urlscan.io logo urlscan.io
SecurityTrails logo

www.staradvertiser.com Open in urlscan Pro
34.68.132.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.staradvertiser.com/
Effective URL: https://www.staradvertiser.com/
Submission: On April 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 128 IPs in 8 countries across 94 domains to perform 771 HTTP transactions. The main IP is 34.68.132.100, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.staradvertiser.com. The Cisco Umbrella rank of the primary domain is 107252.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 29th 2022. Valid for: a year.
This is the only time www.staradvertiser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 79 34.68.132.100 15169 (GOOGLE)
17 2600:9000:224... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:226... 16509 (AMAZON-02)
1 23.35.237.64 16625 (AKAMAI-AS)
1 2a04:4e42:e00... 54113 (FASTLY)
13 2a00:1450:400... 15169 (GOOGLE)
1 54.214.32.184 16509 (AMAZON-02)
6 52.217.87.156 16509 (AMAZON-02)
13 34.96.77.232 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
18 2606:4700:303... 13335 (CLOUDFLAR...)
3 18.66.248.111 16509 (AMAZON-02)
2 35.184.218.133 15169 (GOOGLE)
1 22 2a00:1450:400... 15169 (GOOGLE)
2 8 2606:4700::68... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
4 23.35.236.201 16625 (AKAMAI-AS)
19 65.9.66.173 16509 (AMAZON-02)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
1 18.66.242.20 16509 (AMAZON-02)
1 3 13.32.99.23 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
5 54.183.116.163 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
10 2a04:4e42:200... 54113 (FASTLY)
5 6 2600:9000:215... 16509 (AMAZON-02)
3 6 2a02:2638::1c 44788 (ASN-CRITE...)
6 178.250.2.146 44788 (ASN-CRITE...)
1 52.88.84.193 16509 (AMAZON-02)
1 52.160.40.218 8075 (MICROSOFT...)
8 2a00:1450:400... 15169 (GOOGLE)
64 142.250.185.194 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2 107.178.250.234 15169 (GOOGLE)
1 143.204.202.12 16509 (AMAZON-02)
7 99.86.7.88 16509 (AMAZON-02)
7 108.157.4.74 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f12... 32934 (FACEBOOK)
1 50.16.121.35 14618 (AMAZON-AES)
5 2600:9000:249... 16509 (AMAZON-02)
3 54.210.75.204 14618 (AMAZON-AES)
6 2600:9000:231... 16509 (AMAZON-02)
2 35.244.184.131 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 204.237.133.116 62713 (AS-PUBMATIC)
1 216.58.212.134 15169 (GOOGLE)
1 23.35.237.86 16625 (AKAMAI-AS)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 185.59.220.193 60068 (CDN77 ^_^)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
1 143.204.98.65 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.196.36.29 14618 (AMAZON-AES)
1 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
4 18.207.20.6 14618 (AMAZON-AES)
1 52.1.176.199 14618 (AMAZON-AES)
3 2600:9000:205... 16509 (AMAZON-02)
12 151.101.65.194 54113 (FASTLY)
2 52.204.11.137 14618 (AMAZON-AES)
19 20.60.81.107 8075 (MICROSOFT...)
1 51.89.21.5 16276 (OVH)
1 54.154.13.151 16509 (AMAZON-02)
3 35.71.131.137 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
3 108.157.4.91 16509 (AMAZON-02)
1 2a00:1450:401... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 104.89.31.187 16625 (AKAMAI-AS)
3 46.105.202.126 16276 (OVH)
61 2a00:1450:400... 15169 (GOOGLE)
1 2602:803:c003... 26667 (RUBICONPR...)
1 178.250.2.131 44788 (ASN-CRITE...)
3 185.33.220.100 29990 (ASN-APPNEX)
1 213.19.147.42 3356 (LEVEL3)
2 216.52.2.39 29791 (VOXEL-DOT...)
1 34.98.64.218 15169 (GOOGLE)
2 23.32.59.34 16625 (AKAMAI-AS)
1 3.121.204.40 16509 (AMAZON-02)
1 99.86.7.126 16509 (AMAZON-02)
1 13.226.132.97 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
2 2a04:4e42:3::720 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.255.62.202 36483 (GOSSAMERT...)
2 2a02:2638::2 44788 (ASN-CRITE...)
4 2a02:2638:1::4 44788 (ASN-CRITE...)
2 178.250.2.129 44788 (ASN-CRITE...)
2 3 185.64.190.79 62713 (AS-PUBMATIC)
2 10 142.250.185.98 15169 (GOOGLE)
1 1 185.64.190.80 62713 (AS-PUBMATIC)
1 34.120.58.62 15169 (GOOGLE)
28 2a02:2638::3 44788 (ASN-CRITE...)
4 178.250.2.148 44788 (ASN-CRITE...)
4 178.250.2.150 44788 (ASN-CRITE...)
21 2a00:1450:400... 15169 (GOOGLE)
13 178.250.0.139 44788 (ASN-CRITE...)
2 2600:1901:0:7... 15169 (GOOGLE)
28 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3.123.114.98 16509 (AMAZON-02)
2 4 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 213.155.156.168 1299 (TWELVE99 ...)
1 35.186.253.211 15169 (GOOGLE)
1 1 23.35.228.23 16625 (AKAMAI-AS)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 216.200.232.253 30419 (MEDIAMATH...)
1 1 151.101.66.49 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 185.64.190.78 62713 (AS-PUBMATIC)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
8 8 84.200.5.215 44066 (DE-FIRSTC...)
4 78.46.85.162 24940 (HETZNER-AS)
1 52.28.203.152 16509 (AMAZON-02)
1 178.162.133.150 60781 (LEASEWEB-...)
4 46.236.13.147 12703 (PULSANT-AS)
2 143.204.202.116 16509 (AMAZON-02)
4 54.76.212.160 16509 (AMAZON-02)
771 128
79    34.68.132.100 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 100.132.68.34.bc.googleusercontent.com
www.staradvertiser.com
17    2600:9000:224a:f400:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2a02:26f0:3500:7::17d8:4dca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
6    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:2156:8e00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2600:9000:2260:e200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
1    23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com
s.ntv.io
1    2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
13    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    54.214.32.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-214-32-184.us-west-2.compute.amazonaws.com
staradvertiser-hi.newsmemory.com
6    52.217.87.156 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
sa-media.s3.amazonaws.com
recruitology-static.s3.amazonaws.com
13    34.96.77.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.77.96.34.bc.googleusercontent.com
origami.secure.ownlocal.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
18    2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
3    18.66.248.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-111.dus51.r.cloudfront.net
widgets.recruitology.com
2    35.184.218.133 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 133.218.184.35.bc.googleusercontent.com
dining.staradvertiser.com
hawaiirenovation.staradvertiser.com
22    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
11    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
19    65.9.66.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-173.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2a02:26f0:f7::5c7b:e01c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
4    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:224a:5000:14:c3e7:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aamcftag.aamsitecertifier.com
1    18.66.242.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-20.dus51.r.cloudfront.net
d2na2p72vtqyok.cloudfront.net
3    13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
5    54.183.116.163 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-116-163.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
9    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
10    2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
prd.jwpltx.com
6    2600:9000:2156:8c00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
6    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    52.88.84.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-84-193.us-west-2.compute.amazonaws.com
aamcf.aamsitecertifier.com
1    52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.cityspark.com
8    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
64    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
10    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    143.204.202.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-12.fra53.r.cloudfront.net
ecdn.analysis.fi
7    99.86.7.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-88.fra6.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
7    108.157.4.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-74.dus51.r.cloudfront.net
ats.rlcdn.com
2    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    50.16.121.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-121-35.compute-1.amazonaws.com
ping.chartbeat.net
5    2600:9000:2491:3600:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
3    54.210.75.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-75-204.compute-1.amazonaws.com
geoip.instiengage.com
6    2600:9000:2315:6800:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
2    35.244.184.131 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 131.184.244.35.bc.googleusercontent.com
snowplow.ownlocal.com
2    2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
4    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    204.237.133.116 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    216.58.212.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f6.1e100.net
ad.doubleclick.net
1    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
6    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
2    185.59.220.193 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-601.bunnyinfra.net
cdn.materialdesignicons.com
4    2606:4700:3037::6815:8fa (United States)

ASN13335 (CLOUDFLARENET, US)
rsms.me
2    2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
1    143.204.98.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-65.fra50.r.cloudfront.net
geo.privacymanager.io
4    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    34.196.36.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-36-29.compute-1.amazonaws.com
www.i.matheranalytics.com
1    2a02:26f0:64::210:6bc1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csp.azureedge.net
4    18.207.20.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-20-6.compute-1.amazonaws.com
geoip.insticator.com
b2c.insticator.com
1    52.1.176.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-176-199.compute-1.amazonaws.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com
3    2600:9000:2057:f200:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
12    151.101.65.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
2    52.204.11.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-11-137.compute-1.amazonaws.com
event.insticator.com
19    20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
citysparkstorage.blob.core.windows.net
1    51.89.21.5 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p38.id5-sync.com
id5-sync.com
1    54.154.13.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-13-151.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
3    108.157.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-91.dus51.r.cloudfront.net
get.s-onetag.com
1    2a00:1450:401b:800::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
11    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
3    104.89.31.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-31-187.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
3    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
61    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
3    185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    213.19.147.42 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
2    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
firstimpression-d.openx.net
2    23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    3.121.204.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-204-40.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    99.86.7.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-126.fra6.r.cloudfront.net
onetag-geo.s-onetag.com
1    13.226.132.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-97.dus51.r.cloudfront.net
signal-beacon.s-onetag.com
3    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-kube-ownlocal.cloudfunctions.net
2    2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)
images.unsplash.com
3    2a00:1450:4001:808::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
5    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.255.62.202 (London, United Kingdom)

ASN36483 (GOSSAMERTHREADS, CA)
tradehouse.advertserve.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
4    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    178.250.2.129 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
10    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    34.120.58.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.58.120.34.bc.googleusercontent.com
americanhometownmedia.com
28    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
4    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
21    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
28    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    3.123.114.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-114-98.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
4    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    213.155.156.168 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
cs.media.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    216.200.232.253 (Monrovia, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
8    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
4    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.o2online.de
partner.blau.de
1    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
4    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
2    143.204.202.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-116.fra53.r.cloudfront.net
analytics.webgains.io
4    54.76.212.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
93 googlesyndication.com
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
682 KB
81 staradvertiser.com
www.staradvertiser.com — Cisco Umbrella Rank: 107252
dining.staradvertiser.com — Cisco Umbrella Rank: 582301
hawaiirenovation.staradvertiser.com — Cisco Umbrella Rank: 585381
932 KB
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
ad.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
static.doubleclick.net — Cisco Umbrella Rank: 340
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
605 KB
45 criteo.net
static.criteo.net — Cisco Umbrella Rank: 632 Failed
csm.eu.criteo.net — Cisco Umbrella Rank: 7420
pix.eu.criteo.net — Cisco Umbrella Rank: 7400
358 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 2723
ad4m.at — Cisco Umbrella Rank: 2329
assets.ad4m.at — Cisco Umbrella Rank: 36633
527 KB
26 google.com
www.google.com — Cisco Umbrella Rank: 4
adservice.google.com — Cisco Umbrella Rank: 77
38 KB
26 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
847 KB
25 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 383
mug.criteo.com — Cisco Umbrella Rank: 2668
bidder.criteo.com — Cisco Umbrella Rank: 758
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13058
ads.eu.criteo.com — Cisco Umbrella Rank: 7422
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11325
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9555
139 KB
21 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 282
fonts.googleapis.com — Cisco Umbrella Rank: 46
jnn-pa.googleapis.com — Cisco Umbrella Rank: 272
storage.googleapis.com — Cisco Umbrella Rank: 492
151 KB
20 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
706 KB
19 windows.net
citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 30862
705 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 302
241 KB
18 gstatic.com
www.gstatic.com
fonts.gstatic.com
547 KB
18 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 10726
9 KB
15 ownlocal.com
origami.secure.ownlocal.com — Cisco Umbrella Rank: 68340
snowplow.ownlocal.com — Cisco Umbrella Rank: 98439
563 KB
12 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1576
460 KB
11 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 461
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457
image8.pubmatic.com — Cisco Umbrella Rank: 605
image2.pubmatic.com — Cisco Umbrella Rank: 898
image6.pubmatic.com — Cisco Umbrella Rank: 622
246 KB
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 238
85 KB
9 instiengage.com
geoip.instiengage.com — Cisco Umbrella Rank: 24234
auth.instiengage.com — Cisco Umbrella Rank: 20377
77 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 92
746 KB
8 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1312
api.rlcdn.com — Cisco Umbrella Rank: 821
263 KB
8 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436
610 KB
7 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 17877
cdn.firstimpression.io — Cisco Umbrella Rank: 18219
332 KB
7 amazonaws.com
sa-media.s3.amazonaws.com — Cisco Umbrella Rank: 326853
recruitology-static.s3.amazonaws.com — Cisco Umbrella Rank: 199232
h99w9l39sa.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 28400
324 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19570
api.webgains.io — Cisco Umbrella Rank: 54577
103 KB
6 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 22050
b2c.insticator.com — Cisco Umbrella Rank: 17615
event.insticator.com — Cisco Umbrella Rank: 16733
4 KB
6 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3195
165 KB
6 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2361
4 KB
6 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 942
137 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 343
112 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3573
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4347
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4559
30 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5383
adservice.google.de — Cisco Umbrella Rank: 7579
2 KB
5 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2551
238 KB
5 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1183
3 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 510
p.typekit.net — Cisco Umbrella Rank: 625
38 KB
4 webgains.com
track.webgains.com — Cisco Umbrella Rank: 41028
175 KB
4 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 63407
2 KB
4 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 65798
1 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 824
s.tribalfusion.com — Cisco Umbrella Rank: 2497
2 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98327
static-de.ad4mat.net — Cisco Umbrella Rank: 147569
8 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 699
cdn.id5-sync.com — Cisco Umbrella Rank: 1681
34 KB
4 rsms.me
rsms.me — Cisco Umbrella Rank: 15619
449 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 897
70 KB
4 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 12903
www.i.matheranalytics.com — Cisco Umbrella Rank: 13892
42 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
40 KB
3 cloudfunctions.net
us-central1-kube-ownlocal.cloudfunctions.net — Cisco Umbrella Rank: 98346
543 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
2 KB
3 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1654
51 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
639 B
3 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 107
67 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 137
2 KB
3 recruitology.com
widgets.recruitology.com — Cisco Umbrella Rank: 149120
12 KB
3 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1381
cdn.polyfill.io — Cisco Umbrella Rank: 2363
1 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1216
mab.chartbeat.com — Cisco Umbrella Rank: 2301
24 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 682
66 KB
2 blau.de
partner.blau.de — Cisco Umbrella Rank: 92681
3 KB
2 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 75750
3 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 769
r.turn.com — Cisco Umbrella Rank: 3288
869 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5130
720 B
2 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1914
690 B
2 unsplash.com
images.unsplash.com — Cisco Umbrella Rank: 4678
158 KB
2 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 463
671 B
2 openx.net
firstimpression-d.openx.net — Cisco Umbrella Rank: 50206
rtb.openx.net — Cisco Umbrella Rank: 1537
734 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 607
1 KB
2 materialdesignicons.com
cdn.materialdesignicons.com — Cisco Umbrella Rank: 23048
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
114 KB
2 aamsitecertifier.com
aamcftag.aamsitecertifier.com — Cisco Umbrella Rank: 63068
aamcf.aamsitecertifier.com — Cisco Umbrella Rank: 36322
26 KB
2 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 35975
p.cityspark.com — Cisco Umbrella Rank: 24444
22 KB
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1668
738 B
1 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 846
297 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
577 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 576
537 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 445
861 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1824
1 KB
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 21283
522 B
1 americanhometownmedia.com
americanhometownmedia.com — Cisco Umbrella Rank: 51448
104 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2791
82 B
1 advertserve.com
tradehouse.advertserve.com — Cisco Umbrella Rank: 92926
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
39 KB
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1787
164 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1334
178 B
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 458
1 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1709
343 B
1 azureedge.net
csp.azureedge.net — Cisco Umbrella Rank: 34562
61 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 212
6 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1433
592 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1340
3 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1170
201 B
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 22035
5 KB
1 newsmemory.com
staradvertiser-hi.newsmemory.com — Cisco Umbrella Rank: 361059
37 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3577
115 KB
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 3264
44 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
771 94
Domain Requested by
79 www.staradvertiser.com 1 redirects www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
61 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.staradvertiser.com
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
tpc.googlesyndication.com
d3plfjw9uod7ab.cloudfront.net
7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
45 securepubads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
www.googletagservices.com
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
d3lcz8vpax4lo2.cloudfront.net
securepubads.g.doubleclick.net
28 static.criteo.net ecdn.firstimpression.io
ads.eu.criteo.com
22 www.google.com 1 redirects www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
www.youtube.com
www.google.com
securepubads.g.doubleclick.net
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
tpc.googlesyndication.com
21 pagead2.googlesyndication.com www.googletagservices.com
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
www.staradvertiser.com
securepubads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
tpc.googlesyndication.com
7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
20 www.googletagservices.com www.staradvertiser.com
securepubads.g.doubleclick.net
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
d3plfjw9uod7ab.cloudfront.net
7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
19 citysparkstorage.blob.core.windows.net www.staradvertiser.com
19 c.amazon-adsystem.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
srcdoc
c.amazon-adsystem.com
ecdn.firstimpression.io
18 analyticssystems.net www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
17 d3plfjw9uod7ab.cloudfront.net www.staradvertiser.com
securepubads.g.doubleclick.net
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
13 pix.eu.criteo.net ads.eu.criteo.com
13 origami.secure.ownlocal.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
cdnjs.cloudflare.com
13 fonts.googleapis.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
origami.secure.ownlocal.com
client
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
cdnjs.cloudflare.com
12 assets.ad4m.at as.ad4m.at
12 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
www.staradvertiser.com
11 cdnjs.cloudflare.com www.staradvertiser.com
origami.secure.ownlocal.com
d3plfjw9uod7ab.cloudfront.net
cdn.cityspark.com
ads.eu.criteo.com
10 cm.g.doubleclick.net 2 redirects 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
10 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
www.google.com
9 www.youtube.com www.staradvertiser.com
www.youtube.com
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
8 www.gstatic.com www.google.com
www.gstatic.com
www.youtube.com
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
8 cdn.jsdelivr.net 2 redirects www.staradvertiser.com
origami.secure.ownlocal.com
d3plfjw9uod7ab.cloudfront.net
cdn.jsdelivr.net
7 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
7 ats.rlcdn.com d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
ads.pubmatic.com
6 assets-jpcust.jwpsrv.com www.staradvertiser.com
6 auth.instiengage.com d3plfjw9uod7ab.cloudfront.net
auth.instiengage.com
d3lcz8vpax4lo2.cloudfront.net
6 mug.criteo.com www.staradvertiser.com
6 gum.criteo.com 3 redirects
6 cdn.jwplayer.com 5 redirects d3plfjw9uod7ab.cloudfront.net
6 use.fontawesome.com www.staradvertiser.com
use.fontawesome.com
d3plfjw9uod7ab.cloudfront.net
5 cdn.ampproject.org confiant-integrations.global.ssl.fastly.net
5 d3lcz8vpax4lo2.cloudfront.net d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
d3lcz8vpax4lo2.cloudfront.net
5 ssl.p.jwpcdn.com content.jwplatform.com
d3plfjw9uod7ab.cloudfront.net
5 jadserve.postrelease.com d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
4 api.webgains.io analytics.webgains.io
4 track.webgains.com as.ad4m.at
4 www.lead-alliance.net 4 redirects
4 www.telefonica-partner.de 4 redirects
4 csm.eu.criteo.net ads.eu.criteo.com
4 cat.nl.eu.criteo.com ads.eu.criteo.com
4 ads.eu.criteo.com 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
4 adservice.google.com d3plfjw9uod7ab.cloudfront.net
securepubads.g.doubleclick.net
4 adservice.google.de d3plfjw9uod7ab.cloudfront.net
securepubads.g.doubleclick.net
4 jnn-pa.googleapis.com www.youtube.com
4 rsms.me origami.secure.ownlocal.com
rsms.me
4 unpkg.com origami.secure.ownlocal.com
4 ecdn.firstimpression.io d3plfjw9uod7ab.cloudfront.net
ecdn.firstimpression.io
4 www.google-analytics.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
4 ads.pubmatic.com www.staradvertiser.com
d3lcz8vpax4lo2.cloudfront.net
4 use.typekit.net www.staradvertiser.com
use.typekit.net
d3plfjw9uod7ab.cloudfront.net
3 image8.pubmatic.com 2 redirects www.staradvertiser.com
3 storage.googleapis.com www.staradvertiser.com
3 us-central1-kube-ownlocal.cloudfunctions.net www.staradvertiser.com
3 ib.adnxs.com ecdn.firstimpression.io
d3plfjw9uod7ab.cloudfront.net
3 cdn.id5-sync.com www.staradvertiser.com
3 secure.cdn.fastclick.net www.staradvertiser.com
3 get.s-onetag.com d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
3 match.adsrvr.org d3plfjw9uod7ab.cloudfront.net
ads.pubmatic.com
3 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
3 geoip.insticator.com d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
3 cdn.firstimpression.io d3plfjw9uod7ab.cloudfront.net
ecdn.firstimpression.io
3 googleads.g.doubleclick.net 1 redirects www.youtube.com
www.staradvertiser.com
3 geoip.instiengage.com d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
3 www.facebook.com www.staradvertiser.com
3 i.ytimg.com www.staradvertiser.com
www.youtube.com
3 recruitology-static.s3.amazonaws.com www.staradvertiser.com
3 sb.scorecardresearch.com 1 redirects www.staradvertiser.com
3 widgets.recruitology.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
3 sa-media.s3.amazonaws.com www.staradvertiser.com
3 maxcdn.bootstrapcdn.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
2 analytics.webgains.io track.webgains.com
2 partner.blau.de as.ad4m.at
2 partner.o2online.de as.ad4m.at
2 static-de.ad4mat.net as.ad4m.at
2 d5p.de17a.com 2 redirects
2 s.tribalfusion.com 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
2 a.tribalfusion.com 2 redirects
2 protected-by.clarium.io 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
2 prod-rtb.ad4mat.net www.staradvertiser.com
2 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
2 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
2 rtb.nl.eu.criteo.com 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
2 rtb.fr.eu.criteo.com 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
2 images.unsplash.com www.staradvertiser.com
2 htlb.casalemedia.com ecdn.firstimpression.io
d3plfjw9uod7ab.cloudfront.net
2 ap.lijit.com ecdn.firstimpression.io
d3plfjw9uod7ab.cloudfront.net
2 event.insticator.com d3plfjw9uod7ab.cloudfront.net
2 www.i.matheranalytics.com www.staradvertiser.com
2 cdn.materialdesignicons.com 2 redirects
2 hbopenbid.pubmatic.com d3plfjw9uod7ab.cloudfront.net
ecdn.firstimpression.io
2 cdn.polyfill.io origami.secure.ownlocal.com
2 snowplow.ownlocal.com www.staradvertiser.com
2 stats.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
2 js.matheranalytics.com 1 redirects www.staradvertiser.com
2 connect.facebook.net www.staradvertiser.com
connect.facebook.net
2 static.chartbeat.com www.staradvertiser.com
1 apex.go.sonobi.com d3plfjw9uod7ab.cloudfront.net
1 c2shb.ssp.yahoo.com d3plfjw9uod7ab.cloudfront.net
1 image6.pubmatic.com 1 redirects
1 s0.2mdn.net 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 sync.mathtag.com 1 redirects
1 r.turn.com 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 cs.media.net 1 redirects
1 rtb.openx.net 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 americanhometownmedia.com www.googletagmanager.com
1 image2.pubmatic.com 1 redirects
1 prd.jwpltx.com www.staradvertiser.com
1 tradehouse.advertserve.com www.staradvertiser.com
1 www.googletagmanager.com www.staradvertiser.com
1 signal-beacon.s-onetag.com d3plfjw9uod7ab.cloudfront.net
1 onetag-geo.s-onetag.com d3plfjw9uod7ab.cloudfront.net
1 hb.emxdgt.com ecdn.firstimpression.io
1 firstimpression-d.openx.net ecdn.firstimpression.io
1 tag.1rx.io ecdn.firstimpression.io
1 bidder.criteo.com ecdn.firstimpression.io
1 fastlane.rubiconproject.com ecdn.firstimpression.io
1 api.rlcdn.com d3plfjw9uod7ab.cloudfront.net
1 id.crwdcntrl.net d3plfjw9uod7ab.cloudfront.net
1 id5-sync.com d3plfjw9uod7ab.cloudfront.net
1 b2c.insticator.com d3plfjw9uod7ab.cloudfront.net
1 h99w9l39sa.execute-api.us-east-1.amazonaws.com d3plfjw9uod7ab.cloudfront.net
1 csp.azureedge.net d3plfjw9uod7ab.cloudfront.net
1 yt3.ggpht.com www.youtube.com
1 geo.privacymanager.io d3plfjw9uod7ab.cloudfront.net
1 static.doubleclick.net www.youtube.com
1 widgets.outbrain.com www.staradvertiser.com
1 ad.doubleclick.net www.staradvertiser.com
1 ping.chartbeat.net www.staradvertiser.com
1 www.google.de www.staradvertiser.com
1 ecdn.analysis.fi d3plfjw9uod7ab.cloudfront.net
1 p.cityspark.com d3plfjw9uod7ab.cloudfront.net
1 aamcf.aamsitecertifier.com www.staradvertiser.com
1 mab.chartbeat.com d3plfjw9uod7ab.cloudfront.net
1 d2na2p72vtqyok.cloudfront.net www.staradvertiser.com
1 aamcftag.aamsitecertifier.com www.staradvertiser.com
1 p.typekit.net use.typekit.net
1 hawaiirenovation.staradvertiser.com www.staradvertiser.com
1 dining.staradvertiser.com www.staradvertiser.com
1 cdn.cityspark.com www.staradvertiser.com
1 staradvertiser-hi.newsmemory.com www.staradvertiser.com
1 polyfill.io www.staradvertiser.com
1 s.ntv.io www.staradvertiser.com
1 content.jwplatform.com www.staradvertiser.com
1 ajax.googleapis.com www.staradvertiser.com
0 google2waycm.netmng.com Failed 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
771 150
Subject Issuer Validity Valid
*.staradvertiser.com
Go Daddy Secure Certificate Authority - G2		 2022-01-29 -
2023-03-02		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-31		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
widget.secure.ownlocal.com
GTS CA 1D4		 2022-03-07 -
2022-06-05		 3 months crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-23 -
2022-10-24		 a year crt.sh
*.analyticssystems.net
E1		 2022-04-05 -
2022-07-04		 3 months crt.sh
*.recruitology.com
Amazon		 2021-06-13 -
2022-07-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.aamsitecertifier.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-24 -
2022-04-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.postrelease.com
Amazon		 2021-12-29 -
2023-01-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-22 -
2023-03-26		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.cityspark.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-08 -
2023-03-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2021-05-28 -
2022-05-28		 a year crt.sh
snowplow.ownlocal.com
GTS CA 1D4		 2022-02-18 -
2022-05-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.i.matheranalytics.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
*.azureedge.net
Microsoft RSA TLS CA 01		 2021-10-28 -
2022-10-28		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon		 2021-07-22 -
2022-08-20		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-03-21 -
2023-03-21		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
misc.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.camp-fire.jp
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-20 -
2022-06-21		 a year crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.advertserve.com
Go Daddy Secure Certificate Authority - G2		 2022-03-03 -
2023-04-04		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-13 -
2022-06-09		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-15 -
2022-06-13		 3 months crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2020-05-10 -
2022-07-09		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-10 -
2022-07-04		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-02-19 -
2022-05-20		 3 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh

