d90d5efa7febe1f571
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c169e91e4593c5a08e3ed9c64cca4dd4a5d16b9f3c4e40be881dda25e40514eb
c23424ac891c95e2607e6da526bc4910b9aa2b2532cb432733adb5372c8efb63
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
ca5567c5403ebe82f9cd64ced3aa8a275e568eb4954e0462e0c201d0544ab076
cc1f3360b946e8036a2c1043c8ef263954fc238a153773cd7b709780f391c479
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ceb731414616837d5947ccd22c0f009ddc9cc7b4730a4932f9debde250e9c471
cf4a1a351a1fb887cb118f334763ba492b4a604f4d7a56b41dc7596a940f0bdf
d01e47bb8834a14c76103f00ca2a152e044aaf4a352d94862c6ab459d1e3ff57
d04408d5ad5dd8169fec9d83452c699857c6a511da03ca28c57aa44869773ad5
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d10876ad6dbebeba44dc403c0808dde6863a3996f9030609b313c53c13a23799
d433cb148eb4eef9efc4e68cf9a57bc9ab93b6a8b6834bbe1ad8a812c2570500
d65444050dd5572df82f27fca3c960e883d333c4f7d84552b007756d1728610c
d78ccfcc7808614d9f6dec910d68b156eff47813aa843603bf7dc17e0b2381d2
d9788f957a0264a11cf4beeac5436e49aa2b908d80c60bcf6681a4e4e8113318
e13491499f5b076127246b7d73d8a4e086307134f138d0bf66655bd26eacc7a0
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b51420d0d2ec905c232e07b8c28926305a18268dbc98e5134b0d172e0f340c
e518db1e1833f09a135991b298388dfc9316d191df321185fcd2c9e96f2b776c
e6347309453f94375e038094fca0441218e992441dfb54ed0fbc4a047d45db22
e66712f5ef206abf93cc3fc6b5b2cba276ccf8db3b159cf70793f639d751b90e
e75a9a7ddc551ab27abfa4c3c85970e42e5f2e7349afe651db1fda8912cc8929
e835a77d111f81e55a5d5262856528c470f9547493726053f0c73871fe3c6e35
e8a2b59ba6284dd0b365349f4587e5cd1fa5dd4e9d3dd246bd4f562e0af26d2a
e9d9c73303f3f01bf623e1a7f11a44b2d1a9c1c0ed263cbde30afbbc786e6fa8
eb71fa34962dd68703df6691338fa645cf32299171e17c74be69c55812efbe3c
ed0791d2019df55609fed92dbd4d8ecef07c3e556aca283d7a8e1aabdfbdfef4
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ee35c2f04d0b8bf3a32e8102128ffe1d827c962666cc8352ccef83477f570c4f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d839ec6de5b5f24e4bbefacfac47176219210c6b1493b7457a1b62079823ce
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
f9d46ca57e0b35c07ed7c77f780f2c4dc9076c6aec6cf4a7a2c3c28ea5ff8fdd
fcb936c1a106e65cc9e27d69e59da286dc6a7bdaeba7ce603177f509d1fc4639
fe65e8f74381d5afc5a63c298f62b26c4b68531e9e2792e6fa63f4af24842596
feb53de7103cfe17c2e2a4468dfd1c7c54250b52f433f033b16f1dc89e4d5de5
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.news-star.com Open in urlscan Pro 66.148.122.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

204 Requests

99 %HTTPS

56 %IPv6

34 Domains

48 Subdomains

42 IPs

5 Countries

6231 kBTransfer

12189 kBSize

18 Cookies

20 Outgoing links

Page URL History

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.news-star.com Open in urlscan Pro
66.148.122.12 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

99 %
HTTPS

56 %
IPv6

34
Domains

48
Subdomains

42
IPs

5
Countries

6231 kB
Transfer

12189 kB
Size

18
Cookies

204 HTTP transactions
5 data transactions