This page contains 56 frames:

Primary Page: https://www.staradvertiser.com/
Frame ID: 946E795CEA14E5284AFD8DFDDC1F6616
Requests: 263 HTTP requests in this frame

Frame: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Frame ID: AE9B91258C439CF95E599CB39773A130
Requests: 20 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 29A35449DEC519E68EE5248C7AB42C25
Requests: 2 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Frame ID: 1F836AA356AE04E6E2D54D0FC405CB8E
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=7dryzc3y37mz
Frame ID: 802AE4BD3818F9656F5D0622E700450E
Requests: 7 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Frame ID: F8E532D315003A4EC0C310027E6949F9
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1C23C1E62E593F8E85C000BB0C4BC75C
Requests: 1 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 171AF5C0E23018CBE7FF3CC21D0722C7
Requests: 1 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: C2C6BC8F32E7713C22CA401572F88242
Requests: 18 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 4A0C7C2E2E47F78360523566AE27DF6A
Requests: 9 HTTP requests in this frame

Frame: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 035DAF4A9F67B4CD84340B5445DC7887
Requests: 1 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 1D225E2CCD33308945828EC8C164D374
Requests: 11 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 03DBADBD19E40B96496EDF474ACA8865
Requests: 10 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: A359974B1BF18D1CFD02D176844B1EE9
Requests: 11 HTTP requests in this frame

Frame: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3BD4C73FC0520587C57B8DA7EEB904E1
Requests: 19 HTTP requests in this frame

Frame: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0482D846842967BDAFFBEC167EA4E9AD
Requests: 19 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 0731D38599D5F7F074CFB658953209FB
Requests: 12 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: C1A24E7B2B7A8F5AEF1008718AED274A
Requests: 11 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 53D947ADD4A163EF8250B32B2E2E8B1E
Requests: 27 HTTP requests in this frame

Frame: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2DBDFFA27EA959957FD6B98D531E0084
Requests: 12 HTTP requests in this frame

Frame: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 42A93E78DC2BFEC431421139C1C99FEB
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 63AE832DB3C52984F503381642F26A32
Requests: 13 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: DDA4534A2240A2D3CC1CD35453AC773E
Requests: 11 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: AA86777F6EA593D51495628683F9AD63
Requests: 8 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 08DC9496DF1DF9B173F802F76C4114E5
Requests: 27 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 2B2F8ABB539548DC74568AB786ABC0AB
Requests: 12 HTTP requests in this frame

Frame: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3B0E3B255030BFD5CEDF728147B0E5EA
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: 007361E4D43F16C736EC5D633BC755DB
Requests: 19 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: E7E6F7666F44AFC144249F201026F2A1
Requests: 22 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: F3A8A1C1DF52D66B76725513E9307A3C
Requests: 2 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: F3B06F711D20B2CB1147ABF6811E325A
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJkEKiwjSAAen_PFURH3zeERYBKZobw&u=%7CH1LL%2FjjDGhFZD96MiOPNE9qZR15UUuX4eSYYiKVkzJo%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnd6kEB97FJX7W25m7jsdXAEqDx-eWRlibZJf_knYhN74na8EgygqAGI0nfaqh7IUnE-1sMfE2KssYEPZccHveEAfPv1HOM5bdWmYflnvg9-hWGOrhJIofTY8Ahpzis0hT3Fwx2_p1R9fnhi8LBUCOv_GXn9I7bcIjz1Tcm4pdQWZOMyw_XKvVwlIC_CwCUUQ9FJ3yfz_fBm3iaDJ6dYOwLBW1C3slYInvFy1Y3N_fV3VMycii2Hv9qAbpyX-HqmgR2G6UxMSJ7xezdcHMof1rDKi7Tz2VVL25F-bHJTGzAEGvdIxaEtD41rhtctSZKDAtAxdMtZcThiB_N3_OF63sqyleq-smEoY0u7QZUOAp7mp2J3PEVhoM6IdVg3pEtXzcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UaxTThbYsHMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSQAk_QdcaB-Q9ghtqHGfRpZJVf5EjbrGd8h4shEYQLHm2V48obRDI6CJjYGOKMv5DqGNzFcoXSXe07GmC8KIDEwDT9j4tICYOWebZuCCtHxdri0TUhALjcoAZaxmVpN3dU8uSuQdLJzCrs7zEtGOp_7Szh3jBVTl-Pns7CXyZrFdPf6T3O2Fe80uOmjc96Stz-gMlfVjU2FX5R90knECXqStbveJJkc1GyW8qOIzPZSZ4wzA-IAS834kWM4Fhw-kL2XEZhjfYt-fgHF8RrLUy8gRXcM9Jkbn6SLH6NfwsdGL7pWW6nsVt7-YSJ9sNp37f6rp-GPzfYxap5S_cbTMcZD_P7jJMZ9KvYy5pPiweWozp64AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xv5U0J7iil2KXN8bJM8KvTN0IUA%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: 9B42C21D90AE19338B4D7ED4CDCC6341
Requests: 10 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: C2BD488A83C1D697B71CF05144E5FB8F
Requests: 9 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 15CB017E0EAA77D8F49F0263FF6360F4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 0BC565770199C3E53E416E95068C1784
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 29AB0B3C689DCAD67BBF976E5FF29DB2
Requests: 1 HTTP requests in this frame

Frame: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F56AE6ACA6D062594F754A33E019F6FD
Requests: 1 HTTP requests in this frame

Frame: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F896D6EEB320DF5FB879138BD3D6DDAF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 920D200D3397161EB633D12ADB812449
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 156D937C28FDDD292768151381B264DA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7AE543F6C9350CE9FEC33F2238E9A87D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81F9ADA985E2434FB3D41E747A49226D
Requests: 2 HTTP requests in this frame

Frame: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5FDE2DAC66C99451B6CA12A0A7EB3C00
Requests: 9 HTTP requests in this frame

Frame: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 38D3BAC6BE999E0F33DD3F856855767D
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hr6v59r6gg7j4kgyqm0z1scscpvtp0xf9qsy33wdevg4nba9kex0nbmd3j6w6f8sw64b51hmjv0by0vrwvfxj7shffk685fxjcmbfw9edzr2f2q096t5ne4hf56gfpxj8p0jpd3pav5x7ka91270dhhh5ar6fgb7555zsnvg75t5ch2k5w5pqetdqhfredagpqm94thes7mfh0p1zn6514mhdfsm0ngaz2prs28dngptne102pwexktdrdndpkv8jfx61g8vey1rynyv6fbz89pw9a4h2xxba6daqfrjj4r1qvhphfbzkdm945btck54r7vv41mvaw2bk7tgj4zp04fk71pedeqnqjyf24nhn2wzf7mbe4n2kds11jna36r6xxcqv0g6eg3vdyhg33vycmzr4ywkbzn5v9019mzdrxg3yw848x0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: 54E0304CD60BC493810B4D0153CD143C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 492A8D2CADB6627F5DD7D624F5C5BC4F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8AAC69CF7E1EE35A2853CC5C2A40E966
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A0CB0C49DFFF4CA0AB3497F40817DBF
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k6dhqbxb6v59cjjj99cxqka5dfketejnbp82tvqratvhpven6tq7nm7nyxtgfkrd2915rqc9axsfq7skzz5z2gvz2rd7094t5s2jsafq4k4xbht2cftcmbd3hwmh84ccx55sv31mf0k7v1vpcy9481rz32jfer5tmw4bptn5463nj6fy3mffhhzvs2rxkp707tb67j60gxk6r1qqj2q857e7az0c9ykjexnakt54ea9shyy715dsem1v3wxgd82qfjp0r8afjj0jcqr933rf01hbe11nkn83212cv0a32vzhnb8hb9sz8wnd074m5rnb3tzkyx131hrgepnfbqrpjnp7e84d8w7tvgc0gv4r1357kc947jp4m71w3ehkyynazbk093vd3dypxjje2cahh4w2d1rfjce47wf6e3v3dswnd616gc9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: F1EF6A84FCB876A8327B4BDAD649FD8D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6B2CA10848FD13FF820C3D37BEC028C0
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1779E80321D0A2C5C1C6893AF1487332
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B7CA0E740D1A4EBF5C92ECC76DEFE642
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Frame ID: 9332FBFB74763866F4FD544C253FEAAF
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Frame ID: 707D45D5C756F78A3C8C55234E616295
Requests: 14 HTTP requests in this frame

Frame: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EA7AB7BD420736970C06513C3A67F71E
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4VQAEpikKd9SJAA3cQ6YNnVeZpMCZ_0D2sA&u=%7CSH9tkSzF%2F%2Bi%2BP7aKofN8H4mvSbqHEc8D61aeJEwsvfQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnYW2pWqilYekY4q6Pi1HBDcq5QXVpOJ6KftnF0qKAJ_CVQnz_G_xpspeiYTYf4ySGcGZfE3tAUaMAC8j6kwqVMQdDxlrOPm7fYBtUMIXk2H5gzueNNhSo5ytGuv9OJapd1W1aNr1Gl7a7YvmEMjHiDJGVk59XDvrq3DK63_lSavkDFWlm7_hUporCg3zUeRn468-4YiW-n6U6TzTK9U4qLD0jf8DRqobmf6wesqyNCYFdI2bG-RHwGhWkqqQlT6DG2wrwSYMIhEGIdjnCnLA7TyvGBoz-9HyGIjgljF60Jq4daMmsgKUEC6NV23IK16Ssjm1tpZvAxLPLmr4esRH4M36GITzD4tNAzDk1uJxynG2vxPaEYGKa5u0E_3UuoQC6yMgY91V2xcd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU7bWVThbYqnMEomp3wPDuLfgB8me0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMKAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSTAk_QHjpgfoOeKC4M6Jcv_d2Qkk8JTwHJhTgl-9Hh7HTDy2rxxHoCvP7FSW2gNBIwKBlIoivKYbDidSWzaGN9aqfYzBKB33Djhly5DKBWmaXDaU_RwhzLMl6VlK1UOvlBjjO03tglVI3GzWI3q4YPSnRKE1YcMP1vzi42xy7QomcgMAqmxrO_4SeqnwZULCtGIKFCgTkN4FWN4b36nm9oUrS9GBmm7oC0iVci_IWVf3Aw2u1pADi3jnkX3xBTZHDyZyghzEsGYMRlPvgCrmsUZv9K0HK0KmyXMvbAQJ6DB2DH5dt41dsAfQoNwTZObPTzqBoSv4c_OBiO-EbtvABeKTCbu2CCL79XXJZ5VGyRIkybzCCR4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAHyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FBSL1c3MIkDgnoNf8gbrxg2AJTg%26client%3Dca-pub-6718426237615610%26adurl%3D
Frame ID: E37DDF8EE1B736DB3908483AC4EE8B7E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hawaii News | Honolulu Star-Advertiser

Page URL History Show full URLs

  1. http://www.staradvertiser.com/ HTTP 301
    https://www.staradvertiser.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

771
Requests

92 %
HTTPS

46 %
IPv6

94
Domains

150
Subdomains

128
IPs

8
Countries

12814 kB
Transfer

31031 kB
Size

67
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.staradvertiser.com/ HTTP 301
    https://www.staradvertiser.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=_5VYunxCdFdpcWFxbkpic3BvaU13elhBMGp1UkV6TlZWY3VqSDN3NnovREJGVmlLQUZEa2w2MWRGTW1FZzFvZFlXYzR6ODBINklkcFZ3WVhDRktSSldQSXRnVURBMW1hc1BMTndHU2R1SXd6ZGt6d0YrMkNLeHJKcUJMc2xLblIyUStKNm5lS3gvWWQ2NzBkWkQ0bU5YSkFOMmlOVXFaejVFbjVFMmpiWmpYV2U3UVlwbUV3dVhEaE85TFpWeFd5OFNLclVqUGl1TmgzUytPZ2p2UEx3MFdES1dqWVVsQlBMYjVCK1pCeTlINE4wVE1mMVZYemxLVUZtSXpDd08xaVRXaG9lfA&cppv=2
Request Chain 114
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035032&ns__t=1650145356943&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&ns__t=1650145356943&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
Request Chain 124
  • https://js.matheranalytics.com/s/ma15446/988352900/ml.js?cb=1592 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma15446/988352900/1/ml.br.js
Request Chain 195
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 197
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 203
  • https://cdn.jwplayer.com/strips/pISw3shK-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/pISw3shK-120.vtt
Request Chain 205
  • https://cdn.jwplayer.com/v2/media/pISw3shK/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/a9vu1dlh-720.jpg
Request Chain 206
  • https://cdn.jwplayer.com/v2/media/ReiuWYBP/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/99sa2obd-720.jpg
Request Chain 207
  • https://cdn.jwplayer.com/strips/ReiuWYBP-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/ReiuWYBP-120.vtt
Request Chain 227
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 300
  • https://cdn.jwplayer.com/v2/media/pISw3shK/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/a9vu1dlh-120.jpg
Request Chain 492
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 532
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160074 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160074&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhFMTUwMEItNUMxQi00NkFBLTlGRDEtNEMyQUI4QzUyNUMy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 597
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=8HxPSV9EYTJGZndZdVo2VklTcldhR3VwbkVjOUtOMGNUYnZNUTRMakd1b0pBaFR2bGFnaTFUaXpwaVlvNFBSRG5sOU9HVlBLbjJtczVUMTZrSU5yWjZ0cExkRWJTWFI4RDhVWlkxY3ZDZWFhR1RhQXBUJTJCaDQzdkNMVmZ0SEtRTVVXJTJGMFU&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=T0O0nXxBRHR4dmo1NVhVaWp5ekg0dVpGalJLZnlVY3RKaGM0ZDNNQlcwYVRwUWdXanFJRjlsU0dMNXZOc2dJU0ZJa3ltMnR5UGhLVENxTnh3MTBxbmZvSkF3VUhoZ2Q4OWxGaWZDc2NmYzZMSGJmTGJ1aHBQSDEyTFF1UldKM0pzSVlQNzZsR01SMC91d21FOWQwbkJhenVsWS95Ym9oUXNDSFVIUWF4a3ZxcG1JQ1NQYTFNYWszNUJpSnpaMUViZ1FmdzhmVHRtSC9QRXJycVM2cFFrellkQk5nZzRQbDdEMWtOMVNzOGU5bU5Tei8yVTY2cHFoVnJ6WHZkZytDWUowZUh4eldwT3oyUjZ0ajNWUmZCbGd4L0Vqdz09fA&cppv=2
Request Chain 602
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=8HxPSV9EYTJGZndZdVo2VklTcldhR3VwbkVjOUtOMGNUYnZNUTRMakd1b0pBaFR2bGFnaTFUaXpwaVlvNFBSRG5sOU9HVlBLbjJtczVUMTZrSU5yWjZ0cExkRWJTWFI4RDhVWlkxY3ZDZWFhR1RhQXBUJTJCaDQzdkNMVmZ0SEtRTVVXJTJGMFU&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=sPGY4XxjaG5ML2FYdjR0aS9mZ0M4TlcrbmlCUno1WmhzVmppbS9MNFZtdWFhM1VxeklPUVZweW1vUjRZSEVFTk1DYjJpSnFyMEY4QXJrRlgxUnozd0x4aTNvSzRKNTRNd000ajVyMjBkMUFGS1ZsVE5weVFGTDNXNjdGeDZYaVFKOHNoL1NCQTBzTHUzdzFDRE9HQ0VoNkhFNjZYOFpLWFc1TlI4YzVWbTZJekF3NmFpQVNUQkpkSVhiYzQwdEoxWEhiOHFlSVhZYXpPOUNLUnhNdHJ3M3g5dWhkdXZWd3YwZ0hzazFlTGRZc0w4NVZXQTAxMTF1QUoyZkc0RDBOMDNIU2FDQU5SVTRobWNPZzZRWDBEd1Z0S1lnQT09fA&cppv=2
Request Chain 686
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENJxpRDJj-gjmWKgI3v2sLg&google_cver=1&google_push=AYg5qPIS5Be4wap1lw8p5Llg_LnkbGK_ZQORbJQk3cFvhVYuPu-cfCFjhhjQs-0g2ma2KvgKsnN7jnf2EnrCDaBEkF_1vxzKazw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIS5Be4wap1lw8p5Llg_LnkbGK_ZQORbJQk3cFvhVYuPu-cfCFjhhjQs-0g2ma2KvgKsnN7jnf2EnrCDaBEkF_1vxzKazw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENJxpRDJj-gjmWKgI3v2sLg&google_cver=1&google_push=AYg5qPIS5Be4wap1lw8p5Llg_LnkbGK_ZQORbJQk3cFvhVYuPu-cfCFjhhjQs-0g2ma2KvgKsnN7jnf2EnrCDaBEkF_1vxzKazw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIS5Be4wap1lw8p5Llg_LnkbGK_ZQORbJQk3cFvhVYuPu-cfCFjhhjQs-0g2ma2KvgKsnN7jnf2EnrCDaBEkF_1vxzKazw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 687
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGv56j315s2188iBsJHvJco&google_cver=1&google_push=AYg5qPJeCqMAD55O_w_2MZhbe2LEQgeM1f2b-EIWoyb8anZ3TdCg7N0yhaZrs0K_kL3CEB1Ulxaqw3DoD_mW-jLP3uqUE4MJHvo HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1wmLSUxmTNm_U0oZXPGSPg2&google_push=AYg5qPJeCqMAD55O_w_2MZhbe2LEQgeM1f2b-EIWoyb8anZ3TdCg7N0yhaZrs0K_kL3CEB1Ulxaqw3DoD_mW-jLP3uqUE4MJHvo
Request Chain 688
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOC_rhXUrL8Y4S6_CY-yL6I&google_cver=1&google_push=AYg5qPKtHsAsBCvtr_j6j_Zd_9TXlWJv4TCDA3zTSX1-qtoVpU_Ht-1FcbA9kClxnjyS3v4C8CJVQRaMI_vhA0qSy14OS65PwLM HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOC_rhXUrL8Y4S6_CY-yL6I&google_cver=1&google_push=AYg5qPKtHsAsBCvtr_j6j_Zd_9TXlWJv4TCDA3zTSX1-qtoVpU_Ht-1FcbA9kClxnjyS3v4C8CJVQRaMI_vhA0qSy14OS65PwLM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKtHsAsBCvtr_j6j_Zd_9TXlWJv4TCDA3zTSX1-qtoVpU_Ht-1FcbA9kClxnjyS3v4C8CJVQRaMI_vhA0qSy14OS65PwLM
Request Chain 690
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEPuuMmSk5YXtLOG8oe4uMIk&google_cver=1&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
Request Chain 691
  • https://match.360yield.com/match/ebda?google_gid=CAESEOZ_xNx27mKCkJK_l8gM0d8&google_cver=1&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOZ_xNx27mKCkJK_l8gM0d8&google_cver=1&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE
Request Chain 692
  • https://cs.media.net/cksync?type=g&google_gid=CAESEA9AJY_v9AI2-t33bGe0pRQ&google_cver=1&google_push=AYg5qPIPKtQvshMM5nYz9Bsp-qKta7y9K5nVnRL_MdPlinu-w2Osj41qeOsd6YbrXd4OAcNnxaBgsE-QEsKt3ljvHR3N2jJy-0w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzMTQ2OTYyODg5MDA5NzAwMFYxMA%3d%3d&mn_hm=MjkzMTQ2OTYyODg5MDA5NzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIPKtQvshMM5nYz9Bsp-qKta7y9K5nVnRL_MdPlinu-w2Osj41qeOsd6YbrXd4OAcNnxaBgsE-QEsKt3ljvHR3N2jJy-0w&gdpr=&gdpr_consent=
Request Chain 695
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAycK-NHYs_-xB07hph3x4I&google_cver=1&google_push=AYg5qPKo6b5-iICotkHKE84jkZGBavnZ3nVqZLnBlpdVnpVNyyxA3fmDg7JceL0gjpd6eeJiRNTLGnUhQ92ZzXmRGgkuidyFutcU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU2MzQ0MjU0ODQ4OTY4MzkxNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAycK-NHYs_-xB07hph3x4I&google_cver=1
Request Chain 696
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEKLaXcidHMB9Pk-pwCbMfY&google_cver=1&google_push=AYg5qPIjtcfSRuJDfMdPGg4xCIVHuDdfTZBa3NYpQTguhwvIv3d_2bs_UQ4bJf5JJL934txbKO6V9K9gW9DEcU7QE5oZbDvcGmU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIjtcfSRuJDfMdPGg4xCIVHuDdfTZBa3NYpQTguhwvIv3d_2bs_UQ4bJf5JJL934txbKO6V9K9gW9DEcU7QE5oZbDvcGmU
Request Chain 697
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENJxpRDJj-gjmWKgI3v2sLg&google_cver=1&google_push=AYg5qPIql3YqkvKA3tFkk6Aaq0DeqiuvSVL9rj4sWZBZwS-MxT4Fb3shkkRQ_vy7yM_hgWOZttFL49-rUoHdBYWE5B745sW3tzo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIql3YqkvKA3tFkk6Aaq0DeqiuvSVL9rj4sWZBZwS-MxT4Fb3shkkRQ_vy7yM_hgWOZttFL49-rUoHdBYWE5B745sW3tzo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENJxpRDJj-gjmWKgI3v2sLg&google_cver=1&google_push=AYg5qPIql3YqkvKA3tFkk6Aaq0DeqiuvSVL9rj4sWZBZwS-MxT4Fb3shkkRQ_vy7yM_hgWOZttFL49-rUoHdBYWE5B745sW3tzo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIql3YqkvKA3tFkk6Aaq0DeqiuvSVL9rj4sWZBZwS-MxT4Fb3shkkRQ_vy7yM_hgWOZttFL49-rUoHdBYWE5B745sW3tzo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 698
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBtXz9J7PULUwgc-A4Vw51k&google_cver=1&google_push=AYg5qPIZTQVyTlqcZeDpnfbPIW549TnyEkGBjl2JKAXPwaeEZV_NN3iOV3iQHbE2FsZfCfQ1NP1WJDoL0-M0xLKmipn1MXs5OQ8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBtXz9J7PULUwgc-A4Vw51k&google_push=AYg5qPIZTQVyTlqcZeDpnfbPIW549TnyEkGBjl2JKAXPwaeEZV_NN3iOV3iQHbE2FsZfCfQ1NP1WJDoL0-M0xLKmipn1MXs5OQ8
Request Chain 700
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI1GK4-iuMdVs8KydNMyqLs&google_cver=1&google_push=AYg5qPIpFxwR_I_gqu_7arZY6rFA1pQw4AXaT-DKsHMxKl_3t_30r2aCBG2HI83IghPgq1pI9JBoh4ni1iKCbzoWoE_lBHDg2ZiF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=COFQC1wbRqqf0UwquMUlwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIpFxwR_I_gqu_7arZY6rFA1pQw4AXaT-DKsHMxKl_3t_30r2aCBG2HI83IghPgq1pI9JBoh4ni1iKCbzoWoE_lBHDg2ZiF
Request Chain 724
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid3bgFpf14UB6QC7HrHAtEt997f8TWTReadoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid3bgFpf14UB6QC7HrHAtEt997f8TWTReadoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022041623424367222197679X117679V1226132702MSoneid3bgFpf14UB6QC7HrHAtEt997f8TWTReadoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022041623424367222197679X117679V1226132702MSoneid3bgFpf14UB6QC7HrHAtEt997f8TWTReadoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679
Request Chain 729
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSWoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSWoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022041623424367222197673X117663V1225131106MSoneidz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSWoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth
Request Chain 733
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022041623424367222197677X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022041623424367222197677X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
Request Chain 738
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9oneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9oneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022041623424367222197675X117663V1225131106MSoneidApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9oneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush

771 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.staradvertiser.com/
Redirect Chain
  • http://www.staradvertiser.com/
  • https://www.staradvertiser.com/
364 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
cb1650360441fa7498a4a668b992636eeacb97b83be18fa20ec2b1ae27871f6b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 16 Apr 2022 21:42:34 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.staradvertiser.com/wp-api/>; rel="https://api.w.org/" <https://www.staradvertiser.com/wp-json>; rel="https://github.com/WP-API/WP-API"
pragma
no-cache
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 59
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sat, 16 Apr 2022 21:42:33 GMT
Keep-Alive
timeout=20
Location
https://www.staradvertiser.com/
Server
nginx
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ 		243 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15d8c620c462a0ca4ebed3dd15aad7d65aefb6f69e026d4751e777552eed042f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
TZjTIRSnU.ALVJRbloQubE6bk_pn33Xw
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
2816
etag
W/"d3d381c1b51c7f5f530ab845cd767057"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
date
Sat, 16 Apr 2022 20:55:38 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
Cdl8FiLYJ-aNkXLceP_zt8bpOzBr4f67NsOptyPiVzOl4qcYjULhHQ==
pubcid.min.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Fri, 13 Nov 2020 19:41:56 GMT
server
nginx
etag
W/"5faee184-e358"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
30989214
cdn-cachedat
2021-04-23 07:18:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3dc67c43f5f695f65a3234d8a4ac94d0
cf-ray
6fd017713e532373-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		67 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
W/"60c805fa-10c45"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sat, 16 Apr 2022 21:42:34 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24540545
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZZ64YVJCFT66N5R4
x-amz-id-2
uBHCTQzbqFE5aENWsxzmRCUY5pFwL1R+9FN07yIfTPXJRnC9EVLXBnDKVVwZMDMTt/9lqmA+/7k=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Yuilndi5BVChsNlKq2GuPd2Nb04jL9OjhdUw3BQxR%2Fr9T0OcTRhBgdi9K9DBkEbdIPoHztnEa8FaGNulc17N1IrppiHHwE7K1WHgTJQmqIn9tM3aJxH8xmYMcWaqtYzbivGxYeWjMeJkja1Sjc1bYGR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6fd0177118d9e8fb-MXP
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 17:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Apr 2023 17:08:26 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4be319fc7e78bf1beb5b73bb76e33e445bf3170ebcd66fd72639743115287a2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 20:44:08 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 00:18:19 GMT
server
nginx
age
3505
etag
W/"625616cb-595b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
7OzlSXPDiZ70zOPhA5ppG93_jl9gZm_J6nMvGtvb7Ehr_Q20ZgRHCg==
expires
Sat, 16 Apr 2022 22:44:08 GMT
ZoPFXSjg.js
content.jwplatform.com/libraries/ 		127 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/ZoPFXSjg.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:e200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
460c11c62d12a25d5a0c6d967bb71d2177cff4a9a8024540db39a1782b1fb829

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:40:08 GMT
content-encoding
gzip
server
openresty
age
146
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
x-amz-cf-pop
TXL50-P3
content-length
44409
via
1.1 1bccf6a872dd296ef2ffc6656debd1f0.cloudfront.net (CloudFront)
x-amz-cf-id
xJGDXmnJ2w04oR6x5HY4IZ3pRIqsefXKETBz7NgDdubpGdkRL3bvRQ==
expires
Sat, 16 Apr 2022 21:42:38 GMT
hsa-jwplayer.cmd-hsa-minified.1601588720.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/hsa-jwplayer.cmd-hsa-minified.1601588720.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0159831273549544cb9ff04cb7f31edfa5797d9aa4bf1666636bdca542479b76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Thu, 01 Oct 2020 21:45:24 GMT
server
nginx
etag
W/"5f764df4-2eb2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sa-jwplayer.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		2 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
load.js
s.ntv.io/serve/ 		394 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a0b374cb5be30cf745d18c8403fcf6d68c68720a8b72f6205960a38231056bc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:35 GMT
Content-Encoding
gzip
x-amz-request-id
PAQEGJY2FF24QQWZ
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
DP+QHwjKgfl9ur43zyuKLY9iNh+2xIn9Wdi6z00oyNeMStTbMxV3iITQ61xPp0nWUm5IlV2ne7k=
Last-Modified
Tue, 12 Apr 2022 15:30:17 GMT
Server
AmazonS3
ETag
"aa068ae425ad39385b7557af7408b5ba"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
usprivacy-string.js
www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		1 KB
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/usprivacy-string.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e5d3f7cad9534723e28aed704f7f5bcbb7f6a2323b2c29f01aa09bc3a46c930d

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
nginx
etag
W/"5e2b4233-4e0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
uspapi.js
www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/uspapi.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d8921a0fcfd2507826836106dcc06e0612c413bf3797cab39402171724b32df0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
nginx
etag
W/"5e2b4233-1158"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
uspapi_call.js
www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/uspapi_call.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
87228b5246ece9b12bac05b438794791bb67239aab563dafb7e43eb4ddfc8fa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
nginx
etag
W/"5e2b4233-899"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
polyfill.min.js
polyfill.io/v2/ 		222 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 20:51:27 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/100.0.0
server-timing
cache-lax10659, PASS, fastly;desc="Edge time";dur=15
accept-ranges
bytes
content-length
126
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ 		502 B
460 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51ee895958f8cdaf9c972b1cbaa12dfd82c718d1d49ff0d67aa33b16a9b1d252
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 21:28:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:34 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ 		0
188 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
www.staradvertiser.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
www.staradvertiser.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.js
www.staradvertiser.com/wp-content/plugins/hsa-polls/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/js/common.cmd-hsa-minified.1569273721.js?ver=5.8.4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-100a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sa-logo-white-small.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/sa-logo-white-small.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cadc72dc81a8e767b3da7e015267c1ed4eb439249277937a2e83f7d29876350e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-19dc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6620
longs-drugs-logo-v2.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/longs-drugs-logo-v2.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e0f9afd978bd46213b0bf16a6ddd54ef257e84dde88e9b428c373b501a2b0b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
"60c805fa-914"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2324
sa-logo-large.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/sa-logo-large.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0a2176bad5be68ea7fe742d9ea76084443f8891101898e212361a057b291ca62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-4056"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16470
rainy.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/small-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/small-icons/rainy.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4142472f067309c66c13203d1c9f47d60a7d91753f58c38c92fb5f082ee24fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-63f"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1599
getprima.php
staradvertiser-hi.newsmemory.com/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser-hi.newsmemory.com/getprima.php
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.214.32.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-32-184.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ef337d2e2e8fc907c4186a1c6a25aeb62d78a59060bdfb7638b5ea07f5c4b4fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:35 GMT
Cache-Control
max-age=900,s-maxage=900
Expires
Sat, 16 Apr 2022 21:57:35 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
image/png
big-q-logo.png
www.staradvertiser.com/wp-content/plugins/cmd-hsa-big-q/class/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-big-q/class/images/big-q-logo.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
42197f868c8a022a8f36574a2ce910d007c7254e7282742500154471ca82408d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-2806"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10246
SA-LocalBusinessGuide-982x300.gif
sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/SA-LocalBusinessGuide-982x300.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.87.156 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
09dc0765a9dd7efe2c16814e023c0509771ef4cf8dd880a306c59b765942d983

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:36 GMT
Last-Modified
Thu, 16 Jul 2020 21:43:25 GMT
Server
AmazonS3
x-amz-request-id
RZRDTC0YXN235AS8
ETag
"1b3f2c17628b6f0face0aba72b58a731"
Content-Type
image/gif
x-amz-version-id
N.oxyDEQv3OEdP44ADgABZ71w4.UpJZ_
Accept-Ranges
bytes
Content-Length
275925
x-amz-id-2
dQvFJGZ4LVWUByBPyqC6szkesFDyQ7sTpzvEVCamNY/m8jt5vGY8MD9FHoHwLXDo5dmk5MsTMh8=
fv-play-btn-1.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/fv-play-btn-1.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dca48f3a946bbfa6545510ed71076aa805c1b8a84bba5ecc79fa39ccfcd088f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-d24"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3364
loader-sa.gif
sa-media.s3.amazonaws.com/images/redesign/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/images/redesign/loader-sa.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.87.156 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0697912270d4ad04615851261fa60a3db4bc88e3c0316d1c97fdd3a5a7c68931

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:36 GMT
Last-Modified
Thu, 09 Jan 2020 19:44:41 GMT
Server
AmazonS3
x-amz-request-id
RZR3VC0AV8Z6JWGB
ETag
"5482571331280690fa02f6d418610e2f"
x-amz-version-id
GPY34XsOEB_u0Uf8iwc7gZbkwoeYJPhF
Cache-Control
31556952
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
16428
x-amz-id-2
vXv2GnNcA7SOPKOo7clwj6DjdCjlfHivGGqPy2Ig8WAOPqlCj3Ai+sYBNj2XFwAhXFv3MOGAxOc=
origami-widget.js
origami.secure.ownlocal.com/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami-widget.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 06:20:44 GMT
age
55311
x-guploader-uploadid
ADPycdti_08UnfSbakwrBjjWFhvIOnQL95FTtw4CiU77FBDl_1hD5n5o4N-deta65P25FKIVEEZ8mc0lumMpYaggMJjBESM_MEOM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13289
last-modified
Mon, 19 Oct 2020 18:40:43 GMT
server
UploadServer
etag
"f5183a07384a657e61aaaeba0fc72448"
x-goog-hash
crc32c=FHVKdg==, md5=9Rg6BzhKZX5hqq66D8ckSA==
x-goog-generation
1603132843078573
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
13289
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 17 Apr 2022 06:20:44 GMT
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BB8) /
Resource Hash
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
content-md5
DgH26NwpVpUJ7mY3mCxUbA==
age
355246
x-cache
HIT
content-length
919
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 14:25:32 GMT
server
ECAcc (mil/6BB8)
etag
"0x8D7F2927FD84964+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8132f2f5-501e-00c0-659f-4e0033000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/client/impression/ 		0
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/client/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=493840&referer=https://www.staradvertiser.com/
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryucEdcSQ6iZB3BB3b%2FDLObk27ufSqz2UbGnOZXsecbIgwc4JsQuiTtODNMbfGtVS4hng4zkQfIUjgi7Si6KsmzZWgMkwqLf8jiMw9Y25ab5vzWcqMc1%2BRs5gINilmIVaQs4S%2BBGJLCCJYmZqcm4qtm7Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd017752b6e59bf-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dSijIrOthmwDG8zS
gD12H3oM9Iqch4Y2IgeBpEqQnAvfOv.js
widgets.recruitology.com/scripts/ 		42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/scripts/gD12H3oM9Iqch4Y2IgeBpEqQnAvfOv.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-111.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa6638fd6b14135367c46826b3dfea605fa7da5cca33ad8c2429456508826bc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:29 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:16:48 GMT
server
AmazonS3
age
6
etag
W/"8ce79a3beb278ff74c068a562ca479e7"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control
max-age=60, public
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
opRsypNVMA77XTj6ErPK_TKRwQhST6O69X_f_9aM_4HcDxyO2n8_ZQ==
expires
Sat, 16 Apr 2022 21:33:27 GMT
Oyster-180x180.jpg
dining.staradvertiser.com/wp-content/uploads/2022/04/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dining.staradvertiser.com/wp-content/uploads/2022/04/Oyster-180x180.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.184.218.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.218.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6794713d596111269c8f8fe73a576727472a68a4db0fdee82db66e8af995a96d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 11 Apr 2022 20:13:56 GMT
server
nginx
etag
"62548c04-3e62"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15970
IMG_4931-150x150.jpg
hawaiirenovation.staradvertiser.com/wp-content/uploads/2022/04/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hawaiirenovation.staradvertiser.com/wp-content/uploads/2022/04/IMG_4931-150x150.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.184.218.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.218.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
49873f65401798fbd7a889c24036467ccd8669c32ff1eb5ac40458277de622b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 11 Apr 2022 21:40:59 GMT
server
nginx
etag
"6254a06b-2298"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8856
YoungatHeart-032522-300x244.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/YoungatHeart-032522-300x244.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
419e764f9ea4545af6ff436304d2b73f965e7d5883cade5ee3519d0e8d64fc25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 04 Apr 2022 18:18:03 GMT
server
nginx
etag
"624b365b-524f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
21071
2022-HHRS-242x250.jpg
www.staradvertiser.com/wp-content/uploads/2022/03/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/03/2022-HHRS-242x250.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3a20b0a28acbaafc252c351568cea2945799c82eda5e954787a5b39d7dbdd4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Tue, 29 Mar 2022 01:48:05 GMT
server
nginx
etag
"62426555-4be0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
19424
SA-LocalBusinessGuide-RightRail.gif
sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/SA-LocalBusinessGuide-RightRail.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.87.156 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b9992e87acdce0b56ae06a416a40ba5b4771a9cd7701d97e9487044dbf1b65e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:36 GMT
Last-Modified
Fri, 17 Jul 2020 01:10:19 GMT
Server
AmazonS3
x-amz-request-id
RZREDXZXH0AJTG07
ETag
"4de67d2a7b83c7aa57c53c16e04f45fe"
Content-Type
image/gif
x-amz-version-id
6IbaSWxCO7LzRPA4INzeWwcVLvh1Iht9
Accept-Ranges
bytes
Content-Length
33694
x-amz-id-2
vCZyefV2Sz/Tsf8jyuEr2GCHS/P7WlEGw6ZtU2PPEwBP/g8EwxnRhpo/z+FhcTlLWi1sl07FQtg=
20220415_WEB_-April-21-1988-HA-front-page.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/20220415_WEB_-April-21-1988-HA-front-page.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6f2c6bbb2c6ab4b0501c65ac2118b8de1d5ba43d3fdfdcbeeed99e6a5a12f780

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 02:28:05 GMT
server
nginx
etag
"625a29b5-1cb20"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
117536
api.js
www.google.com/recaptcha/ 		884 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ed3a0b2b95507edaf7bfa6652d0e441c1ad5e9625836fd897f13c3c439525839
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Sat, 16 Apr 2022 21:42:34 GMT
newsletter-signup.js
www.staradvertiser.com/resources/newsletter/ 		2 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/resources/newsletter/newsletter-signup.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Sat, 12 Oct 2019 01:57:07 GMT
server
nginx
etag
W/"5da132f3-7ed"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
frontend.js
www.staradvertiser.com/wp-content/plugins/ad-refresh-control/dist/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/ad-refresh-control/dist/js/frontend.js?ver=1.0.5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Fri, 23 Jul 2021 07:01:13 GMT
server
nginx
etag
W/"60fa6939-3583"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
functions.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/functions.js?ver=20200320
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Tue, 24 Mar 2020 19:28:26 GMT
server
nginx
etag
W/"5e7a5f5a-10af"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
underscore.min.js
www.staradvertiser.com/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 19:33:19 GMT
server
nginx
etag
W/"60aff3ff-4a84"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
facets.min.js
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/js/ 		399 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/js/facets.min.js?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-18f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js
www.staradvertiser.com/wp-includes/js/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/wp-embed.min.js?ver=5.8.4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
etag
W/"5ff5d754-592"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
slick.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		87 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2290827
x-jsd-version
1.8.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19145-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"15b7b-XpZQCGXagm+FCTNPA0QivnZitG0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EcS%2F5p%2FeF%2FVt1Jy%2FzcBFPrNgUwIAm6djENfw6unzDr9W7hQsB5OC0YTjSmo47VZCtWo%2FSrFhO5Maq%2BY7Y5iSwO3CHtN9TYjqSxUXW5F3WGTH5wPjZYMEe749udpfTTJXGtY7bqYeavcGpJwpvc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6fd017749ede01e3-ZRH
popper.min.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/popper.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-4af4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3287651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11522
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-bf30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crlj7XFlE7DdTZNYpwGSF97zAnIGKPvCIzRfnmXTdgWApIhok6ZM4Nq6VaaXQWxMMc7wvPJQnQCrQStnsOki0mf6pNr2wuhSgzucyY7vBGAaHQ1yB8IErwFK%2Bf3T210vWxenNyGpdg4T2aRJVUwcOvqk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fd017749daf01fc-ZRH
expires
Thu, 06 Apr 2023 21:42:34 GMT
prefixfree.min.js
cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7432008
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2135
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-16f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pH1RxryiSMhSVNw1AsfB0r2Zajy4L88SG67mzn5zM0lZgX6vURDoU3wEzWfxW8%2Fu8w7p3b3%2BS3KAsyx0soxhdj%2BX8q%2BKIQJJJi3jnxQP%2BuRz6GPY%2B5mDYnO31%2F5UC0Z65P2YtdFt%2FfssSxqJ4%2FiKE4Ss"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fd017749db201fc-ZRH
expires
Thu, 06 Apr 2023 21:42:34 GMT
hawaiian-text.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		915 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/hawaiian-text.js?v3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
27a248eda1fdeed115a09b6721edd068770883206d013e5b493a12aab50a7c41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-393"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
custom-author.cmd-hsa-minified.1642203097.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/custom-author.cmd-hsa-minified.1642203097.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
33c002e144d2f01a2b5ed89a40dca710f0ac4d04fe7e3ca0ccfedf93e4adbb63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
content-encoding
br
last-modified
Fri, 14 Jan 2022 23:31:42 GMT
server
nginx
etag
W/"61e207de-29cf"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160074/3146// 		169 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160074/3146//pwt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5022fcf9de86b31fb30f480f4aa29fe96298d33242f5455a778da9f3079550b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:22:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"11c1a63-2a268-5cd3b5de565d2"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=136011
accept-ranges
bytes
content-type
text/javascript
content-length
55348
expires
Mon, 18 Apr 2022 11:29:26 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
776
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0FC6XHPBM8Y2Q084422A
date
Sat, 16 Apr 2022 21:29:43 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
LKns_8vnXdnyMKwSoGB-zU9zvNX1RtE_m9Cmj7nQeBr0bQx5ii_edQ==
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wsl8gsu&ht=tk&f=139.140.175.176.28494.28496.28497.28498&a=84346937&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e01c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:34 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5124
date
Sat, 16 Apr 2022 20:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 16 Apr 2022 22:17:11 GMT
aam.js
aamcftag.aamsitecertifier.com/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aamcftag.aamsitecertifier.com/aam.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5000:14:c3e7:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a476b3442043756f97fc98c480c06c65c74207e12ae6ba150eee21d7eed067

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 03:43:16 GMT
content-encoding
gzip
last-modified
Mon, 01 Feb 2021 19:46:45 GMT
server
AmazonS3
age
64760
etag
"d01602293dda6546ca8f8ededd0e44e8"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
25648
x-amz-cf-id
tTmlL44pdTCobKFYBjxTWYvz9FbvAgh9e0f5rbHX926UgLB019Bfug==
x-amz-meta-s3b-last-modified
20210201T194158Z
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d2na2p72vtqyok.cloudfront.net/client-embed/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-242-20.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
922f3471c635c696de732da18714c1f54e6def0d1c6c8179adb3c5993e3f8695

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
1xYqzFgpw9raszvV1Uy.A0dqKqOvYgkk
Content-Encoding
br
Vary
Accept-Encoding
Last-Modified
Tue, 12 Apr 2022 14:46:10 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P1
ETag
W/"08625d65200494d57f6ddcf1419e4cba"
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Content-Type
application/javascript
Via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
Cache-Control
max-age=60
Date
Sat, 16 Apr 2022 21:42:36 GMT
Connection
keep-alive
X-Amz-Cf-Id
-2yzwtQRM5P-3jF8GpPbxkJJKXzexHLseEr3Ns2Fk7mpBA-tyKaH2Q==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 04:54:44 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
68349
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
m53cUjo4JYkXhtGBU0RQLOPaWMWb7_sAJ0ERoV4pLk44mD9ersLFGg==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
i+rq8u6xvlB9+DDC90TMvz0Vfkcn3O2jqIXteL/1Z9vZ88Vh+GwoKZDklyg3MEmhAJREaA71Oe4wkrbMKY50yQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sat, 16 Apr 2022 21:42:35 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607621318571f4c48784c196784133fb7ea6db9c1ad3fb28deac95d17d91883f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28546
x-xss-protection
0
server
sffe
etag
"1189 / 925 of 1000 / last-modified: 1650060417"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 16 Apr 2022 21:42:35 GMT
prebid4.15.0.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		196 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/prebid4.15.0.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d2be56cea1a4dcdfe58a21865c56188678e70e0cb288a965f649829ad71d467d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Tue, 16 Feb 2021 02:08:00 GMT
server
nginx
etag
W/"602b2900-3117a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-emoji-release.min.js
www.staradvertiser.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
nginx
etag
W/"60bfebf0-4705"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bg-ad-black.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/bg-ad-black.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c6d36a345aad21002e4db0c4578eba8e9979a61c22f112f55ac95c166cabdaf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-40b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1035
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23795040
cf-ray
6fd017748d42e8fb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44068
x-amz-id-2
TjXvTfVzpYOOUJwv3md20GbFaa9eAymxuOBM/MLU/sj29aZydPTzzLk3niDZCNDzs7qbdrojMWo=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"84f351b3972185aed620f78489e48b2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbpqqtDocV7UPuIX6SWdSWUw6hWSh56YIuarP4fHn8sxZP11nkRJnTBZlQmKtj86U9gjMYLmvtmB8hyDuPAMVHRqB66tILsHHKjWaWuTBLMBya3HiUv4O55u3ebK6fIJcVBFKJRkM7nqksk6PJEQD0Lx"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
BFKR9WQ0CGVG2VYH
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
bg-ad.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/bg-ad.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
05488f9b88e6509afa4c9438d1352309aee2b020a508c76d66f5691f03824ff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-3ac5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15045
l
use.typekit.net/af/65a133/00000000000000003b9adc1a/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/65a133/00000000000000003b9adc1a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
acc3c4b04f19bc9067921dc3e4ce4f734521bb13b9d0c9943e8fa9585797114f

Request headers

Referer
https://use.typekit.net/wsl8gsu.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
server
nginx
etag
"d1273710b7f550512dbb2ff62d904ba6dde81f28"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34860
fa-regular-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11641910
cf-ray
6fd017751f4a839c-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12216
x-amz-id-2
sYRWODIhhHl0ZXqtAD+7kXl/BbJU4CR/Q8T5Gygt5SDrolFvT23qtGpNx0KNIJ2fXu3j1tUYh7A=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"12717b4a013de862452c4ffcf4e1c264"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzprLhnKi0YTxAhK1%2FMiLzugqLCMZK0ZDXKgB09TAEZluWHje%2F9nqulAvovbjijieo0cZzxh6FT39jw2DOzWNF%2B0JoASIWDOEH4tb1GDq82hSai7WfnnhPtPwGAB71cfmqpLftcKnDjYx7uqW92gOiR%2F"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
Z9HMGHCVK8K9SZWF
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
web1_Campbell-HS-water-polo-02.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_Campbell-HS-water-polo-02.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
06d2a3dbfcefdb9d4a7b9bc3db0dc8114ea3466bb9ba8b77376b44704b358494

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 08:03:12 GMT
server
nginx
etag
"625a7840-1464a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
83530
web1_20220416_b1_MUGkahele-300x184.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20220416_b1_MUGkahele-300x184.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
97ac8fa78bfe04aeaddccc6de559b0d914f1d79600a262b2c0a80e82265b8b5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 08:07:13 GMT
server
nginx
etag
"625a7931-1ea2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
7842
web1_20220416-Edith-300x189.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20220416-Edith-300x189.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a539dd9b2a5bf0164ca4af0ff06491912edfd76c3c41681fc61da6c45283c5c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 08:36:41 GMT
server
nginx
etag
"625a8019-21e6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8678
web1_278392495_349573907205396_5873049380390183605_n-300x214.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_278392495_349573907205396_5873049380390183605_n-300x214.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
503fd176219571ce3065115441d7eda150638a70ccf4a510c64588a207ee2279

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 08:05:13 GMT
server
nginx
etag
"625a78b9-318f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12687
web1_20210515-14-300x225.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20210515-14-300x225.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
357ddd40fc3953bcbacdd5c891db4724daaf159e9a0d57b63e140cc6fc920160

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 08:40:46 GMT
server
nginx
etag
"625a810e-337e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13182
web1_Hyo-Joo-Kim-18th--300x210.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_Hyo-Joo-Kim-18th--300x210.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8c1d45253ad5a881d43a70abc42d9937084c0ed13ba962ed63da4b255c78e316

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 09:35:34 GMT
server
nginx
etag
"625a8de6-1913"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6419
web1_SPT-UHCSUN-027-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_SPT-UHCSUN-027-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
541cc61733a38965defcc7ebc4255b9523685535b9986c9342de55fb7754025b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 09:45:44 GMT
server
nginx
etag
"625a9048-2f40"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12096
web1_brianna-do--300x222.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_brianna-do--300x222.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d55df5fc0e03548dff792836d8efebc013f67a664991951bf7a6d45b28036786

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 09:37:05 GMT
server
nginx
etag
"625a8e41-1eb5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
7861
web1_SPT-uhbsb-7638-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_SPT-uhbsb-7638-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f101acf539b2a1972b876080ed8642b8f57bf9f83fca48e6621474df1a7374f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 09:44:14 GMT
server
nginx
etag
"625a8fee-3944"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
14660
web1_20220416-web-flood-300x185.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20220416-web-flood-300x185.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e9e466cca00436a8a6243c7c991fa4bf1522345b51e477b76a2146ccbe6aceb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 18:43:37 GMT
server
nginx
etag
"625b0e59-2d95"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11669
web1_ca94527594e7a40ef10e6a7067008773-1280x720-300x169.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_ca94527594e7a40ef10e6a7067008773-1280x720-300x169.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fb5c5f99f61d82d72699f9c6585bdd11d608376529f2b7eb24bc8e8a77121b3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 03:21:37 GMT
server
nginx
etag
"625a3641-1db6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
7606
web1_12438521-33889a1ea3964aeeb316ffe4bfaa9bed-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_12438521-33889a1ea3964aeeb316ffe4bfaa9bed-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
796d881d16a8d12aa32e951fd668a3a38eee975907d801a9c0fac75cf1febc10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 06:05:30 GMT
server
nginx
etag
"625a5caa-25be"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
9662
web1_20220416-web-south-carolina-pd-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20220416-web-south-carolina-pd-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1e71f36640e275fc5241971fbd6db225d5fc81f60bdac11335335f7385173b67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 19:38:24 GMT
server
nginx
etag
"625b1b30-28d8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10456
web1_12439164-43e51ee930ad425dacf58372b5dcf933-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_12439164-43e51ee930ad425dacf58372b5dcf933-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e2460d1c659188d930048130b5f4801a3502602ce91ec005a44514a6cc4b5f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 11:00:02 GMT
server
nginx
etag
"625aa1b2-1ff7"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8183
web1_20220415-honeycreeper-300x189.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20220415-honeycreeper-300x189.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
852c18a952e82ecf45bc9dcf2e595982ce80fe09641518f2a1e574835279bfd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 07:45:08 GMT
server
nginx
etag
"625a7404-1ddc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
7644
web1_20220416-web-druid-hills-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20220416-web-druid-hills-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5f947955bcf86317234aa605c441e78749019b4c1d7c9ae402a81381462fcaae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 20:25:30 GMT
server
nginx
etag
"625b263a-4140"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16704
web1_12439301-65b4eced919746d5807ab2220f438361-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_12439301-65b4eced919746d5807ab2220f438361-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
86e1c71210a431c4da26faf351b0bf924895d627aebaa68da0e096ba6df2fbb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 20:09:49 GMT
server
nginx
etag
"625b228d-2eec"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12012
web1_12439315-ea5f4f9b639c4dd1bd43f01d80db8324-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_12439315-ea5f4f9b639c4dd1bd43f01d80db8324-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
41169f49898863a390828b2c3d121568952aac2bf27bf12af27012538ef13f45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 20:16:23 GMT
server
nginx
etag
"625b2417-289a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10394
web1_12439355-7b0a2962d5f24c629912c5728a755cf3-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_12439355-7b0a2962d5f24c629912c5728a755cf3-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b4a8ee5d885e23ad8dadb3703e5ca5be5c893fa06507b7d2a3ccca007af070d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 16 Apr 2022 20:49:22 GMT
server
nginx
etag
"625b2bd2-33bf"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13247
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		167 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=staradvertiser.com&domain=staradvertiser.com&path=%2F
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1bdd3e645e5be204ed300083ad58af70cd5eb69e6b4235bc5b6f7e98170951f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
128
x-served-by
cache-mxp6948-MXP
access-control-allow-origin
*
x-timer
S1650145355.163291,VS0,VE103
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Thu, 14 Apr 2022 21:42:35 GMT
loader-sa.jpg
www.staradvertiser.com/wp-content/plugins/cmd-hsa-lazy-load/assets/img/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-lazy-load/assets/img/loader-sa.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
969c577b1459c03ad78597e6c1f13a836dc74a439e9c17b0094bedf4d312e57a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-6cb8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27832
t
jadserve.postrelease.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.staradvertiser.com%2F&ntv_mvi
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.116.163 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-116-163.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
107e43171fa586f75487c945e508a60a851cba9528990a11c9c4174009b83ac8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
1015
expires
Mon, 1 Jan 1990 12:00:00 GMT
videoseries
www.youtube.com/embed/ Frame AE9B 		211 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6ae3f006999b1d146337f1c75859d0a40399f09eda1c260f7d47930c3b4dc04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sat, 16 Apr 2022 21:42:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.24.6/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.6/jwpsrv.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/ZoPFXSjg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfa7a03558006522a62cff68598a23b5df942a302f5d562ea8a1757465314e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
age
333
x-cache
HIT
content-length
18774
via
1.1 varnish
x-served-by
cache-mxp6971-MXP
last-modified
Mon, 28 Mar 2022 21:14:41 GMT
server
AmazonS3
x-timer
S1650145355.253534,VS0,VE0
etag
"b1a6104dbbfab0c05f4ced56046c3bd9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
384
gapro.js
ssl.p.jwpcdn.com/player/v/8.24.6/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.6/gapro.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/ZoPFXSjg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9fbeaf40d2ffc26488be92110e35c3714a07273c7bc4d79f54c22017254991a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
age
1582855
x-cache
HIT
content-length
958
via
1.1 varnish
x-served-by
cache-mxp6971-MXP
last-modified
Mon, 28 Mar 2022 21:14:33 GMT
server
AmazonS3
x-timer
S1650145355.253677,VS0,VE0
etag
"35531725579fe3b0c3fb3ad5114de74b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
193244
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.24.6/ 		308 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.6/jwplayer.core.controls.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6cfcd364b527a8c6adbdca911f3499783a6db73e10c5b7c44d414add1b889289

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
age
1583010
x-cache
HIT
content-length
81785
via
1.1 varnish
x-served-by
cache-mxp6971-MXP
last-modified
Mon, 28 Mar 2022 21:14:28 GMT
server
AmazonS3
x-timer
S1650145355.253797,VS0,VE0
etag
"d1d9a09a03d2219d5bcc63cb34ab3cdc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
766357
025uSCQm
cdn.jwplayer.com/v2/playlists/ 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/025uSCQm
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
f2eeb0239e68e7302025b6809245ea71b113f928706809579ad4ccf2dc75a2a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
content-length
1701
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-id
ixEz96Immo70-GWjz29FKzTP4VtjjjwKGOMKSwyVQXke5_FUEgs-pg==
expires
Sat, 16 Apr 2022 21:45:35
config
c.amazon-adsystem.com/cdn/prod/ 		0
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 03:40:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
64935
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
vbX-40SBkEP3Vu482mir4nbV_HTqIFMC7ueKG5bpkge5jvqhLaK1Hg==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 16 Apr 2022 21:42:35 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1521
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=_5VYunxCdFdpcWFxbkpic3BvaU13elhBMGp1UkV6TlZWY3VqSDN3NnovREJGVmlLQUZEa2w2MWRGTW1FZzFvZFlXYzR6ODBINklkcFZ3WVhDRktSSldQSXRnVURBMW1hc1BMTndHU2R1SXd6ZGt6d0YrMkNLeHJKcUJMc2...
347 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_5VYunxCdFdpcWFxbkpic3BvaU13elhBMGp1UkV6TlZWY3VqSDN3NnovREJGVmlLQUZEa2w2MWRGTW1FZzFvZFlXYzR6ODBINklkcFZ3WVhDRktSSldQSXRnVURBMW1hc1BMTndHU2R1SXd6ZGt6d0YrMkNLeHJKcUJMc2xLblIyUStKNm5lS3gvWWQ2NzBkWkQ0bU5YSkFOMmlOVXFaejVFbjVFMmpiWmpYV2U3UVlwbUV3dVhEaE85TFpWeFd5OFNLclVqUGl1TmgzUytPZ2p2UEx3MFdES1dqWVVsQlBMYjVCK1pCeTlINE4wVE1mMVZYemxLVUZtSXpDd08xaVRXaG9lfA&cppv=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
a479479c821792cb373e425a42071bca2119fcb108a8bdc23718b24a4ebb6f4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2007
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:34 GMT
location
https://mug.criteo.com/sid?cpp=_5VYunxCdFdpcWFxbkpic3BvaU13elhBMGp1UkV6TlZWY3VqSDN3NnovREJGVmlLQUZEa2w2MWRGTW1FZzFvZFlXYzR6ODBINklkcFZ3WVhDRktSSldQSXRnVURBMW1hc1BMTndHU2R1SXd6ZGt6d0YrMkNLeHJKcUJMc2xLblIyUStKNm5lS3gvWWQ2NzBkWkQ0bU5YSkFOMmlOVXFaejVFbjVFMmpiWmpYV2U3UVlwbUV3dVhEaE85TFpWeFd5OFNLclVqUGl1TmgzUytPZ2p2UEx3MFdES1dqWVVsQlBMYjVCK1pCeTlINE4wVE1mMVZYemxLVUZtSXpDd08xaVRXaG9lfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1609
content-length
509
expires
0
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3883011
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17086
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-f4a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVyjtrrG6KvRD2ZFqyJPeF89%2FbN8%2BXPnl6FXNYMVWkBmLPt6%2BZ3Ri2whqA0dBgE77PMQsNHtwT12xJOe5rTAscOQmaRdlMPHzMaU4b%2BsA%2FgKFOSPhJrO4W3eg6HYkugPmUdglX3GvQD86XDwWHiJmlt9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fd01776880301f8-ZRH
expires
Thu, 06 Apr 2023 21:42:35 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1433776692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&ul=en-us&de=UTF-8&dt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1271646023&gjid=1140813242&cid=2089291300.1650145357&tid=UA-16272709-1&_gid=865691768.1650145357&_r=1&_slc=1&z=219421736
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22040048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FR6m6ZMJeaQo5JxS3jTzBEMYFhMC3HJ0631kpvrjRRng%2BsSHRON2HFkWyRDMDWBhpU8xpTrSGnX3qLZHFZhsxTep1OtRTg4vDLvHmHxAhJAhLl3f%2FuU%2FWk69c%2B77oUqXxblHgDwgFhwyWmqnq4HffMRS"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fd01776cbe70219-ZRH
expires
Thu, 06 Apr 2023 21:42:35 GMT
css
fonts.googleapis.com/ 		8 KB
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9f282849d1cf8f3649ab2b38ee674050c4516b9cafe0c8eb5be6f7f5ce6a529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 21:29:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:35 GMT
search-bar-autocomplete.css
widgets.recruitology.com/lib/ 		809 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-111.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f78e3422084b9a403f0d1fe0657cc8464a8b9ed4535a374608974e70539422a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2017 21:04:29 GMT
server
AmazonS3
age
5
etag
"94c4aff69d9031d7ac28ab2f706d8ff0"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
809
x-amz-cf-id
Zl9MZ21wgxgczkOP90hj72XN5Ug52TLNQg10wmus6BYny3cISp-G7Q==
auto-complete.min.js
widgets.recruitology.com/lib/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/lib/auto-complete.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-111.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba1bfdef6fd715d9b9c3d6f09f1d1c46ae3e1abf8344750c22af4e57d1f7ee31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
last-modified
Mon, 24 Apr 2017 21:04:29 GMT
server
AmazonS3
age
5
etag
W/"0731475e6a55c38b7ff6cd23c98c121f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
D4vEXXFFBaKBKMA4-jH9Fh_jShosACNvTxI0fZDEJmSEjcxjAqqq-A==
fa-briefcase.png
recruitology-static.s3.amazonaws.com/static/images/ 		835 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recruitology-static.s3.amazonaws.com/static/images/fa-briefcase.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.87.156 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
982fd78f58ce2a94e199e5b624969a8e7261b31955160fce4d1ea98bb36bafb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:36 GMT
Last-Modified
Fri, 23 Jul 2021 13:24:54 GMT
Server
AmazonS3
x-amz-request-id
RZRBW3HMJ7VVTQXE
ETag
"6b0ea0515ba755249bf5d4a22b41805e"
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
835
x-amz-id-2
/tGEuTi17ysgsSA9xA9ozjEkM4nFdK0HRvIN5e7fN2bYvL5lM3uEackXwn57ozkdYw5SdB0OSSQ=
fa-location-arrow.png
recruitology-static.s3.amazonaws.com/static/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recruitology-static.s3.amazonaws.com/static/images/fa-location-arrow.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.87.156 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a3d2e1e7066775143da6681809d6f2c359736315cbc6457e1faacf8647f3e4b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:36 GMT
Last-Modified
Fri, 23 Jul 2021 13:24:54 GMT
Server
AmazonS3
x-amz-request-id
RZR5JNWTZZFR3PNJ
ETag
"afb85cfd6600a866bb3ab634a12b73ca"
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
1152
x-amz-id-2
HKxrd77RmK9vdDFk3xHZmR9hl1tfa+VhrEp2almZr4EKHzn9XLMNemGRu9JpI+qy/68YV4SRijI=
fa-search.png
recruitology-static.s3.amazonaws.com/static/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recruitology-static.s3.amazonaws.com/static/images/fa-search.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.87.156 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f7008fb6ed25a1eedb24388fa3f2024f7be118b310d492699dcb6b3ccf06cead

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:36 GMT
Last-Modified
Fri, 23 Jul 2021 13:24:53 GMT
Server
AmazonS3
x-amz-request-id
RZR1PC1AHQT1QXK5
ETag
"1a48a4475bcc37e8866403c27000c83d"
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
1212
x-amz-id-2
AJWjA3zF7Yr9kAxJ1BOcX4QHCj21QsFKSKsNKd0W67KYb48TfHkgpRl2yDczA2TdTHBxIHrRcR0=
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035032&ns__t=1650145356943&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&ns__t=1650145356943&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&ns__t=1650145356943&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
nf0rL3djSghVwm0SNuc1oTV9KGrv5Eib7fZgXYqALXl8szNAp9LotA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6035032&ns__t=1650145356943&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
date
Sat, 16 Apr 2022 21:42:35 GMT
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
rj93zqkoO27orsSjipov68db12q-zaPxuXO6a-SFTH7l6Jxb_y6eUw==
x-cache
Miss from cloudfront
email-signup-bg2.gif
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/email-signup-bg2.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
21ae863e166094b37618bb195db2b44719d89ea2f7748b02ef140c6ed03f0370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Sat, 12 Oct 2019 02:20:59 GMT
server
nginx
etag
"5da1388b-4158"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16728
i
aamcf.aamsitecertifier.com/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aamcf.aamsitecertifier.com/i?stm=1650145357004&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=206&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=25ef1cab-76ff-48f0-8a37-b8152668a9ed&dtm=1650145356995&vp=1600x1200&ds=1600x10211&vid=1&sid=843c8dfb-cc13-4755-a25b-06e542483e50&duid=aa87004a-e197-4ea0-b644-2ce79374ce52&fp=1726791418&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4yLjIwODkyOTEzMDAuMTY1MDE0NTM1NyJ9fV19
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.84.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-84-193.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:37 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
widgetinfo
p.cityspark.com/api/widgets/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=9865&callback=jsonp1650145680539
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5c31cd4ce31ecb87cb9c7d59a5c65985870ec36446b9b433dd8b1c1ee4efd9b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
recaptcha__de.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 18:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145700
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Apr 2023 18:53:15 GMT
309252323293891
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/309252323293891?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
504a6d83076b4ab86e5b24c472ebec946c46ea1f4b5575a314d7b46d404f0af3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
uCFn6eowtL2EGxcVPoXaJnqDct+/IIS/gH20zuoFUtWKODcFErLTlWLgi35aebzI5RztB8lV1ofuSPkENKQVEw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 16 Apr 2022 21:42:35 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl_2022041201.js
securepubads.g.doubleclick.net/gpt/ 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14165
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127945
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 08:36:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 16 Apr 2023 17:46:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		444 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
0d7833196894b879b5e83c479db940de5f0633ec37b73e6bc075773ecdd3d3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
188
x-xss-protection
0
expires
Sat, 16 Apr 2022 21:42:35 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 22:45:30 GMT
x-content-type-options
nosniff
age
341825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Apr 2023 22:45:30 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11641909
cf-ray
6fd01777ad9d839c-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55144
x-amz-id-2
xC/1mx9DxtPvMerjqvZJL+Nt9uWTfQXfTcXmZUbURkhmJjWgUrf+Rr6Fn3XR4W5sQEx1sT8RNh8=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"2ac01f7650b5ab76bfebbc708928929e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEMynI2%2FOP0nBo7XKgzB6YFeoy%2FgAGXWpAfnZNJ43rAEL1jqMRzpyQKNtfySPN%2F%2FRaTpVf1h06n9zPbbDL5%2BtcLJE3YO%2FGTYEE5DcHAubo85zj1fYI4%2FYjS58FXGVV85bsxjZx8X6yhg6EmpTiuLgbBN"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
Z9HWVVWSE0XTHD52
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
ml.br.js
js.matheranalytics.com/static/ltm/ma15446/988352900/1/
Redirect Chain
  • https://js.matheranalytics.com/s/ma15446/988352900/ml.js?cb=1592
  • https://js.matheranalytics.com/static/ltm/ma15446/988352900/1/ml.br.js
142 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma15446/988352900/1/ml.br.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
3e51ee69dd9c30198ed79a8b728c45a6a964c1e6f57fe515afc58e295b878390

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 03:09:48 GMT
via
1.1 google
last-modified
Tue, 01 Mar 2022 04:25:58 GMT
server
nginx
age
66767
etag
"9694bea72a8364646b1ceb32b06dd951"
vary
Accept-Encoding
x-cache
HIT Tue, 08 Mar 2022 00:31:00 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
content-encoding
br
alt-svc
clear
content-length
42335

Redirect headers

date
Sat, 16 Apr 2022 21:42:35 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma15446/988352900/1/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
4-gc-euw1-10920
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bcb8040a38eb5f6cfc9b625c2b0f2045e4636b5c1f8ba39ffdb4f0f2ebed6046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 20:05:15 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 00:03:51 GMT
server
nginx
age
5840
etag
W/"62561367-8e65"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
3HH1QZKkwxNmebFrR8snL9ZyOjDVammGBSl6a07GGCvlQTbdVy0moA==
expires
Sat, 16 Apr 2022 22:05:15 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-12.fra53.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 20:55:56 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
2851
etag
"61b8b8ab-1090"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
4240
x-amz-cf-id
NaiPiOSsQ4BXhBn6HZAcgk-vI5_t6RKC8sHNd8QGLObWMs50SF2hLQ==
expires
Sat, 16 Apr 2022 21:55:04 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-88.fra6.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
0c269a4b6f25843c02270e1f1661fe75b85ddeb2f84c4b85b0e16dae174acc05
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:13:32 GMT
content-encoding
br
etag
W/"aea7348e94b4847fb311c2909a3242d7"
last-modified
Sat, 16 Apr 2022 21:13:32 UTC
server
nginx/1.20.0
age
1743
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
aaIuj5PMCe9l-MNvo_Pk52A5zvIGiWbwZSFiW4lijcrosVzQjf2ehA==
x-xss-protection
0
ats.js
ats.rlcdn.com/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
49030
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Sat, 16 Apr 2022 08:05:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/x-javascript
x-amz-cf-id
gy2hNZv5xdbGafSkDCzbo8b0reFSkT72i5zh2bqGRvVeqDN5zLKjgA==
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16272709-1&cid=2089291300.1650145357&jid=1271646023&gjid=1140813242&_gid=865691768.1650145357&_u=IEBAAEAAAAAAAC~&z=241310221
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 16 Apr 2022 21:42:35 GMT
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/fae06c11/ Frame AE9B 		346 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fae06c11/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58673cd08a66c704c471054d9eafe0f32288dfd8baa0f3b0ca968aed77b0f016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:16:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
102378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47446
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 00:15:26 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 15 Apr 2023 17:16:17 GMT
www-embed-player.js
www.youtube.com/s/player/fae06c11/www-embed-player.vflset/ Frame AE9B 		278 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fae06c11/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d725677bd5195e0d548c51683dc017e117c4c396f6cecd329c079d80a8734d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 18:03:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
13170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87880
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 00:15:26 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 16 Apr 2023 18:03:05 GMT
base.js
www.youtube.com/s/player/fae06c11/player_ias.vflset/de_DE/ Frame AE9B 		2 MB
524 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fae06c11/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a530176df4dcd814157997ed1a82d6e645043a4dab571034cf5600b4ddccdd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 15:44:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
194301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
536931
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 00:15:26 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 14 Apr 2023 15:44:14 GMT
fetch-polyfill.js
www.youtube.com/s/player/fae06c11/fetch-polyfill.vflset/ Frame AE9B 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fae06c11/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 18:16:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
12339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 00:15:26 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 16 Apr 2023 18:16:56 GMT
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.24.6/ 		410 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.6/provider.hlsjs.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cca9f6b040a38d600fa5515876e9cc2185da96ba16e2a7d15ce7eaa59b16cce4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
gzip
age
1583006
x-cache
HIT
content-length
116219
via
1.1 varnish
x-served-by
cache-mxp6971-MXP
last-modified
Mon, 28 Mar 2022 21:14:31 GMT
server
AmazonS3
x-timer
S1650145356.562910,VS0,VE0
etag
"c9ab10242843c0b912a37b5a0605d1fc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
632047
hqdefault.jpg
i.ytimg.com/vi/Svt3ekV_LRs/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/Svt3ekV_LRs/hqdefault.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f021ff3fde1c3d423b9c5c13ede530bfad5ce884a4e27684df50942fc28132b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30661
x-xss-protection
0
server
sffe
etag
"1650065410"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Apr 2022 21:47:35 GMT
hqdefault.jpg
i.ytimg.com/vi/04kc4wSrOOw/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/04kc4wSrOOw/hqdefault.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26e859295e244acf647c63cc31a0eed7527f062a3cda5b1973e5e275d1f71dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33716
x-xss-protection
0
server
sffe
etag
"1650009999"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Apr 2022 21:47:35 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
30989215
cdn-cachedat
2021-04-23 07:18:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3dc67c43f5f695f65a3234d8a4ac94d0
cf-ray
6fd01778ad0acc5a-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		67 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
W/"60c805fa-10c45"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sat, 16 Apr 2022 21:42:35 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17560398
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B36X1BCHCQ732ADZ
x-amz-id-2
20uffz1kDj+aqh3fOgw+IcBHEkwif8F90uXiEgrQdOM9jvm/W6jTyG/26uvoUregVDavczVZqQc=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtSAsbNMK9IqjoWeuDW3DtQzMVe48Kp0qqI9LEVJEzhp0HVMXxfRX%2F6BBvFt0fyTAjhhv9FOliHsKOrjupSWys6ILCDRkG9PNvhuRbMn6nCbH6kq%2FotqV4gHklFk4cOgGUi5InKEX6h0F%2FoW3TALE8HV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6fd01778a83a839c-MXP
sa-jwplayer.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		2 KB
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ 		502 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.4
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.4
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		16 KB
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51ee895958f8cdaf9c972b1cbaa12dfd82c718d1d49ff0d67aa33b16a9b1d252
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 21:24:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:35 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22040048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUnhOov4bZBWyeI8dSGtigxiif2%2B8XVHA8sD0e7CzW8bKP3tmsLOhswLOWjqD7CcqCjl4TldqsPxipyjiGc7mHeW4haNdO%2F%2FLdQC4%2BBSINheqnXQw6zs07Z03Wjaq%2FPXFI5kiMv9j1H0I67IBLhtE46B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fd017789a1c01f8-ZRH
expires
Thu, 06 Apr 2023 21:42:35 GMT
css
fonts.googleapis.com/ 		8 KB
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9f282849d1cf8f3649ab2b38ee674050c4516b9cafe0c8eb5be6f7f5ce6a529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 21:35:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:35 GMT
search-bar-autocomplete.css
widgets.recruitology.com/lib/ 		0
0
active_orders
origami.secure.ownlocal.com/api/ 		289 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=11d8bf01-4a0d-42f1-9c82-39f1b7726234
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
e137c4d36b26b9ddc8867f69979c60f1b854318c0cd21ac9ad1361410997440f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
2949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
1; mode=block
x-request-id
e5bbb379-4915-4326-b38a-ec84ea05732d
x-runtime
0.042955
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
x-frame-options
SAMEORIGIN
date
Sat, 16 Apr 2022 20:53:26 GMT
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Origin
cache-control
max-age=3600, public
etag
W/"e137c4d36b26b9ddc8867f69979c60f1"
access-control-expose-headers
active_orders
origami.secure.ownlocal.com/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=c46cf15d-1622-4157-8f3f-18b9a61946de
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
b26cc68208ad64a9f0ab116e2114198f21611c3d70b164a03a2a8ce00fcd8c38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
3115
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3187
x-xss-protection
1; mode=block
x-request-id
c173eb56-cad2-41fb-be14-0cb22d56f8f6
x-runtime
0.047363
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
x-frame-options
SAMEORIGIN
date
Sat, 16 Apr 2022 20:50:40 GMT
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Origin
cache-control
max-age=3600, public
etag
W/"b26cc68208ad64a9f0ab116e2114198f"
access-control-expose-headers
play.png
www.staradvertiser.com/wp-content/plugins/cmd-hsa-dbn-video/include/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-dbn-video/include/images/play.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
12617a86d84e318f81b68310fb64c66b79059877e1b550d2e7a43472e0c417f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-87d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2173
play.png
www.staradvertiser.com/wp-content/plugins/cmd-hsa-video/include/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-video/include/images/play.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
12617a86d84e318f81b68310fb64c66b79059877e1b550d2e7a43472e0c417f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-87d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2173
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/alerts/net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analyticssystems.net/api/v2/alerts/net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h53Q8R2M33SNHkQWjiTa0nCzcZttQe4D9YzA9ZDpqF9yj8382lOILtU4BKgwfXbrY7hXEs5cT6p9NVf4vFnl6sL3DJkXgu1v3MfhijIT1rknHwomxLS98q1rid7fb6pFP%2B0VfIgF7%2BnGT80Sx29Ty8c9zw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd01778ff8d5a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dUyluand7doAWOzi
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
30989215
cdn-cachedat
2021-04-23 07:18:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3dc67c43f5f695f65a3234d8a4ac94d0
cf-ray
6fd01778bd20cc5a-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		67 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
W/"60c805fa-10c45"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sat, 16 Apr 2022 21:42:35 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17560398
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B36X1BCHCQ732ADZ
x-amz-id-2
20uffz1kDj+aqh3fOgw+IcBHEkwif8F90uXiEgrQdOM9jvm/W6jTyG/26uvoUregVDavczVZqQc=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMTgetCDCLdw4Wh92jzc4LPOlgfZF9qjNE8witA%2BppvNymf8WWFTqU7aAUf88IUPc%2BO1bc%2F1aBOrHu364tvoOAuZUAvKsspD2K0m7kAqNWhL4t%2Fl3xgjC4UAiOap%2FzMfD0dwl7Ue%2FV04%2BvmFh6ZmA2Dl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6fd01778d8cf839c-MXP
sa-jwplayer.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		2 KB
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ 		502 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.4
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.4
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		16 KB
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51ee895958f8cdaf9c972b1cbaa12dfd82c718d1d49ff0d67aa33b16a9b1d252
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 21:28:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:35 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22040048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCIjLGdSVjfjfVbELdEeZ%2BOuvf7CGRHjMUGcWAdGHp6Hz1QmZC1HxOF1Nk%2BMzxTrc6e6nsPUEUf4T%2B34112vL%2BYabE14aqLv6DzBufcq057l6DT%2BzD8bIrRPfxnPi3Yz7PGltVVB%2B4t%2F1wr4xRlTI4Dv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fd01778da5a01f8-ZRH
expires
Thu, 06 Apr 2023 21:42:35 GMT
css
fonts.googleapis.com/ 		8 KB
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9f282849d1cf8f3649ab2b38ee674050c4516b9cafe0c8eb5be6f7f5ce6a529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 21:26:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:35 GMT
search-bar-autocomplete.css
widgets.recruitology.com/lib/ 		0
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AE9B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:18:05 GMT
x-content-type-options
nosniff
age
383070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 11:18:05 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16272709-1&cid=2089291300.1650145357&jid=1271646023&_u=IEBAAEAAAAAAAC~&z=213282690
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16272709-1&cid=2089291300.1650145357&jid=1271646023&_u=IEBAAEAAAAAAAC~&z=213282690
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_5VYunxCdFdpcWFxbkpic3BvaU13elhBMGp1UkV6TlZWY3VqSDN3NnovREJGVmlLQUZEa2w2MWRGTW1FZzFvZFlXYzR6ODBINklkcFZ3WVhDRktSSldQSXRnVURBMW1hc1BMTndHU2R1SXd6ZGt6d0YrMkNLeHJKcUJMc2xLblIyUStKNm5lS3gvWWQ2NzBkWkQ0bU5YSkFOMmlOVXFaejVFbjVFMmpiWmpYV2U3UVlwbUV3dVhEaE85TFpWeFd5OFNLclVqUGl1TmgzUytPZ2p2UEx3MFdES1dqWVVsQlBMYjVCK1pCeTlINE4wVE1mMVZYemxLVUZtSXpDd08xaVRXaG9lfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 16 Apr 2022 21:42:35 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1026
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c

Request headers

Accept
text/html
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:51:22 GMT
age
13873
x-guploader-uploadid
ADPycdtoQA4eQlgErPvmXFmakUBQuLYVB3ADv7KbmQ2_A22iiKHzbKYmLiBcLGPIfTmGeLb8RmACZ0GBjqUbZbXMN4MiPg
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13753
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:38:49 GMT
server
UploadServer
etag
"0ac794e2a61ea0f7ec1bc4cf3520238b"
x-goog-hash
crc32c=HivesQ==, md5=CseU4qYeoPfsG8TPNSAjiw==
x-goog-generation
1648229928975210
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
13753
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/html
expires
Sun, 17 Apr 2022 17:51:22 GMT
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c

Request headers

Accept
text/html
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:51:22 GMT
age
13873
x-guploader-uploadid
ADPycdtoQA4eQlgErPvmXFmakUBQuLYVB3ADv7KbmQ2_A22iiKHzbKYmLiBcLGPIfTmGeLb8RmACZ0GBjqUbZbXMN4MiPg
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13753
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:38:49 GMT
server
UploadServer
etag
"0ac794e2a61ea0f7ec1bc4cf3520238b"
x-goog-hash
crc32c=HivesQ==, md5=CseU4qYeoPfsG8TPNSAjiw==
x-goog-generation
1648229928975210
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
13753
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/html
expires
Sun, 17 Apr 2022 17:51:22 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=309252323293891&ev=PageView&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&rl=&if=false&ts=1650145357410&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22456843294878480%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222346298978947266%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1650145357409.930323907&it=1650145357021&coo=false&exp=p1&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sat, 16 Apr 2022 21:42:35 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=309252323293891&ev=ViewContent&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&rl=&if=false&ts=1650145357412&cd[content_type]=Homepage&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1650145357409.930323907&it=1650145357021&coo=false&exp=p1&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sat, 16 Apr 2022 21:42:35 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=staradvertiser.com&p=%2F&u=BMqucr19yW6Cqnniv&d=staradvertiser.com&g=48334&g0=Homepage&g1=Associated%20Press&n=1&f=00001&c=0&x=0&m=0&y=11036&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2321&t=p3XA7GUc3sBE4jACCX9Hm-BFzrvq&V=131&i=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&tz=0&_acct=anon&sn=1&sv=B84gnIx0mX9QqmemB7f4veCd0jw9&sd=1&im=067b2fff&_
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.121.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-121-35.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:36 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ 		171 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3600:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2aba27accf7f080e7ae4cd31a180c51ca7b3937d1db6096f7c640ca2dc94d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
rdMiKYp_L8WGTwjxPUZntWGha7Zk7n6t
content-encoding
br
last-modified
Tue, 12 Apr 2022 14:46:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
etag
W/"030d3cd329b8b90cbb02afbecba0b7e6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sat, 16 Apr 2022 21:42:37 GMT
x-amz-cf-id
-NIS2RO8NCpWKyR5Ba82wlrMycoOHQl_W8ytHKnH1-yqthTil4Ppsw==
/
geoip.instiengage.com/json/ 		210 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.75.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-75-204.compute-1.amazonaws.com
Software
/
Resource Hash
e3a9cf322cb19945de4c50329a80acd3a1b06dce6ab8bc822d01de0dc76584ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sat, 16 Apr 2022 21:42:36 GMT
access-control-allow-credentials
true
x-database-date
Sat, 16 Apr 2022 02:42:49 GMT
content-length
210
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame 29A3 		73 B
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:6800:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
258
content-length
73
content-type
text/html
date
Sat, 16 Apr 2022 21:38:19 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
server
AmazonS3
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-id
E7ioKi7674CtKEtWV2LD8sWw7ua7BQihT-8z4P8O9EWgFSmogHOPiA==
x-amz-cf-pop
DUS51-P2
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
x-cache
Hit from cloudfront
ares-unit.css
origami.secure.ownlocal.com/origami_unit/production/ Frame 1F83 		46 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:52:15 GMT
x-goog-meta-goog-reserved-file-mtime
1648229840
age
13821
x-guploader-uploadid
ADPycdvuq7s9oE1APEMIvmDsDLzl5hELNWiybVeo-6G0qdz9-AW1FIX5C_lVtogqGJX_c2eytEvnMWDsErCfldRoh2wjIA
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46760
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:50:37 GMT
server
UploadServer
etag
"020de548baebf815e420fecd7cf5b327"
x-goog-hash
crc32c=+pua+A==, md5=Ag3lSLrr+BXkIP7NfPWzJw==
x-goog-generation
1648230637718667
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
46760
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/css
expires
Sun, 17 Apr 2022 17:52:15 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame 1F83 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24901820
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mpM7VrWiVOHYz8yYswimpaUDBjGwsrERWpMUQVdc%2BrASWycDL6yPSc%2B0BY%2FAV5o3CC1wrSEaCfuMuKyPgBE3tQKyOLOONXGFC4fDaYK2UOStEOlv9s9DpOZOIm5qkfPNShZPVAxk%2FE1KBXNNDd4J40M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fd0177badfd01f8-ZRH
expires
Thu, 06 Apr 2023 21:42:36 GMT
sp.js
snowplow.ownlocal.com/ Frame 1F83 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:06 GMT
age
930
x-guploader-uploadid
ADPycdvxzN7-FS3ddwBy6Qm6vd-8RrYZY2tWyU8b7s4o-t85Y7zAh6oirmsPX_aN5ImR2zZblwYrM1GG3UvaG-TILTFZHw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97919
last-modified
Mon, 19 Aug 2019 14:47:45 GMT
server
UploadServer
etag
"53030ece69ef259990486148c204d820"
x-goog-hash
crc32c=/u8IMA==, md5=UwMOzmnvJZmQSGFIwgTYIA==
x-goog-generation
1566226065807390
cache-control
public, max-age=3600
x-goog-stored-content-length
97919
accept-ranges
bytes
content-type
application/x-javascript
expires
Sat, 16 Apr 2022 22:27:06 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame 1F83 		222 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
br
last-modified
Fri, 15 Apr 2022 16:13:39 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/100.0.0
server-timing
cache-mxp6974, PASS, fastly;desc="Edge time";dur=16
accept-ranges
bytes
content-length
126
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame 1F83 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
30646080
fly-request-id
01F48TVJD3GRMNM4Z4TNWN5D10
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fd0177bdd9501df-ZRH
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame 1F83 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
30652257
fly-request-id
01F48MZ22BHHY31F4YZ9VQ3AH9
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fd0177bdd9601df-ZRH
anchor
www.google.com/recaptcha/api2/ Frame 802A 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=7dryzc3y37mz
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
37b3b241e9da8db2774684542b00708c1ce381dacf56a3b41ff150c76b98497a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zo/42Vo36Y6AJF6WCLhPHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21667
content-security-policy
script-src 'report-sample' 'nonce-zo/42Vo36Y6AJF6WCLhPHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=CzOSC9IOGteHY&cb=0&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1443757323385-3%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Tile1_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1449255182659-3%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Tile2_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-18%22%2C%22s%22%3A%5B%22982x30%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_x15_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-33%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Top_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-79%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Bottom_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-45%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Banner1_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-46%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Banner2_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-47%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Banner3_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1483134122312-0%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Sponsor-MostRead_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-51%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box1_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-65%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box2_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444788445358-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box3_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1482886799060-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-Top_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1521079920643-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-Top-2_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444965704525-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_MenuBox%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1445920181141-0%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_MenuTile%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1465867295375-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-events_TGIF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1564775939722-0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2249480143-1347-493f-83c4-bc4617614c7b%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Footer_Homepage%22%7D%5D&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
JYBK8PH4JE6QZFYQH866
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
ed3nhr2Omca_bYvDXCi6zdiLZB7yQ81VfkKvBIHyC_MPBsgLAgkCmw==
translator
hbopenbid.pubmatic.com/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sat, 16 Apr 2022 21:42:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Apr 2022 17:53:11 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
last-modified
Sun, 10 Apr 2022 10:23:26 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1649586986.745808"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 16 May 2022 21:42:36 GMT
id
googleads.g.doubleclick.net/pagead/ Frame AE9B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3eabdad7e320bac8a77e4e7cdeeb55a9f20ffe39197f3f7362f26dbcff168f89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 16 Apr 2022 21:42:36 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame AE9B 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:38:11 GMT
x-content-type-options
nosniff
age
265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Apr 2022 21:53:11 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame 1F83
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2290742
x-jsd-version
4.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19154-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtLErYWuvlyB1PNbA%2F4OOYdQaIf%2BNsG2xjw8eoWC%2BeRRVf5guhokebaMCq069zgup2XkQHRrtSRYXMfE1aMFRoJ%2BLgCEAwAxWIqpTEw20P1UWPOjKv2OS9kVA97rQiHHR46BWm9rF%2BgJDs1rqc0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6fd017801c98cc3e-ZRH

Redirect headers

date
Sat, 16 Apr 2022 21:42:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2290742
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111
x-served-by
cache-fra19150-FRA
timing-allow-origin
*
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2ByZzB9ovMe5IIZnljnWIo7PgcnGYjVDoFFdCRlbl3wIa8b5cTsxWuYuhUC8%2FBZFbGWEYEgtTZhvb0Tljr9eweiWZnBvI6T8woMiE4R5iKU%2BSHqg03GO5iF5UpsYzqylTTL2QiGpSHsMVt2ItWI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
cf-ray
6fd0177f9c15cc3e-ZRH
inter.css
rsms.me/inter/ Frame 1F83 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-fastly-request-id
cf73be4d6d6d031ee8e030c4d3632e54d130b542
date
Sat, 16 Apr 2022 21:42:36 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491
x-cache
MISS
x-cache-hits
0
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-mxp6968-MXP
last-modified
Tue, 18 Jan 2022 19:57:03 GMT
server
cloudflare
x-github-request-id
FE40:E10E:297F91E:2A9EFF4:61E71BD8
x-timer
S1642535897.793733,VS0,VE95
etag
W/"61e71b8f-1966"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRx%2FHiTDnUt5oGuZawal1yw76Mr%2BhFvEmCJca6cv0%2FM2ng%2FRBWgXXZQ3%2BWHNKlM5Tawwm7sa%2F1AI2iCyOjox164ZjIQ1xYEu%2F1NEGe5pOzBNcRYsP2z8wDh2SJ2ze5CPWAOptYet"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6fd0177d5de83745-MXP
x-proxy-cache
MISS
expires
Fri, 15 Apr 2022 18:04:06 GMT
css2
fonts.googleapis.com/ Frame 1F83 		1 KB
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fcfb4692c426d014569ccc2ce2fa4b0be34ae4b3f4e2fe387ddf70b4accc8710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 21:42:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:36 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=3200552&ntv_pl=1102376
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.116.163 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-116-163.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:36 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1102376&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.116.163 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-116-163.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:36 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
bbSa3LzB.png
assets-jpcust.jwpsrv.com/watermarks/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/watermarks/bbSa3LzB.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea61548e9d5031954bac5839724821f0aa82d3a6ad15440cd592c551f21fa3b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
gzip
age
202
x-cache
HIT, HIT
content-length
4826
x-served-by
cache-iad-kiad7000064-IAD, cache-mxp6971-MXP
access-control-allow-origin
*
last-modified
Mon, 19 Feb 2018 23:04:18 GMT
server
nginx
x-timer
S1650145356.436719,VS0,VE92
etag
"ebbad5ad378aa3799d2487401ff2298a"
vary
Accept-Encoding
content-type
image/png
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1
pISw3shK-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/pISw3shK-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/pISw3shK-120.vtt
427 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/pISw3shK-120.vtt
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3c0d71a3d0613b64d56e7d4a14fc86a75aa85308a82122ea80bda1fa29022be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
gzip
age
4
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
146
x-served-by
cache-iad-kiad7000091-IAD, cache-mxp6939-MXP
access-control-allow-origin
*
last-modified
Sat, 19 Mar 2022 01:43:58 GMT
server
nginx
x-timer
S1650145357.771943,VS0,VE99
etag
"1ccb29eaf0dabd716b85c2b92841b45d"
vary
Accept-Encoding
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Sat, 16 Apr 2022 21:42:36 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA50-C1
location
https://assets-jpcust.jwpsrv.com/strips/pISw3shK-120.vtt
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
*
content-length
166
x-amz-cf-id
WB6pnsWqdx9qaV384KUN-4zunJWGmtrgnnUd8yWuhrrxlEyg6Crfyg==
related.js
ssl.p.jwpcdn.com/player/v/8.24.6/ 		107 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.6/related.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3d53486bf39167c16013662da7df8f9f1a0b10b4d6238cf611f5f44f676254c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
gzip
age
1583010
x-cache
HIT
content-length
25208
via
1.1 varnish
x-served-by
cache-mxp6971-MXP
last-modified
Mon, 28 Mar 2022 21:14:34 GMT
server
AmazonS3
x-timer
S1650145356.472537,VS0,VE0
etag
"af62ad92b77d7fc0b661d84dfa3e404c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
444964
a9vu1dlh-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/pISw3shK/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/a9vu1dlh-720.jpg
86 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/a9vu1dlh-720.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3158f95b2c7af6dbf14bb10285c9c1049eeba6cb37a50340a185c4cbd1204385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
gzip
age
143
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
86730
x-served-by
cache-iad-kiad7000149-IAD, cache-mxp6971-MXP
access-control-allow-origin
*
last-modified
Sat, 19 Mar 2022 01:43:42 GMT
server
nginx
x-timer
S1650145357.742383,VS0,VE100
etag
"fdd5fcde6f599bd4961a5642f38a1173"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sat, 16 Apr 2022 21:42:36 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA50-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/a9vu1dlh-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
wGuHQ_CpskrET50GCnbhIbZzfcH2DwBpvfXeBzJgUXsfwI2g20OXdA==
99sa2obd-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/ReiuWYBP/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/99sa2obd-720.jpg
72 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/99sa2obd-720.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
79550b2162568ec7a582e6aeefac1cc28f04d1745ba220c265680ebd1e1e67a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
gzip
age
46
x-cache
HIT, MISS
content-length
69629
x-served-by
cache-iad-kjyo7100033-IAD, cache-mxp6971-MXP
access-control-allow-origin
*
last-modified
Sat, 03 Mar 2018 01:58:46 GMT
server
nginx
x-timer
S1650145357.742106,VS0,VE95
etag
"df3d71c290eeb1052c8d3e0a9c6bceb7"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Sat, 16 Apr 2022 21:42:36 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA50-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/99sa2obd-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Hlq5dtb0Sloz1loqk9bFqwk3GC0ddVBm4lurhTz42jaCf6l2raeDbw==
ReiuWYBP-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/ReiuWYBP-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/ReiuWYBP-120.vtt
918 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/ReiuWYBP-120.vtt
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c3d49a531d16798ac46a461df7bb96259d846bdca131321b68866af9152c9e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
gzip
age
261
x-cache
HIT, MISS
content-length
204
x-served-by
cache-iad-kjyo7100101-IAD, cache-mxp6939-MXP
access-control-allow-origin
*
last-modified
Sat, 03 Mar 2018 01:58:50 GMT
server
nginx
x-timer
S1650145357.772007,VS0,VE94
etag
"7edb1d8eb8abf6d84032877903774191"
vary
Accept-Encoding
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Sat, 16 Apr 2022 21:42:36 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA50-C1
location
https://assets-jpcust.jwpsrv.com/strips/ReiuWYBP-120.vtt
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
*
content-length
166
x-amz-cf-id
chHlQ-rLamgOFCnGTAuvE9trcB1FbIuhxR1A_ZUTmcL2eK4IHNr03Q==
/
geo.privacymanager.io/ 		28 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-65.fra50.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 05:03:43 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront), 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
age
59933
x-amzn-requestid
96afce84-c332-4678-a411-6139c877ff18
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-625a4e2f-0d581d1b509f86fb52acceba;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA50-C1
x-amz-apigw-id
QqEndHYojoEF-zw=
content-length
28
x-amz-cf-id
p9EpL7j9ll6L8AFmtx6z2y5w1bJY_-Ux2Vb1GVyKaBGhaMnZD_2xiA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
ares-unit.css
origami.secure.ownlocal.com/origami_unit/production/ Frame F8E5 		46 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:52:15 GMT
x-goog-meta-goog-reserved-file-mtime
1648229840
age
13821
x-guploader-uploadid
ADPycdvuq7s9oE1APEMIvmDsDLzl5hELNWiybVeo-6G0qdz9-AW1FIX5C_lVtogqGJX_c2eytEvnMWDsErCfldRoh2wjIA
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46760
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:50:37 GMT
server
UploadServer
etag
"020de548baebf815e420fecd7cf5b327"
x-goog-hash
crc32c=+pua+A==, md5=Ag3lSLrr+BXkIP7NfPWzJw==
x-goog-generation
1648230637718667
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
46760
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/css
expires
Sun, 17 Apr 2022 17:52:15 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame F8E5 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24901820
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8MVVzOpQPx0f2i4kKzi4bsqo58T4TSv9q9NJ2bq5lm7STRmFXDrLPvkOE1EJ543D8vtdeRB1yY67S3XQJuV0Uts01w496o3qGzxr%2B6LzKKvoB7VArCIXO0PJw9OuE9tPUjUsibV%2FO7hMhRAEBtJ%2BdTw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fd0177e38b701f8-ZRH
expires
Thu, 06 Apr 2023 21:42:36 GMT
sp.js
snowplow.ownlocal.com/ Frame F8E5 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:25:42 GMT
age
1014
x-guploader-uploadid
ADPycdv-4g-hPyY0Wg8mRQY7o-mWXjCBZU__snosirMrqBEEgieTwEC-TXcz5vv8_L079zM7PZR6pKIC0TfL8vkW9Usr6A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97919
last-modified
Mon, 19 Aug 2019 14:47:45 GMT
server
UploadServer
etag
"53030ece69ef259990486148c204d820"
x-goog-hash
crc32c=/u8IMA==, md5=UwMOzmnvJZmQSGFIwgTYIA==
x-goog-generation
1566226065807390
cache-control
public, max-age=3600
x-goog-stored-content-length
97919
accept-ranges
bytes
content-type
application/x-javascript
expires
Sat, 16 Apr 2022 22:25:42 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame F8E5 		222 B
193 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
br
last-modified
Fri, 15 Apr 2022 16:13:39 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/100.0.0
server-timing
cache-mxp6974, PASS, fastly;desc="Edge time";dur=15
accept-ranges
bytes
content-length
126
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame F8E5 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
30646080
fly-request-id
01F48TVJD3GRMNM4Z4TNWN5D10
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fd0177e3fff01df-ZRH
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame F8E5 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
30652257
fly-request-id
01F48MZ22BHHY31F4YZ9VQ3AH9
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fd0177e380101df-ZRH
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 16 Apr 2022 21:42:36 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame AE9B 		45 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5afb2be052d86924359204e0150dbb7f26392deda50851a104608ad667865ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
22488
x-xss-protection
0
remote.js
www.youtube.com/s/player/fae06c11/player_ias.vflset/de_DE/ Frame AE9B 		118 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fae06c11/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9186bc00b3e3fa7bfadc0d7332d62f8243ca9fbc60fcc868f64e0a345bc779c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 15:44:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
194265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37617
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 00:15:26 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 14 Apr 2023 15:44:51 GMT
-fGfix5ZuJUOVczo_kjURdYiDBKCRn1s8SwuZEgz-mU.js
www.google.com/js/th/ Frame AE9B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/-fGfix5ZuJUOVczo_kjURdYiDBKCRn1s8SwuZEgz-mU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9f19f8b1e59b8950e55cce8fe48d445d6220c1282467d6cf12c2e644833fa65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 05:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
229703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13737
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Apr 2023 05:54:13 GMT
embed.js
www.youtube.com/s/player/fae06c11/player_ias.vflset/de_DE/ Frame AE9B 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fae06c11/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0af1997a20e09d2f7e5e31e60ec1e45db7a9108cd0cb334e709b594ef980bc6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 15:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
194194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8163
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 00:15:26 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 14 Apr 2023 15:46:02 GMT
truncated
/ Frame AE9B 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
AKedOLSxErALqBCtFurtafnvvpJtsw16ZDgzVPfmASEwLw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame AE9B 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLSxErALqBCtFurtafnvvpJtsw16ZDgzVPfmASEwLw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
144af7bafe02560b9d2ef48a35c13844873b533d84db56b03b0f19263cb7437f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:44:56 GMT
x-content-type-options
nosniff
age
14260
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5310
x-xss-protection
0
server
fife
etag
"v2f6f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 16 Nov 2021 21:21:18 GMT
default.jpg
i.ytimg.com/vi/LAuIwNwaUkQ/ Frame AE9B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/LAuIwNwaUkQ/default.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0345ed2ecfc4d7ee8220036ae308b161cfe20c0d7b54a259019fffd93a9c75c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3479
x-xss-protection
0
server
sffe
etag
"1650070823"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Apr 2022 21:47:36 GMT
bundle.js
auth.instiengage.com/auth/ Frame 29A3 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:6800:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
z9_dsDhFEXvmKWuBLcY14W3grjGzZbNe
content-encoding
br
last-modified
Fri, 11 Feb 2022 18:07:15 GMT
server
AmazonS3
age
212
etag
W/"9bea1145c763a33ae96eac3f3997743f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
date
Sat, 16 Apr 2022 21:39:05 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
m41FUEqjD_btFa7GO9V-_ZsSsYBcXLD7Ht5ZzzZUrfoOxgj2t21W2g==
styles__ltr.css
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 802A 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=7dryzc3y37mz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Apr 2023 16:43:16 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 802A 		362 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=7dryzc3y37mz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 18:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145700
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Apr 2023 18:53:15 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=1&tid=fdcaade6-fddc-4d55-a2e5-122cce3ac351&pid=cd9bc544-5d84-46ed-831e-e6bb2a5ee54d&dtm=1650145358325&qnm=_matherq&visible=1&tabid=391f2f40-a0a7-4877-8c89-504dfd0bf16c&url=https%3A%2F%2Fwww.staradvertiser.com%2F&vp=1600x1200&ds=1600x11036&tofa=1650145358&vid=1&lvidt=1650145358&duid=777a22e8172a14b1&fp=2521163034&cid=ma15446&mrk=988352900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY1MDE0NTM1NTI0NiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNi4xbWIiLCJoZWFwVCI6IjIwLjVtYiIsImZzdFBhaW50IjoiMTM2NyIsImZldGNoUyI6IjIzMCIsImRvbWFpblMiOiIyMzIiLCJkb21haW5FIjoiMjMzIiwiY29ublMiOiIyMzMiLCJjb25uRSI6IjU2NSIsInNzbFMiOiIzNDMiLCJyZXF1UyI6IjU2NiIsInJlc3BTIjoiNzIwIiwicmVzcEUiOiI4NjYiLCJkb21Mb2FkIjoiNzI2IiwiZG9tSW50ZXIiOiIxOTU0IiwiZG9tTG9hZFMiOiIxOTU0IiwiZG9tTG9hZEUiOiIxOTg1In0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMjA4OTI5MTMwMCIsInJlZlRpbWUiOiIxNjUwMTQ1MzU4MzIwIn1dfQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.36.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-36-29.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:37 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame F8E5
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2290742
x-jsd-version
4.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19154-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoTLeVFd35DLYlGbXSY12uEuztYQQ0yyIZ6wyivW5xlL%2B55R73x47wKIKdOvFUqR85gz7KF8yxQJ4FGgKZ98L1%2BjoUopU2sviE4bhxmXEWmxpsGAdKOqJMvVyAqNgrgNT16tDB4M%2BBXHdmc31gQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6fd01780ede0cc3e-ZRH

Redirect headers

date
Sat, 16 Apr 2022 21:42:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2290742
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111
x-served-by
cache-fra19150-FRA
timing-allow-origin
*
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxVfTei5v1sR17vrknv1OkBwAUOWhldHcxdbwysywZ1uiswT0W705I7cNAOovQ34ngnME4Vki%2FO0TIO1LJIs7VVp0WZEq%2FDctcJHSGx13B4rWURg3ihgJtB1J2Y0xzRfTOUzVAqVM%2FVvVNkdP%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
cf-ray
6fd0177ffc73cc3e-ZRH
inter.css
rsms.me/inter/ Frame F8E5 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-fastly-request-id
cf73be4d6d6d031ee8e030c4d3632e54d130b542
date
Sat, 16 Apr 2022 21:42:36 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491
x-cache
MISS
x-cache-hits
0
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-mxp6968-MXP
last-modified
Tue, 18 Jan 2022 19:57:03 GMT
server
cloudflare
x-github-request-id
FE40:E10E:297F91E:2A9EFF4:61E71BD8
x-timer
S1642535897.793733,VS0,VE95
etag
W/"61e71b8f-1966"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90MeD%2BsrsIxLiN%2FgDIat8sSvDyT3kfq4yCBp14Su909E2jCkmz80U%2BaRLGxtAM5SARaK%2BhX9Kr%2Bz97MXXQWNpEJzMjHll92MQ0YH8l5b7hL%2Ffnt1K7ckdvOGt6ebTw75IHoVZwno"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6fd0177fde9e3755-MXP
x-proxy-cache
MISS
expires
Fri, 15 Apr 2022 18:04:06 GMT
css2
fonts.googleapis.com/ Frame F8E5 		1 KB
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fcfb4692c426d014569ccc2ce2fa4b0be34ae4b3f4e2fe387ddf70b4accc8710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 21:42:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:36 GMT
/
www.facebook.com/tr/ Frame 1C23 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.staradvertiser.com
Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.staradvertiser.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:36 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3294410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
573
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-882"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85he0i1GZyuUkpodpeWXg%2FiaG6VdUVzDfCaZCvNHLm5kiUSYPxUyr84x2ZWbXeRUh%2FU0zd4kuD9wnHTI8ywVHs2J%2BrqyiLLtewNXXD3Y1FC2u%2BKQRNi4K%2BqJYCnVWDvrY1qWx72J9OJskEYYXbRvacON"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fd0177fbd150219-ZRH
expires
Thu, 06 Apr 2023 21:42:36 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5125
date
Sat, 16 Apr 2022 20:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 16 Apr 2022 22:17:11 GMT
one.js
csp.azureedge.net/cdn/OneCol/ 		138 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 15:51:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d799c9204961e2"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
61870
spc_fi.php
cdn.firstimpression.io/delivery/ 		45 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7470&url=%2F&charset=UTF-8&ch=21&ref=www.staradvertiser.com&viewerId=null&referer=&_firid=41049509
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-88.fra6.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
2144f492651e42e0a4622e154074689b77e41d8508a185c17b2d180183a8aa7d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://www.staradvertiser.com
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
hSUhdNIDbNn6Rb1MobQNo00BYqG59VYV_Il1qmfZMrdkO1adMhyQGQ==
expires
0
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame 1F83 		168 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:52:02 GMT
x-goog-meta-goog-reserved-file-mtime
1648229840
age
13834
x-guploader-uploadid
ADPycduzheAMjHgcC3Wzq9jRgX6qqQcuuGTcK5uJt-gLn8c7NpG8GXNaI0qRBqJd_eXUePK-J1OysGPQI8tvQL4zD8f-uw
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:50:37 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
x-goog-generation
1648230637791346
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/json
expires
Sun, 17 Apr 2022 17:52:02 GMT
/
geoip.insticator.com/json/ 		210 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.20.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-20-6.compute-1.amazonaws.com
Software
/
Resource Hash
e3a9cf322cb19945de4c50329a80acd3a1b06dce6ab8bc822d01de0dc76584ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sat, 16 Apr 2022 21:42:37 GMT
access-control-allow-credentials
true
x-database-date
Sat, 16 Apr 2022 16:06:53 GMT
content-length
210
vary
Origin
content-type
application/json
49480143-1347-493f-83c4-bc4617614c7b
h99w9l39sa.execute-api.us-east-1.amazonaws.com/prod/commonid/ 		2 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h99w9l39sa.execute-api.us-east-1.amazonaws.com/prod/commonid/49480143-1347-493f-83c4-bc4617614c7b
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.176.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-176-199.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Apr 2022 21:42:37 GMT
x-amzn-requestid
430f4c95-f03d-4b52-bedc-ab930c106475
x-amz-apigw-id
QsW8EEl4oAMFbyg=
x-amzn-trace-id
Root=1-625b384d-2be1802058df3e4d19e86952;Sampled=0
content-length
2
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame 171A 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.20.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-20-6.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600
content-encoding
gzip
content-length
2821
content-type
text/html; charset=UTF-8
date
Sat, 16 Apr 2022 21:42:37 GMT
etag
69c8c9f2-7c9c-44bc-89df-ddd48a0b82b1
pragma
max-age=3600
vary
Accept-Encoding,Origin
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		350 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f200:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e433559fd43eb30dbc17d639eb7686547d3e7f19b78b349ad8c5fb31fe5b53d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
z52NyqJ_hn6tyPqSbaqcyIIjgKsL9qXm
content-encoding
br
last-modified
Tue, 12 Apr 2022 14:45:53 GMT
server
AmazonS3
age
75941
etag
W/"df0691b8072c2a69923c0f3c4d7d8039"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
date
Sat, 16 Apr 2022 00:36:56 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
WQ9bNUzkPR_vClHLRJenH4qLXVFiBq8Ony1YQXy8y6vIeYFOQSTi-A==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:36 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 20:41:28 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-31c24-5db4d56343065"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=82342
accept-ranges
bytes
content-type
text/javascript
content-length
63950
expires
Sun, 17 Apr 2022 20:34:58 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		71 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cb4b91714c9ed8f644ab9e033a9516c9423ff5ce44f5727780c5e5b5de2dd1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:36 GMT
Content-Encoding
gzip
Age
719
X-Cache
HIT
Connection
keep-alive
Content-Length
17270
x-amz-id-2
vrPOT+vXiAELMw+2Q+g9Xfc/oXvOHI8tHTg4QKty9TE4FrB+mK8ApCxhjCFqatfmt2Pla808Oh4=
X-Served-By
cache-hhn4026-HHN
Last-Modified
Sat, 16 Apr 2022 20:18:24 GMT
Server
AmazonS3
X-Timer
S1650145357.887862,VS0,VE0
ETag
"0132cf4f8906cd654602caf49ace79aa"
x-amz-request-id
46NZ9HXZ1XPVHTJ3
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
24
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 802A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:59:48 GMT
x-content-type-options
nosniff
age
355368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 19 Apr 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 802A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=7dryzc3y37mz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:18:05 GMT
x-content-type-options
nosniff
age
383071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 802A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=7dryzc3y37mz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:59:48 GMT
x-content-type-options
nosniff
age
355368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 18:59:48 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/ 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-88.fra6.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:13:06 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
1771
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
yl-Vv4r92UFktCu6GpwhCPP17wDXS6EQkRYAkxK4XGH7wq6UkasXTQ==
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
expires
Sat, 16 Apr 2022 22:13:06 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1200
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19162-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5q4z%2Fs%2B0cjVhDkOFoMc4E8WYaRssUt%2Fx%2B9XCYilrEmA2OJagZphQZ5JKYgv6pE%2F%2BfR%2BlKUsVQekkVq6XdVpIVX8zgmO8k6PdYeIaCgk6XUOAmcMErvqwCnS0HFIHQU1bvPUbxf3zS3AXqA2xRIw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6fd017816a680215-ZRH
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
778
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0FC6XHPBM8Y2Q084422A
date
Sat, 16 Apr 2022 21:29:43 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
7knmEnc7L8ansBHFgo1OEu39e-JR4HHCEYgDAMajiDBNID3CsD-MEw==
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.11.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-11-137.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sat, 16 Apr 2022 21:42:37 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.11.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-11-137.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Sat, 16 Apr 2022 21:42:37 GMT
vary
Origin
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame F8E5 		168 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:52:02 GMT
x-goog-meta-goog-reserved-file-mtime
1648229840
age
13835
x-guploader-uploadid
ADPycduzheAMjHgcC3Wzq9jRgX6qqQcuuGTcK5uJt-gLn8c7NpG8GXNaI0qRBqJd_eXUePK-J1OysGPQI8tvQL4zD8f-uw
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:50:37 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
x-goog-generation
1648230637791346
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/json
expires
Sun, 17 Apr 2022 17:52:02 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 802A 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=7dryzc3y37mz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e1492d5e8bde0eb89be6de49b447802fa96fb5b253b63a8c3900b85b0528e62b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=7dryzc3y37mz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 16 Apr 2022 21:42:37 GMT
fiamp.js
ecdn.firstimpression.io/static/js/ Frame C2C6 		110 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-88.fra6.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:13:20 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 08:48:22 GMT
server
nginx/1.20.0
age
1757
etag
W/"624ff6d6-1b8e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
KiP8nQly4U7VYU7w3rmtxWYiQa4M3LO0kSE4_0p4D3gayWMhLy-JHA==
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
expires
Sat, 16 Apr 2022 22:13:20 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4A0C 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
778
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0FC6XHPBM8Y2Q084422A
date
Sat, 16 Apr 2022 21:29:43 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
t1m2HyI5sbkxRo7bleB6Fwck_iPNT7DqvWvfglW-tUEs_7XEuGUuRQ==
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=1613941d-a0cd-4654-889b-e0ea1e44236c&ntv_fl=CF4se3gYGjAPzQcMJoAeWZBvuMByf3mSfd6pqSUcCCjE72VesWY2C5eDzpryLU6FgHvg8Wcpyz6XyVFZTKPpcbPNaa6_6nKl5H0Ror1fviVCGK1WA-rLFSBOTiqR0KToMmNSD7p-4kD543uAkuanXBNe8yUT260Y_wYSsp2E-q70Ho2zFFIVKHcoSwn5o84y&ntv_ht=SzhbYgA&ntv_at=303,302&ntv_a=AAAAAAAAAAKNIQA&ord=1650145358796&ntv_it
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.116.163 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-116-163.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:37 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
ares-unit.js
origami.secure.ownlocal.com/origami_unit/production/ Frame 1F83 		116 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
338be05f56a3a16bc3d0f3027460cbcccbe587b4d054a2c78fe080d3c8c13a58

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:52:03 GMT
x-goog-meta-goog-reserved-file-mtime
1648229840
age
13834
x-guploader-uploadid
ADPycdtu0hDbpiAA20z-2SZWS2IWZAHP4F_KiqRQkWtH0V6386awASWcescC9W5HOA9DRknaMlqb2YwWbtg3FkAijpBXYQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118480
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:50:37 GMT
server
UploadServer
etag
"caef850285c58d867c3e7b36f32212ba"
x-goog-hash
crc32c=6mULIw==, md5=yu+FAoXFjYZ8Pns28yISug==
x-goog-generation
1648230637786413
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
118480
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/javascript
expires
Sun, 17 Apr 2022 17:52:03 GMT
css
fonts.googleapis.com/ 		5 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 21:00:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:37 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36655742-6&cid=2089291300.1650145357&jid=1118784495&gjid=1488238759&_gid=865691768.1650145357&_u=SCGAgAABCAAAAE~&z=2102396366
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 16 Apr 2022 21:42:37 GMT
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
846997ea-4ab0-4abb-9c2e-775f874d16dc.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/846997ea-4ab0-4abb-9c2e-775f874d16dc.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
018a6ba81f499f8c19ed8bf09b3f6fbe80ba35248a1fa3b1f92328d4533fb6bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:37 GMT
Last-Modified
Wed, 16 Mar 2022 04:26:57 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
1+bHOI9XXn4r121PB+gquw==
ETag
0x8DA0705355F4907
Content-Type
image/jpeg
x-ms-request-id
3526b6f8-d01e-0007-32da-5151d2000000
x-ms-version
2009-09-19
Content-Length
14759
483bf697-41e5-4a32-ba53-b48d4d758133.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/483bf697-41e5-4a32-ba53-b48d4d758133.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7f7a2eff204787d41e37ca51909b80cbab14e7de622a15dae5b0c568b84d6335

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:37 GMT
Last-Modified
Wed, 06 Apr 2022 00:02:09 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
uDOqcu7AaZ1aIPpbDAUk7A==
ETag
0x8DA1760B1DACF66
Content-Type
image/jpeg
x-ms-request-id
4a05edbc-f01e-0062-07da-51ff96000000
x-ms-version
2009-09-19
Content-Length
8702
e7366cd8-a6ea-43d7-adef-30cc7200d67a.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/e7366cd8-a6ea-43d7-adef-30cc7200d67a.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ae560147811e1c76b5061cffd724cb6a148e633f4e23c601a98949f4b28dc770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:37 GMT
Last-Modified
Tue, 29 Mar 2022 23:18:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
19PIvcefVef4oqbRPioMuA==
ETag
0x8DA11DA68E700C9
Content-Type
image/jpeg
x-ms-request-id
48df778f-101e-0027-38da-512a75000000
x-ms-version
2009-09-19
Content-Length
9824
7174abf8-2f0b-43ed-a0c5-3cb8c1558573.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/7174abf8-2f0b-43ed-a0c5-3cb8c1558573.medium.PNG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
87594a84d607a02144146537733bf9e21c512577b04c18294901e43ef7e77b42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:37 GMT
Last-Modified
Mon, 21 Feb 2022 21:15:56 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
fV/qUtriso5NE0Xj3GNRNg==
ETag
0x8D9F57F5994C104
Content-Type
image/png
x-ms-request-id
2e2b6d18-101e-0055-44da-512d3a000000
x-ms-version
2009-09-19
Content-Length
14083
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
8e4cca30-8fa5-48a5-a479-17730702744a.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/8e4cca30-8fa5-48a5-a479-17730702744a.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
335153e47a75d27f91a735b8e0ac38cbe09ed489483801b50a78f0a3beecabed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:37 GMT
Last-Modified
Wed, 09 Mar 2022 05:13:48 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
a/tf5b2w2EepT/n7WTi+oQ==
ETag
0x8DA018B97BA8BEB
Content-Type
image/jpeg
x-ms-request-id
7ba5ad44-901e-005b-18da-51048a000000
x-ms-version
2009-09-19
Content-Length
9202
c714d40d-3b91-4178-aefa-10f65a125e4f.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/c714d40d-3b91-4178-aefa-10f65a125e4f.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f69b20025bce19118dc32040133cbdfaaa31b4ec09d91ca885e8fc46d9f4b36d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:37 GMT
Last-Modified
Sat, 01 Jan 2022 01:31:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
WWd+trqU3vY579ENaOOd3A==
ETag
0x8D9CCC66F12B3A5
Content-Type
image/jpeg
x-ms-request-id
afcef11b-601e-0060-0fda-51412e000000
x-ms-version
2009-09-19
Content-Length
23057
186b78de-f7c9-45a1-8f40-28168d5923f5.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/186b78de-f7c9-45a1-8f40-28168d5923f5.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8d0123b56b3c7c0139f606b7a0a893e2fd8507b01f599b4b35c5b25815028141

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:37 GMT
Last-Modified
Thu, 13 Jan 2022 02:55:00 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
f59QpLI0caCVYwc0ueS6ow==
ETag
0x8D9D640170895F2
Content-Type
image/jpeg
x-ms-request-id
4a05eddb-f01e-0062-23da-51ff96000000
x-ms-version
2009-09-19
Content-Length
10093
1d10ab98-6ff9-42dc-87e6-549ff4442307.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/1d10ab98-6ff9-42dc-87e6-549ff4442307.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b24c7666c615c18b50d90003a99ea5f295ba8f4c13af27f24a8bc105c7a99105

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:37 GMT
Last-Modified
Fri, 07 Sep 2018 05:30:04 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Zq5koUvhZ1HaGjbgEayeNQ==
ETag
0x8D61482F77B328C
Content-Type
image/png
x-ms-request-id
3526b726-d01e-0007-5cda-5151d2000000
x-ms-version
2009-09-19
Content-Length
45507
755bd266-f990-42e8-a4bd-497cecef491a.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/755bd266-f990-42e8-a4bd-497cecef491a.medium.PNG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4bf18e1ebd8c67514bc2be935fd634c3d51a2ac8aeb63bebca1511840c1ecd43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:38 GMT
Last-Modified
Fri, 01 Apr 2022 19:07:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
6Hc4AcUtxgcEa5wOo5FR1g==
ETag
0x8DA1412F007DC6E
Content-Type
image/png
x-ms-request-id
2e2b6d30-101e-0055-5ada-512d3a000000
x-ms-version
2009-09-19
Content-Length
4380
ba15bc90-1690-4c5b-88ab-5973bada77d1.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ba15bc90-1690-4c5b-88ab-5973bada77d1.medium.PNG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8ceb1389b4b75a583ec1c2d47b1dfacfb2e45ee4f3c87c450be33c26b89d4c81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:38 GMT
Last-Modified
Thu, 24 Mar 2022 01:38:47 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
gU4hX0+Rlb/VE2P+1JM2XA==
ETag
0x8DA0D370A827B26
Content-Type
image/png
x-ms-request-id
48df77a4-101e-0027-48da-512a75000000
x-ms-version
2009-09-19
Content-Length
15917
7e5da046-6763-47e7-8ad6-fb9e425f54d4.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/7e5da046-6763-47e7-8ad6-fb9e425f54d4.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7e53cbfa412f326c0996e6044f8b531c81d71f4ffc5b136ae162bafda1290709

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:38 GMT
Last-Modified
Sat, 26 Mar 2022 21:08:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zRtANF2Mpqfk1Yz9qLv4WQ==
ETag
0x8DA0F6CBD0F1A10
Content-Type
image/jpeg
x-ms-request-id
7ba5ad65-901e-005b-37da-51048a000000
x-ms-version
2009-09-19
Content-Length
12456
567e305b-98a1-47e2-895f-f5b9ab850b8f.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/567e305b-98a1-47e2-895f-f5b9ab850b8f.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f6c85119d3e1dce2ed1e03b27631e7aefba4c13731ef709833582051e1780238

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:37 GMT
Last-Modified
Fri, 18 Feb 2022 23:52:38 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
F/fr5+Cw3wCvjZDs/gQ0GQ==
ETag
0x8D9F339BE5D87AE
Content-Type
image/jpeg
x-ms-request-id
afcef14a-601e-0060-3bda-51412e000000
x-ms-version
2009-09-19
Content-Length
11687
119e549c-70e3-41b7-836a-a87c311ab168.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/119e549c-70e3-41b7-836a-a87c311ab168.medium.PNG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bba2c26504fb78a647b11f2899658f903be695b28af45512c2d0a8ee205d86be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:37 GMT
Last-Modified
Wed, 30 Mar 2022 02:04:43 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
gaTAVEpAopX0xOdXqmSLCA==
ETag
0x8DA11F1A811EB3E
Content-Type
image/png
x-ms-request-id
4a05ede7-f01e-0062-2dda-51ff96000000
x-ms-version
2009-09-19
Content-Length
18177
e0b0aab8-45e2-48b1-88b3-f1f5dda4a827.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/e0b0aab8-45e2-48b1-88b3-f1f5dda4a827.medium.PNG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aa22f02b904df277a53b83bc1966728c9857fb417d4d8bba3e5efcd3b8a84006

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:38 GMT
Last-Modified
Mon, 04 Apr 2022 21:31:38 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
iUGDJQpW/GdWGakfG1IKQQ==
ETag
0x8DA168280C54520
Content-Type
image/png
x-ms-request-id
48df77b4-101e-0027-58da-512a75000000
x-ms-version
2009-09-19
Content-Length
4317
4c5de605-fb72-4f1a-a01d-fd9085b50023.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/4c5de605-fb72-4f1a-a01d-fd9085b50023.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
deb4323f079912a5283042639953033bb16d509a0c6aeac9d8e5ada00e8d15df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:38 GMT
Last-Modified
Fri, 18 Oct 2013 00:10:39 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
KHa2idW7T6R5fkN/pRL36A==
ETag
0x8D099AD9CD8EE83
Content-Type
image/png
x-ms-request-id
2e2b6d3f-101e-0055-68da-512d3a000000
x-ms-version
2009-09-19
Content-Length
79335
3cc562ae-b254-4328-ba56-14b614b076fb.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/3cc562ae-b254-4328-ba56-14b614b076fb.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cabbba11d9e2450476d8e56e0edb454bb764feebb402d5376df72859ab8a9a43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:38 GMT
Last-Modified
Thu, 06 Sep 2018 06:11:52 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
yhM/5XmqQYXqq1uzQ0Kaqw==
ETag
0x8D613BFA39B7776
Content-Type
image/png
x-ms-request-id
7ba5ad6d-901e-005b-3eda-51048a000000
x-ms-version
2009-09-19
Content-Length
99901
53f759f7-92c9-4db0-a5eb-b37baf4aecbc.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/53f759f7-92c9-4db0-a5eb-b37baf4aecbc.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f66465da73bd50e9ead702e0fc63ef50f5e0e665214d2b196ea50b8f077718e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:38 GMT
Last-Modified
Fri, 18 Oct 2013 01:32:17 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
lV6kwi2Hvv+8p7dU+yXVrA==
ETag
0x8D099B90455335D
Content-Type
image/png
x-ms-request-id
3526b76d-d01e-0007-1dda-5151d2000000
x-ms-version
2009-09-19
Content-Length
141300
f5a53693-de87-498b-a035-124412f9eea0.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/f5a53693-de87-498b-a035-124412f9eea0.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d85e7a9efc0ca2e08b8c657bdf56d98ae41a63bf5d7bc786bfdf773ad1541850

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:37 GMT
Last-Modified
Fri, 18 Oct 2013 01:37:24 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
YnF4J5TuYB9u2ixhDGVWtA==
ETag
0x8D099B9BAD718B3
Content-Type
image/png
x-ms-request-id
afcef16f-601e-0060-5eda-51412e000000
x-ms-version
2009-09-19
Content-Length
147623
TRv5Rq3VL0C41hYUg1Lasg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/TRv5Rq3VL0C41hYUg1Lasg.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8a67d8b1be1469e2cb3009f299cffc29ab1aca247cfa9d4ecb57402c82091175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 16 Apr 2022 21:42:37 GMT
Last-Modified
Thu, 09 Dec 2021 06:08:07 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
QbV1gLoAweIxgsfAlpqW4Q==
ETag
0x8D9BADA456B906B
Content-Type
application/octet-stream
x-ms-request-id
4a05edfc-f01e-0062-42da-51ff96000000
x-ms-version
2009-09-19
Content-Length
44012
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1433776692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&dp=%2Fwidget%2Fstaradvertiser%2F9865%2FUpcoming%20Events%2F2a3128a5939a5946a%2F&ul=en-us&de=UTF-8&dt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SCGAgAABC~&jid=1118784495&gjid=1488238759&cid=2089291300.1650145357&tid=UA-36655742-6&sf=5&_gid=865691768.1650145357&z=810691888
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 23:27:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80135
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame C2C6 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-88.fra6.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:13:06 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
1771
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
2IEXb0LA0eggnOB5FxnAB1990bWlbPr12GGXT0wBC19JT24YcBMYIA==
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
expires
Sat, 16 Apr 2022 22:13:06 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame AE9B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:37 GMT
ares-unit.js
origami.secure.ownlocal.com/origami_unit/production/ Frame F8E5 		116 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
338be05f56a3a16bc3d0f3027460cbcccbe587b4d054a2c78fe080d3c8c13a58

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:52:03 GMT
x-goog-meta-goog-reserved-file-mtime
1648229840
age
13834
x-guploader-uploadid
ADPycdtu0hDbpiAA20z-2SZWS2IWZAHP4F_KiqRQkWtH0V6386awASWcescC9W5HOA9DRknaMlqb2YwWbtg3FkAijpBXYQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118480
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:50:37 GMT
server
UploadServer
etag
"caef850285c58d867c3e7b36f32212ba"
x-goog-hash
crc32c=6mULIw==, md5=yu+FAoXFjYZ8Pns28yISug==
x-goog-generation
1648230637786413
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
118480
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/javascript
expires
Sun, 17 Apr 2022 17:52:03 GMT
generate_204
www.youtube.com/ Frame AE9B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?eifrcQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
934.json
id5-sync.com/g/v2/ 		213 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/934.json
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.5 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p38.id5-sync.com
Software
/
Resource Hash
08bd677e497cbe3fc879bc6d37e2b73424890d338beb07e0f4bcdd85f1907342
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Sat, 16 Apr 2022 21:42:36 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		63 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.13.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-13-151.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
695653c47c039eca0959a93f7bfac47d11452af6f95e4a850dec8b1863a18f17

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
x-server
10.45.18.203
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		109 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
9d524ecad3a98026261988a75e14236839cecd1f1cb56453bcfce0668676fe92

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 16 May 2022 21:42:37 GMT
envelope
api.rlcdn.com/api/identity/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1273
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/ 		192 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:37 GMT
Content-Encoding
gzip
Age
586
X-Cache
HIT
Connection
keep-alive
Content-Length
62535
x-amz-id-2
Yk686UX3tf+sfw6s00j+izfI0JrqyGDELTeuED0o6vdJRolZ5EiShW+T+zVfuBcB3LCtNA9qHNs=
X-Served-By
cache-hhn4026-HHN
Last-Modified
Tue, 29 Mar 2022 15:47:05 GMT
Server
AmazonS3
X-Timer
S1650145358.520415,VS0,VE0
ETag
"52d00808545427ec106d5efaf477f68a"
x-amz-request-id
9PNTNSCKC5Z77DFH
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1560
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-91.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d71e8cbdb53102b681f51bb059059ea3eb93148b75426a076f6c9206620b1008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 02:14:33 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 10:50:53 GMT
server
AmazonS3
age
70085
etag
W/"25bd9a6d37c4f9fe771763986ea8b6cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
EGQWlQ.lK.8OAVRMOQEmijL6oEDuzu3E
via
1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
text/javascript
x-amz-cf-id
W1YYZpruEUJJ8hI-llU5aoYaIK-sUkAoLfMzWHyEFUlgGZw16TGQ3w==
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3951357139723597&correlator=420238016606425&eid=31066978&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1231134253&sfv=1-0-38&ecs=20220416&fsapi=false&prev_scp=h%3D21%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1650145359249&lmt=1650145359&dlt=1650145355972&idt=1818&biw=1600&bih=1200&adxs=1162&adys=9121&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x574&msz=300x-1&fws=0&ohw=0&ga_vid=2089291300.1650145357&ga_sid=1650145359&ga_hid=1433776692&ga_fc=true&btvi=1&nvt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2f5b172a35ae6a4ec4d980b99ebdf699c4b9f00fece2b0473f7b81e6cc05d98d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19807
x-xss-protection
0
google-lineitem-id
5747548770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357538976
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3951357139723597&correlator=3368922913443128&eid=31066978&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=2233527209&sfv=1-0-38&ecs=20220416&fsapi=false&prev_scp=h%3D21%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1650145359259&lmt=1650145359&dlt=1650145355972&idt=1818&biw=1600&bih=1200&adxs=1162&adys=9401&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x574&msz=300x-1&fws=0&ohw=0&ga_vid=2089291300.1650145357&ga_sid=1650145359&ga_hid=1433776692&ga_fc=true&btvi=2&nvt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
da8be1026d06a35f9fc60abef3e6e951d436aefbfc6e94487a1fc86337c30e42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19648
x-xss-protection
0
google-lineitem-id
5747548770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357538991
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3951357139723597&correlator=1172227527028241&eid=31066978&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=613459873&sfv=1-0-38&ecs=20220416&fsapi=false&prev_scp=h%3D21%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1650145359263&lmt=1650145359&dlt=1650145355972&idt=1818&biw=1600&bih=1200&adxs=436&adys=10930&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1350x142&msz=1320x-1&fws=0&ohw=0&ga_vid=2089291300.1650145357&ga_sid=1650145359&ga_hid=1433776692&ga_fc=true&btvi=3&nvt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
10302c90ed3abe1d93f18992147e65e2b314d8382f3ce014d8722a7ec8c036fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20216
x-xss-protection
0
google-lineitem-id
5747548770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357539006
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 035D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:37 GMT
expires
Sun, 16 Apr 2023 21:42:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3951357139723597&correlator=2593303552076366&eid=31066978&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&iu_parts=5136785%2CSA_Native_HomePage%2CSA_Native4-frame_HomePage%2CSA_Native4_HomePage-1%2CSA_Native4_HomePage-2%2CSA_Native4_HomePage-3%2CSA_Native4_HomePage-4%2CSA-FootballFever_300x300-1%2CSA-FootballFever_300x300-2%2CSA-FootballFever_300x300-3%2CSA-FootballFever_300x300-4%2CSA_INT_HomePage%2CSA_INT_Gateway-Sponsor&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=4&adks=209233742%2C1265839655%2C3828629500%2C2441712459%2C352046981%2C1925805504%2C1601519305%2C122768717%2C2150871482%2C243705689%2C75063581%2C1052146423&sfv=1-0-38&ecs=20220416&ists=4095&fsapi=false&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1650145359322&lmt=1650145359&dlt=1650145355972&idt=1818&biw=1600&bih=1200&adxs=140%2C140%2C140%2C393%2C646%2C899%2C-9%2C-9%2C-9%2C-9%2C0%2C0&adys=2508%2C2508%2C2508%2C2508%2C2508%2C2508%2C-9%2C-9%2C-9%2C-9%2C0%2C40&ucis=4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1012x4286%7C1012x4286%7C1011x1%7C1011x1%7C1011x1%7C1011x1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x11094&msz=981x0%7C981x0%7C252x1%7C252x1%7C252x1%7C252x1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C2%2C2%2C2%2C2%2C512%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=2089291300.1650145357&ga_sid=1650145359&ga_hid=1433776692&ga_fc=true&btvi=4%7C5%7C6%7C7%7C8%7C9%7C-1%7C-1%7C-1%7C-1%7C0%7C0&nvt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
4382d43b9490d117e0dc239d2c97c80f0a58a68cefc107281d10cfea4c967b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
373
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		590 KB
78 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3951357139723597&correlator=1206551256078962&eid=31066978&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&iu_parts=5136785%2CSA_Tile1_HomePage%2CSA_Tile2_HomePage%2CSA_x15_HomePage%2CSA_Top_HomePage%2CSA_Bottom_HomePage%2CSA_Banner1_HomePage%2CSA_Banner2_HomePage%2CSA_Banner3_HomePage%2CSA_Sponsor-MostRead_HomePage%2CSA_Box1_HomePage%2CSA_Box2_HomePage%2CSA_Box3_HomePage%2CSA_Box-Top_HomePage%2CSA_Box-Top-2_HomePage%2CSA_MenuBox%2CSA_MenuTile%2CSA_Box-events_TGIF%2CSA_Footer_Homepage&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18&prev_iu_szs=300x100%2C300x100%2C982x30%2C728x90%7C970x90%7C970x250%2C728x90%2C728x90%2C728x90%2C728x90%2C300x100%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x100%2C300x250%2C1x1&ifi=16&adks=323572193%2C415600777%2C1023568893%2C776454535%2C1314924799%2C627532990%2C4244480135%2C3396773607%2C4116631529%2C1735864866%2C4170063637%2C3518020607%2C713581990%2C2869934086%2C3123340506%2C1463211416%2C3217711606%2C1069172642&sfv=1-0-38&ecs=20220416&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1650145359332&lmt=1650145359&dlt=1650145355972&idt=1818&biw=1600&bih=1200&adxs=1159%2C140%2C309%2C436%2C436%2C436%2C263%2C263%2C1161%2C1161%2C1161%2C1161%2C1161%2C1161%2C-975%2C-975%2C-9%2C-9&adys=102%2C102%2C59%2C360%2C10581%2C1838%2C3975%2C7380%2C769%2C3733%2C4745%2C7903%2C427%2C1175%2C2378%2C93%2C-9%2C-9&ucis=g%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co%7Cp%7Cq%7Cr%7Cs%7Ct%7Cu%7Cv%7Cw%7Cx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=337x100%7C337x100%7C1600x11094%7C1350x64%7C1350x72%7C1350x24%7C1011x24%7C1011x24%7C328x14%7C328x14%7C328x14%7C328x14%7C328x14%7C328x14%7C350x-1%7C350x-1%7C0x-1%7C0x-1&msz=300x-1%7C300x-1%7C1600x24%7C1318x24%7C1318x24%7C1320x24%7C971x24%7C971x24%7C300x14%7C300x14%7C300x14%7C300x14%7C300x14%7C300x14%7C300x-1%7C300x-1%7C0x-1%7C0x-1&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C516%2C516%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C350%2C350%2C0%2C0&ga_vid=2089291300.1650145357&ga_sid=1650145359&ga_hid=1433776692&ga_fc=true&btvi=0%7C0%7C0%7C0%7C10%7C11%7C12%7C13%7C0%7C14%7C15%7C16%7C0%7C0%7C17%7C0%7C-1%7C-1&nvt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
c788f90bf0689090c6c21afdb9ed6b79c26ac4b0de79ed4f1daf2df727981538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79733
x-xss-protection
0
google-lineitem-id
-1,-1,-2,5901454798,94601305,5334153289,-1,-1,-1,5900144622,4901051034,4837391996,5987944745,-1,-2,-2,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2,138379751449,138226966833,138307053035,-1,-1,-1,138379278300,138258016293,138307415909,138388633838,-1,-2,-2,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 4A0C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e4e330b75bce30e11721b1a4d4afc02a6ec19bd2b9c9e5cf8106ad097e402b8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:07:26 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server
Server
age
2110
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
content-length
1945
x-amz-cf-id
BBAJwk3_FijrnKJ9m8uCRU6bIBzP3W_wjbEUfbANnLWiJGXimTNbrg==
bid
c.amazon-adsystem.com/e/dtb/ Frame 4A0C 		64 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=ezAH3JS3jTI1q&cb=0&ws=0x0&v=7.75.0&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_1%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_2%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_728x90_1%22%7D%5D&schain=1.0%2C1!insticator.com%2C0eda47e1-3a3f-4444-8ab9-a525f4133e8d%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
NXKZ7N1PSRNJJJ8S198H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
46GsrkCaVfXhlSK0MYwrFvCstMLN53c_Hf_lrjWxBZIoAo4oOfXruQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4A0C 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 03:40:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
64937
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
5_Sv0A1N6hQ68dsch1B-X97B2SkgJKEoeuFshhHF4O9lP5uGAA37IQ==
a9vu1dlh-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/pISw3shK/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/a9vu1dlh-120.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/a9vu1dlh-120.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8487d41ca17d8093c38d0a4adab49502135b06bc26968ce786b5a1f59ee7cbd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
content-encoding
gzip
age
331
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
6247
x-served-by
cache-iad-kjyo7100140-IAD, cache-mxp6971-MXP
access-control-allow-origin
*
last-modified
Sat, 19 Mar 2022 01:43:41 GMT
server
nginx
x-timer
S1650145358.126743,VS0,VE96
etag
"467bd9cca605a818dd9d8c43b49e32fd"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Sat, 16 Apr 2022 21:42:37 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA50-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/a9vu1dlh-120.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
h1y8BFvUyodDY1pVS8cZd0Ks1PVIeCBMTYtilW251EVqNEeLR_dHEg==
latest.json
origami.secure.ownlocal.com/origami_configs/328d6750-98a3-4d46-b56b-94fd3c6bca5e/ Frame 1F83 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/328d6750-98a3-4d46-b56b-94fd3c6bca5e/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4a1e461db7b0618f2e0cd269c9b24e10c0f8637f08039741e1855628ce1bee56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
age
0
x-guploader-uploadid
ADPycdtQmdwWVmGA8xnTYs1lXa_lOM9jfb_kl5aC1ezTXQZzVr1qbR4NVutHxi9mjpryifGrk7iZILpjcAzdNfRin5Ny_eNsYhch
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
328d6750-98a3-4d46-b56b-94fd3c6bca5e
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2078
last-modified
Sat, 16 Apr 2022 07:32:31 GMT
server
UploadServer
etag
"00c51265c644e29117d3d39e1bf9017c"
x-goog-hash
crc32c=R3WaGg==, md5=AMUSZcZE4pEX09OeG/kBfA==
x-goog-generation
1649693850726239
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2078
accept-ranges
bytes
content-type
application/json
expires
Sat, 16 Apr 2022 22:42:37 GMT
ats.js
ats.rlcdn.com/ Frame 4A0C 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
49032
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Sat, 16 Apr 2022 08:05:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/x-javascript
x-amz-cf-id
O8DmuGX2lSh-p08JT3WyPEbDvxg_aAT0xzcxLQj6yXiHw1cwDNjNsg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 4A0C 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Sat, 16 Apr 2022 21:57:38 GMT
config.js
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ Frame 4A0C 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
405b064828676a3169ad7b2477629478e200849f1d0e5663ffc4f183a6d6001c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:37 GMT
Content-Encoding
gzip
Age
3247
X-Cache
HIT
Connection
keep-alive
Content-Length
12095
x-amz-id-2
t4IBNAag/XnXGDENENYpo7vZxtoaxVV6D239wWWB/GDr0Ll5mT/q7NehO+usPEXG9TLl7WXxvx8=
X-Served-By
cache-hhn4026-HHN
Last-Modified
Sat, 16 Apr 2022 19:02:17 GMT
Server
AmazonS3
X-Timer
S1650145358.801034,VS0,VE0
ETag
"ba2834639015637566e6479e8225b52d"
x-amz-request-id
T22DEWQG7CDSV5QX
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
177
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 4A0C 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Sat, 16 Apr 2022 21:11:12 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
310837940
cast_sender.js
www.gstatic.com/eureka/clank/100/ Frame AE9B 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/100/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 18:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15463
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 16:04:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 17 Apr 2022 18:22:42 GMT
latest.json
origami.secure.ownlocal.com/origami_configs/9a047681-2f29-4829-a765-47b0dad1eb63/ Frame F8E5 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/9a047681-2f29-4829-a765-47b0dad1eb63/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
58424e2c63e228d3358ea0dc784018d626d9854366a9e89c292fda33ad15b237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:14:20 GMT
age
1697
x-guploader-uploadid
ADPycdvJIRhKnkG7ZsIuHG1m915kY0hqOpUkOteVO1NseqBZPPKW10kHCkKJvronpPUdNMVrEAcvSArqNT7ufSxLloCqKL0X9MyQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
9a047681-2f29-4829-a765-47b0dad1eb63
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2116
last-modified
Sat, 16 Apr 2022 07:32:31 GMT
server
UploadServer
etag
"457235439fffff1c0720abbc44f40e9c"
x-goog-hash
crc32c=+zTGpQ==, md5=RXI1Q5///xwHIKu8RPQOnA==
x-goog-generation
1649829818586623
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2116
accept-ranges
bytes
content-type
application/json
expires
Sat, 16 Apr 2022 22:14:20 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 1D22 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4275
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
SyzFHcTBSAXXZYGLzEjnuQ4iNqN2tSc3qopNgNDa1Oc1FDn7smEiQg==
473814325554434780
tpc.googlesyndication.com/simgad/ Frame 1D22 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/473814325554434780
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2134c475d6915ec706aa8aec9b78d83297cfaefbf42c70ed818766168f7c73dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:44:00 GMT
x-content-type-options
nosniff
age
381518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11470
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 18:58:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 12 Apr 2023 11:44:00 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 1D22 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:41:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 1D22 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D22 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:37 GMT
l
www.google.com/ads/measurement/ Frame 1D22 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrP0pw4MyZSekC1QE1qDViKb66FuyMDHFa8R3iP8ZDvdxRJYW38SjPe2AIBrahbG8Jj_qgudwc0EQWfgwk--WM4y4P0Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 03DB 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4275
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
AuVYBcedybPAwYz8e6P113JCiH1PnGtnqC3skbLLTnh-VNCnDVWIbg==
17244996170414049863
tpc.googlesyndication.com/simgad/ Frame 03DB 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17244996170414049863
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edf77ee39ae244062a1940991c0782b8d61798908ceb9baeedd81419e63416da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:38:52 GMT
x-content-type-options
nosniff
age
158626
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12393
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 18:58:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Apr 2023 01:38:52 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 03DB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:41:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 03DB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 03DB 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:37 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame C2C6 		1 B
457 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=67473%7C67474%7C67475%7C68125%7C68321%7C68413%7C68422%7C76814%7C77576%7C83342%7C93650&campaignid=43%7C15%7C9%7C13%7C16%7C18%7C11%7C22%7C7%7C44%7C6&zoneid=110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-88.fra6.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:38 GMT
content-encoding
gzip
server
nginx/1.20.0
x-amz-cf-pop
FRA6-C1
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
2vVK33kBXyq4pfjKBSbJmwT3dPNikHKWqB4Z0jyiSxX8hbphU9MZWw==
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
expires
0
translator
hbopenbid.pubmatic.com/ Frame C2C6 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sat, 16 Apr 2022 21:42:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C2C6 		371 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1486010&size_id=2&rp_schain=1.0,1!firstimpression.io,7470,1,,,&rf=https%3A%2F%2Fwww.staradvertiser.com%2F&tg_i.ref=https%3A%2F%2Fwww.staradvertiser.com%2F&tg_i.page=https%3A%2F%2Fwww.staradvertiser.com%2F&tg_i.domain=staradvertiser.com&tg_i.figroup=a3&tk_flint=pbjs_lite_v6.2.0&x_source.tid=bb5908b0-dba3-4700-b17e-68b545bbd797&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8091060649406887
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d239ff9aecb533ad3f50e56353e376b3c2b1df23708726365292282bfebec2c7

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 16 Apr 2022 21:42:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
371
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame C2C6 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=80826128130
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Apr 2022 21:42:37 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame C2C6 		19 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 16 Apr 2022 21:42:38 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
abd9c3c8-88b7-4f5b-8b92-38558be42e2d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/212956/0/ Frame C2C6 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212956/0/mvo?z=1r&hbv=6.2,2.1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
pragma
no-cache
date
Sat, 16 Apr 2022 21:42:38 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
bid
ap.lijit.com/rtb/ Frame C2C6 		94 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.2.0
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
039e0dd4ee526801e912794e3ed8cb70dc2539b3d567fae2f059a69ea226eefe

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 16 Apr 2022 21:42:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
arj
firstimpression-d.openx.net/w/1.0/ Frame C2C6 		73 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firstimpression-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.staradvertiser.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bb5908b0-dba3-4700-b17e-68b545bbd797&nocache=1650145359669&schain=1.0%2C1!firstimpression.io%2C7470%2C1%2C%2C%2C&aus=728x90&divids=fiInstance_110722_0_3152466965755624_unit&aucs=&auid=540910482&aumfs=10
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
ce295ecb7bec5b1f5ff5095f5d37cea6f2cd1bf5cf2c579b9f48faae6a840e35

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:38 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame C2C6 		19 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 16 Apr 2022 21:42:38 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
33cde226-60af-49bb-828f-2d11084cbbc0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame C2C6 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=505551&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22171b8ee692b839f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%2C%22domain%22%3A%22staradvertiser.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22staradvertiser.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218d23a3f168a3bd%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22505551%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22firstimpression.io%22%2C%22sid%22%3A%227470%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
20fca50a002cfb4fdf32fc356fc590474a5913ed14353a9cccb0358d45ba61b5

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:38 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.68], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 16 Apr 2022 21:42:38 GMT
/
hb.emxdgt.com/ Frame C2C6 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=2000&ts=1650145359675&src=pbjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.204.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-204-40.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sat, 16 Apr 2022 21:42:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
apstag.js
c.amazon-adsystem.com/aax2/ Frame C2C6 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
779
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0FC6XHPBM8Y2Q084422A
date
Sat, 16 Apr 2022 21:29:43 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
W4RMOV8l0or5a21f4RScxnsxYdAzUxCWIHP6DllvtlKBxmdpCor2ag==
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame A359 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4276
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
79z1mjCuptG9bFrHSUrQMvyvou4L0qk3mrvudTRtC4zzTNCxcpC2XA==
9047516581897473757
tpc.googlesyndication.com/simgad/ Frame A359 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9047516581897473757
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a99ec5984ec0d266d89c0325a074ebe5c5a141dc5be84e85f22a853dd9c1f32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 14:37:21 GMT
x-content-type-options
nosniff
age
371117
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17026
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 18:58:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 12 Apr 2023 14:37:21 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame A359 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:41:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame A359 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A359 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:38 GMT
l
www.google.com/ads/measurement/ Frame A359 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRp3h5h3b8BnZUTZxXKL-Cyi5LLCl_AOu0tLFME6nB-VsyIDKi0-qbmmGkgTAkHvtJzDXXp5CrnvMeTMTM6ILP25we9_Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame AE9B 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e6522c88098efaa5e6fb72f191724df307f8c73bb66bdf7be0cabcd585c1dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 16 Apr 2022 21:42:38 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 1D22 		0
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=332723
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzL2Yf%2BVlHnqQuXbRLEwk1pH%2F6y2V9TnSFcFZXXhQirJdbasBU%2BSxPeQiaerK8qHcxfmWida%2F9CJhK75COVpV19x0W1EgdyDpafemlMid8V8Sz%2BOKVnIaKZUGoaTRnYB0FBHzniBdWNhOtW5bT7%2FbMIveA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd01788ef5c59b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-deS1XxPGtCAC1kAh
view
securepubads.g.doubleclick.net/pcs/ Frame 1D22 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVKFSdGRgW5OsdkGVnrfW6q3cvvPr-KaqeWlxSQjFAVmXmPXuheViHzWYqIUHjiNLb0avxWPDaxuNu5TxKbADgHDPu8lMKluWhTf9VdpC4nziuJPsdiflbcuvS9BZ1-t3V-QN45S9RRGeIhRze-cw1D6SqMdXfos2pg3OI6CsmVS26Vjmyl3yRYpn20_uT2-6UKUuNXbE_wEhluWdwxFcyJCTvr0IpiaIvVTQ5slOXL6NAjy3vEFDdiDcww2QKGAAbYNwPCzKmEJ4SOuEI0cFHU5RZqMsUk07PfJMJlKG-fX6MV0ut3HI-d_sUfzFkMQGt6bzyxXtqUUP0RBcnpJdv3A&sai=AMfl-YQi7fcLTrrfbvno9Gk1Xnj3mp26tEZbEnEBLtg2f7Ul7rKPEOCTO8f4RegEo8MykLDG3CmEJOpdbo1mYrSTC2XUGCf0MLAzLcO-E7qUv5LJQAwyXSN1fAP55EuWFDUh&sig=Cg0ArKJSzAiqRiWSvWcVEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 16 Apr 2022 21:42:38 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 03DB 		0
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=448722
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jh%2BAUg7tu7fvKRnBn2TZYLGUl%2BVTumtLChfY3wUS8uhzRUcvE%2BVZaeEoEHI%2BgPbuBv%2FSlXzKrLl7WBciXSpVH%2FnLkAHb%2BTay7hi3pSdtke8B%2BjY1iRGmpqHyQCBzbZCEWAOZEjTQd31voG51JwgQzaeBfw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd01788ef5959b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-deSt_Nx3-jACwWwR
view
securepubads.g.doubleclick.net/pcs/ Frame 03DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvorGPTUzPCC_omk6bsbD5_gMGLE4vRDwBY7H8PC-fY_rhhYIjMDQu7_yhsicGn00lx-bzon01O-s-WxJVMUO0jqr5aQeoJJYNXUpbQt7ttc0BEJlnxBTuuzxE0bvCJCcFd_dzhTLIPCK7SzLQoQD2hXywhHDKRkC_W0_LseCvNkPT_t58IwAomedyoMXkBHgx5L_KBxJcmPa0FIhYbh66KCIPQVgbqgQeryTR3ccP4crX0R8ZD9eozN9GI7YFEo-MS47RXR4s_wPFoJ_XVr7SeGp89AU24XE_sIerNjKwlLn9AY6RaeMQ8MwQKQzEcVWE6Md2OBXLCMZ-mZzGepwip0kE&sai=AMfl-YQ2AODSKjR8AvSM7x6yYROmsXjusi155__5rtpGAdwEATL3A0LGJ-r9PWQCGsdQ0eVmxte2w_4HoAkNzrDOYSQz-aBAaU8PbReMRkB0wg&sig=Cg0ArKJSzMSXK-KxK2FyEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 16 Apr 2022 21:42:38 GMT
/
onetag-geo.s-onetag.com/ 		555 B
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-126.fra6.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 02:49:14 GMT
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront), 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
age
68004
x-amzn-requestid
958220a9-c8f4-4e80-9ce2-11088895e7c9
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P6, FRA6-C1
x-amz-apigw-id
Qpw6sHE5iYcFxOw=
content-length
555
x-amz-cf-id
8YqMEaGm-XBNNglcMGDXPOavFHoCLUONCGKDr_5xjpM8bOJfRAJzvQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-97.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b174c2de49f6aa7f8b72125c63c163012b9ff34afdbdaea39b4c499e1d16df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
uiJ1YCXqTfg4YsRV.iQoQhQ_4iTW1U6K
content-encoding
gzip
etag
W/"af8244025b2d978df209bf028c458664"
last-modified
Mon, 04 Apr 2022 13:02:16 GMT
server
AmazonS3
age
31211
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sat, 16 Apr 2022 13:02:28 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
UmdV4R1t0J296Fx2jEp1J7JinSQ_FmzksuG6qx-8K1fa_G9SHGidPA==
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame A359 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=994142
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwmfJwqspwfrGJIdvGQFaIcKQ7cQTREpYc%2Fx%2FKldppZvKfYUV4hx60IM8TOd1yyBUYMs5uKMZhTHJpChfN7C4ypi0WEedTPFHPeLt5MGNAG%2FowNoeFujTmR4IRlD2WOyHvBF09hKI875GkknT9ahE2WT0w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd017890f9759b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-deYIgNIyIgYFW3DR
view
securepubads.g.doubleclick.net/pcs/ Frame A359 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumfgKAhuZHYdscFOo4NRnrxB-nMjv6EWuyefiCi9kWO6Fdl0FQEO7EOnokVE2FcmLEsjteOV7poK_5ock-iXIWkmX11XYFAyiFz0eG5oDsBe_Vh6W3f8ysXsmYDiW0K6V4ameAnXE4RhHhpN21nDN_06NnFNx_P5gIzMypaMFBB2jz9SxNWCXh286BjRSVMvOvNlwwJBZGU2Ql_HLsMKBKSD611KAMTQV3oZfPgKB_BneYG_FjcAcenrWr3zQBndf7JmRhxpCTYfKo7vsefxRGXHaEvGcbYV9fmYBRDlOriNQTFwpQV4JftKtSyv8YI009hjAj4KpE_HBCag08dV2ZViM&sai=AMfl-YQVdHLxnH4eX2xLNJi4RcQZw1IoL8Q0ASunxXpqkL-QoLe-uEo6GCIjspEfVO-Zt5Y6lZE6SVUndSnVsbk1ETbGyaG6ppFbN0w93tdj8C9sCOi9Xmn27RVVEGtHYJG_&sig=Cg0ArKJSzPwGKaTGQQe5EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Inter-roman.var.woff2
rsms.me/inter/font-files/ Frame F8E5 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-fastly-request-id
3f7d01429283b1c48d5e74aa73778afd5ce74e14
date
Sat, 16 Apr 2022 21:42:38 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4589
x-cache
HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
227180
x-served-by
cache-mxp6920-MXP
last-modified
Tue, 18 Jan 2022 19:57:00 GMT
server
cloudflare
x-github-request-id
5174:5058:2F1643:308699:6254E44F
x-timer
S1650074169.351033,VS0,VE1
etag
"61e71b8c-3776c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KloYo5f0uDjIhbxmBl%2BlRw4u3qUFrh4eg2UY7UcIMi81KS3m3SHBmQwE85jvVu5PfFKSJ70MqgPTdIIdfn%2FDnKmDtx3c2csphlPkRznQ6NKgZiDQUUAh1TL%2Fh66ntR%2B0vnqezVc"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6fd017895afc3763-MXP
x-proxy-cache
HIT
expires
Tue, 12 Apr 2022 02:40:08 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame F8E5 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2290743
x-jsd-version
4.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
262440
x-served-by
cache-fra19128-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEvHGWzJFDkbPxUL%2FVMnpinHZ3USr0huig4ciuZFkPBe4Aa%2Fhy68AUzDHJkrM%2FlV%2FDclCxux94Q5Wz4S%2BkZ0mRhUBByyl7Zfc5KCJpBdELIUE3rX9gH%2FCtgD1KSfzEo4KjLg0xzm4oNT%2BuvEd6g%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
6fd017893b6c0215-ZRH
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame F8E5 		26 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1650145359877&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=AdForge%20Ad%20Unit&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=757397de-f11c-47f7-9a29-37dd4aa4baf9&dtm=1650145359874&vp=300x250&ds=300x250&vid=1&sid=469e6768-6262-47dc-b544-8a2b67db884c&duid=7b5a167f-7ba1-4e5a-bff1-2a7288fdc416&fp=2521163034&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiOWEwNDc2ODEtMmYyOS00ODI5LWE3NjUtNDdiMGRhZDFlYjYzIiwiYmlkIjoiMmI3MWZhYTktMmQxYi00MmU0LWEwMGItMjU4MTg1OWYzMjM4IiwicGlkIjoiMTFkOGJmMDEtNGEwZC00MmYxLTljODItMzlmMWI3NzI2MjM0In19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
803f4d8bdd865553f5d1adcf648572bf
function-execution-id
1i9wt38brvnu
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
photo-1551522435-a13afa10f103
images.unsplash.com/ Frame F8E5 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1551522435-a13afa10f103?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDI2fHxjYXIlMjBzYWxlc3xlbnwwfHx8fDE2NDk4Mjk3MzY&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
ea7c517a779bac4568cd357ffa1237072d8a58020446b627c9daaf2db4791a42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 06:02:34 GMT
server
imgix
age
315604
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-imgix-id
dca79a0d9e2ba10fadae4971d8896899d3756ae5
accept-ranges
bytes
content-length
80361
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10061-SJC, cache-fra19137-FRA
c46eae19-eb4d-45a5-bcda-c853fb86c3bb
https://www.staradvertiser.com/ Frame 1D22 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/c46eae19-eb4d-45a5-bcda-c853fb86c3bb
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
00cf3fbc-a8c4-4490-ae37-128bd0596e31.jpeg
storage.googleapis.com/ownlocal-adforge-production/logos/600/ Frame 1F83 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-adforge-production/logos/600/00cf3fbc-a8c4-4490-ae37-128bd0596e31.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
895d3bc146a7f651363468ea05d05f5b9a8ef2149601cbb5f8145e4072bc07cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
age
0
x-guploader-uploadid
ADPycduNfODa6vG4Qnnjzb2OP9cVhzYnLlXHJTXNb8utdc8m5hX-E_iPngy9FEWPEGF_vfKmwm86OEnLl78CIKiSYEGFXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16813
last-modified
Mon, 07 Jun 2021 18:23:17 GMT
server
UploadServer
etag
"29ef8272b9a09c5a5eb300009f54c6d8"
x-goog-hash
crc32c=tVHmCA==, md5=Ke+CcrmgnFpeswAAn1TG2A==
x-goog-generation
1623090197866480
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
16813
accept-ranges
bytes
content-type
image/jpeg
expires
Sat, 16 Apr 2022 22:42:38 GMT
Inter-roman.var.woff2
rsms.me/inter/font-files/ Frame 1F83 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-fastly-request-id
3f7d01429283b1c48d5e74aa73778afd5ce74e14
date
Sat, 16 Apr 2022 21:42:38 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4589
x-cache
HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
227180
x-served-by
cache-mxp6920-MXP
last-modified
Tue, 18 Jan 2022 19:57:00 GMT
server
cloudflare
x-github-request-id
5174:5058:2F1643:308699:6254E44F
x-timer
S1650074169.351033,VS0,VE1
etag
"61e71b8c-3776c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BD8m2DvVUQnWtO8Iadb5u%2BAwuglLQ2ZSbsSS0xIcRCMof3dzNuxEgJjSaQobSOQxeB5xP5s9kGhOJ0jgS3vMD7SkIo4dXGsHpjHCgm%2Fx2bbUySmsHJR5Sw85ebFyDHMVg2T%2BzPW7"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6fd01789bbc43763-MXP
x-proxy-cache
HIT
expires
Tue, 12 Apr 2022 02:40:08 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame 1F83 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2290743
x-jsd-version
4.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
262440
x-served-by
cache-fra19128-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioeE6%2FLwVZFzCSkcisHFFobqOXkGwNHFEjdGx5u4%2FUeaxH0Xtmc8be5d1X3%2Bqiy9up3vwwB3c70%2Fuk9joDXZyJ3L40tEln%2Fkb44bDF1SNRi6qwIXbGLuu5G6aq1ydmzIW62BMIfIl%2BLkYP34%2BjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
6fd01789abe80215-ZRH
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 1F83 		26 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1650145359949&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=AdForge%20Ad%20Unit&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=757397de-f11c-47f7-9a29-37dd4aa4baf9&dtm=1650145359874&vp=300x250&ds=300x250&vid=1&sid=469e6768-6262-47dc-b544-8a2b67db884c&duid=7b5a167f-7ba1-4e5a-bff1-2a7288fdc416&fp=2521163034&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiOWEwNDc2ODEtMmYyOS00ODI5LWE3NjUtNDdiMGRhZDFlYjYzIiwiYmlkIjoiMmI3MWZhYTktMmQxYi00MmU0LWEwMGItMjU4MTg1OWYzMjM4IiwicGlkIjoiMTFkOGJmMDEtNGEwZC00MmYxLTljODItMzlmMWI3NzI2MjM0In19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
db32bd90925ff572d0b0e2299b86f200
function-execution-id
ed9queglzd1b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
ed56f205-f028-478d-b62c-3322c98f86a3.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/ Frame 1F83 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/ed56f205-f028-478d-b62c-3322c98f86a3.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7c7ef0a2aecd032ddaf97323b10bd1b4ba42c6d367ab1be26a0287354d445e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
age
0
x-guploader-uploadid
ADPycdv_OVA1tl8cMH9zf9FR3EdiO_sXuaoD0enTbTZ3gPbxI4Y-yeSBCFOJleL87mlWDUa3rOtL4sskwm3KL4KiU7BFlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36860
last-modified
Mon, 11 Apr 2022 16:09:35 GMT
server
UploadServer
etag
"7304e42ebae826db26d54f5caa871948"
x-goog-hash
crc32c=5IhOzw==, md5=cwTkLrroJtsm1U9cqocZSA==
x-goog-generation
1649693375284026
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
36860
accept-ranges
bytes
content-type
image/jpeg
expires
Sat, 16 Apr 2022 22:42:38 GMT
e1119d2b-5973-42ef-b882-171f02f5b851
https://www.staradvertiser.com/ Frame 03DB 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/e1119d2b-5973-42ef-b882-171f02f5b851
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
f6d4ee98-248e-4534-b704-c9288a6ddc76
https://www.staradvertiser.com/ Frame A359 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/f6d4ee98-248e-4534-b704-c9288a6ddc76
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 1D22 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGi8QNNEAS6HVRxLaIFmtFTwnn-PH9jHS4f5SEMFuY7BVciybwjtR1kzxQD_ooApryWb6WfmXEoQRKn9w5mDunfGtS3Tp28igOK4xmTplj8YO1PWkYNy7i0vLr1t7gwUSfLcDb13rfRnzHl-xyAuMbnRbda9eGibKWEnEta-nvJ6YGrZZmxQaYtht8CRxTxSeO4Wc-EByMfu_CsWaF3GvJU4IQyoOmfK9QqxLtQd84PyGgDnqbaTBq0EIhE1YIWPP3tS5UYoRUWJ3aN8O_F9KJURMe2p9lR_OroMQ_FWtmEaScINFJ1TcOitYYV8vaUO_lEvdofkHdatdfSeLJJFE6NXl0&sai=AMfl-YRvQIOW3PJf5Zgi06u_CwnREVlt2xJKs7q3mPAZOt0xyFlC9ghicjG1HnHod8oRgaIDRTLyNC7XvzLHO2p-RUkFgG65KGlEx8YC2zNseRcyg26ouDUVxmCzO-FReqPe&sig=Cg0ArKJSzOUKxq8YihpZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 16 Apr 2022 21:42:38 GMT
truncated
/ Frame 1D22 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0194dc312854a0f4ddc77818b38a1f0f7b430f6ad82bad206d980c1b30029d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 03DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3UTQiTlOktvsEuSAFEpXoAwMefMPpZpHUGA3xns74DHb_y27vG-_-q7KV0wpUimjhDA-4z7LeQfJrwn3uZU1GJEr3nzph20YbXScuFzPaLFZTpbLz9mgX1lDhRTsd1V0pxMRjOwg2dtP6JoRWmq3TQa2vOVrexCPrKs1HzctYcAL34-VgFJX2b0ZGM7g92rPBp55CK5mHwaZFZ4z1tJg42e_hjkDoILXNNNQC6-1dNjTKJQ_qb38XGX0lN1mJIwDpl7Ztibm7i4Ihaa9vpzERST4PXUqd0eBC65tA6CqiyhsYAa0xh_0xcKZLGslmx0cOj0935NZyUTu9NwTlDjs9LqxKAA&sai=AMfl-YS_0o6tXaTeo2lE3khjWF3pq14TtaDpzF61mtBz3TL998d6kx5DLD3k6CXET2n-qdfUBh_9jhqn_bEvRGLlRGVEzuqMZcmyvytrQgJl2w&sig=Cg0ArKJSzJkfTV5ULhQ4EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 16 Apr 2022 21:42:38 GMT
truncated
/ Frame 03DB 		222 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77f378bc163a45dc3f65af85346244c0d0030d7532722ee4e7818a8ba7c422c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
container.html
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3BD4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:37 GMT
expires
Sun, 16 Apr 2023 21:42:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0482 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:37 GMT
expires
Sun, 16 Apr 2023 21:42:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 0731 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4276
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
HLwnpDpgOuKQ1v_q1Euu-Dc5AlC47A49yby2HtyPk39UxScwrIb5dQ==
484733686292370079
tpc.googlesyndication.com/simgad/ Frame 0731 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/484733686292370079
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5c7080e57de1a64510b3df64dc038d8a969431f5e72710e532d0fdd748b8c64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 09:48:35 GMT
x-content-type-options
nosniff
age
388443
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68669
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 20:03:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 12 Apr 2023 09:48:35 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 0731 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:41:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 0731 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0731 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:38 GMT
l
www.google.com/ads/measurement/ Frame 0731 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJZj9ctmlKJmr7shBATqxOfFbWJ9fai_W3gLVbbUC4ZYWjXu0OFCrOG8-3OvwE2JBzADJU
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame C1A2 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4276
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
-UxAG0opaMLWmZ20dtcszqmMmOYCOvjlLXxMLqMjM8FGD2cua4-OYQ==
478516687038640500
tpc.googlesyndication.com/simgad/ Frame C1A2 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/478516687038640500
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf28d4f0589f80181977ac327a3e616abfcf74aaaa560e5bd39d818c344d6a99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 00:22:14 GMT
x-content-type-options
nosniff
age
336024
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34991
x-xss-protection
0
last-modified
Tue, 06 Mar 2018 02:40:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Apr 2023 00:22:14 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame C1A2 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:41:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame C1A2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C1A2 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:38 GMT
l
www.google.com/ads/measurement/ Frame C1A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVx6qKzPH-HqULzlTNWBNt50c3Wn0Rsy-YibULOsuwKjrMTrmdsRM3KBQuIsXxuaWIPjIE
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 53D9 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4276
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
WlvtyY8aKkYFTWW-Dx5n9PfjpTlvo_9wcBs_LsHwbWQAmDWqnBdvGg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 53D9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:38 GMT
container.html
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2DBD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:37 GMT
expires
Sun, 16 Apr 2023 21:42:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 42A9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:37 GMT
expires
Sun, 16 Apr 2023 21:42:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 63AE 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
198158
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Apr 2023 14:40:01 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 63AE 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
198158
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Apr 2023 14:40:01 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 63AE 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
198158
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Apr 2023 14:40:01 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 63AE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
198158
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Apr 2023 14:40:01 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 63AE 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
198158
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Apr 2023 14:40:01 GMT
truncated
/ Frame 63AE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f56f9a5f89b86e6c6630e625175b4baddacde8bc050edee50cea4e4a234debfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame DDA4 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4276
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
bMvWB_XrSvMtmRqQM1KxjgvfXHbTXo2XUxxvhdN8Q3PmqUiHC0mQZQ==
16881892739405363684
tpc.googlesyndication.com/simgad/ Frame DDA4 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16881892739405363684
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8039f12fcbafa84db3de9a264922b585f5edf1280e958cdf5f0f227657aa482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 14:18:00 GMT
x-content-type-options
nosniff
age
545078
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77395
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 19:51:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 10 Apr 2023 14:18:00 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame DDA4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:41:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame DDA4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDA4 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:38 GMT
l
www.google.com/ads/measurement/ Frame DDA4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-0-dCTa_FDHb-iuyrOlsbN42EYMSHiANZZD0rbHLgwFz3TpZadiCCIK3Wd3UxNVMx2XWx
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame AA86 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4276
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
CjgJwWWDuxxV16COORcsFxQBTxR3a_vW2LITxvK-cVLJ9ZNa3I6Kyw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AA86 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:39 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 08DC 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4277
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
Y7K8lrD-A8pkYv3y_rJbyWqVDCi33GwEqywOUvLWpjHkHGYxfFgjww==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 08DC 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:39 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 2B2F 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4277
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
54aZs1iRNHgd5RVqvCK_X9JL_jBXnBOK9vTEIYdKZnWxTZnkKFozhA==
11936074607953690781
tpc.googlesyndication.com/simgad/ Frame 2B2F 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11936074607953690781
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b818c83cb699a992c6ed8b6946c577dd312fcadf5f5533a0e19c77c17932d04b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 04:01:45 GMT
x-content-type-options
nosniff
age
63654
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41696
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 23:41:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Apr 2023 04:01:45 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 2B2F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:41:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 2B2F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2B2F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:39 GMT
l
www.google.com/ads/measurement/ Frame 2B2F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGP-NRb9v5-oHaspYpIpirUHVXRgOljnnPtsqvcvMa3TSRA3h1UOXQoSfjRW_Q0OT88xyf
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
container.html
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3B0E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:37 GMT
expires
Sun, 16 Apr 2023 21:42:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
15621714226119638079
tpc.googlesyndication.com/daca_images/simgad/ Frame 63AE 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/15621714226119638079
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55f060786cba3bdedd138710eae2c771b44924e62cdedd9f79d65af8fa5049e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 05:55:37 GMT
x-content-type-options
nosniff
age
56822
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60451
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 06:19:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Apr 2023 05:55:37 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 63AE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
43261
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 17 Apr 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 63AE 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
42574
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 17 Apr 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 63AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSs7UtbZMG7V_MORIOkcok0QrHQoPDhDhIhCpLV8RvIRuO2kjZWFc5zNb3ZcFX_PITsOHUk
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 63AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYqzxTThbYrzMMNKRrAT8z56IDbrWl4torPq76OkPxJn6g7YJEAEguY6QH2CV4rCCuAegAZyv-6gCyAEC4AIAqAMByAMIqgSTAk_Q-cZZrQx0aafYK4toKfAKtSb-DxfQmjj4MqHa5TA_hqPWbGlO7aWdxbMTAaM003MVVy_7dNA6KN_rRi84niCfAUmHWW-78Vnhk_0Ssqx-uvhPYe18ZZ08SSnKO-XoZeZ3mqSM8g2plqEVu_Mz3w_hsFyYCHMUGO2nC7VP6kUcbtQ4WE4axEqsYY1EIs4SdlM0-fvO7fUhOaHYMSp_VslKjqhq7wY2B14I4AljrGhQutuCxLfdnl04LCVADSln4fUqbB3IRhwV7xpAPL7Ur49q1NLhtWOAOWaIDWeQB4SayQwcG0u_P6aimT9pWiLFtLJdvFIhguKWWTkNF45n2gyeREWlgPg_u1St7cBb29hAQzLBwATYpNPz-APgBAGSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDWpgHSCAkIiOGAcBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzIzODU1NTIxODU4ODQzORixsww&sigh=qyVZH8LYSKc&uach_m=[UACH]
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/ Frame 4A0C 		192 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:39 GMT
Content-Encoding
gzip
Age
588
X-Cache
HIT
Connection
keep-alive
Content-Length
62535
x-amz-id-2
Yk686UX3tf+sfw6s00j+izfI0JrqyGDELTeuED0o6vdJRolZ5EiShW+T+zVfuBcB3LCtNA9qHNs=
X-Served-By
cache-hhn4026-HHN
Last-Modified
Tue, 29 Mar 2022 15:47:05 GMT
Server
AmazonS3
X-Timer
S1650145359.230932,VS0,VE0
ETag
"52d00808545427ec106d5efaf477f68a"
x-amz-request-id
9PNTNSCKC5Z77DFH
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1563
view
securepubads.g.doubleclick.net/pcs/ Frame A359 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBmy5xHxGHjf3gnruQqUlB7dMCoI0RBGxUlvzh1b0iKdyagmV7W1i0CWDzpr_2dxwUvnSrf-luTkiRlm-J0BriYnmnnPrqj2MTBTkQjaG_IpqD_QWckLMdY2iVdZb5Sb8kxjeEyoj9ZrceRjE6cOc8hBf73m5tvFQ4nrWEl8vYgJWwIHPx-xX7k9iqewokIZKIeE62PQckugbJI0HZfhsw_CM_5AOo374AUdw4ufXf9yi_6I2g42uCuj8CygMEl9bpbiQtAoZEsEENxiJjIT5qNf1kT2iX4CkHQIs2CvZSOgfDRWB9qk3eWe_VUiotj4jreqKxKvtNaAB2H-Na_EEeh2aMOg&sai=AMfl-YQbiC6MSHla-kNfNZ2UlVP-DyYr-jDAAPQcn-Ipgvkv28LW9V1AANRQYtkV3cfnGYv1uhHWEsDMwVty8UJPNUTGTPmqX96zAYZkeKvBK7ON9raOu4t6vzJReuthk2m3&sig=Cg0ArKJSzLhU852LNBYKEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 16 Apr 2022 21:42:39 GMT
truncated
/ Frame A359 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8667745a535706a55615dc0710779cd8eeb157cd5bae8f8d470b589409c032ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
gtm.js
www.googletagmanager.com/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
73cddacb83514c983884c3ee8ac4e43390449e1d0c3d8044983556bdccd658fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39554
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 16 Apr 2022 21:42:39 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame C2C6 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 18:10:13 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server
Server
age
12745
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
agNGuJInZuwuTY4lR91CEaG4NTbKcXw6CL91Azjg38O9jkFtW4k3vQ==
bid
c.amazon-adsystem.com/e/dtb/ Frame C2C6 		23 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=MtvtlV4097YZQ&cb=0&ws=728x90&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%2267473%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&cfgv=1&schain=1.0%2C1!firstimpression.io%2C7470%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
FZJ7XRTEGBTVTP7BRXCV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
LBjty2wXXwGXk2v1azQ9Gyjtq_S2-_BnOlrmb2B4cJf7mhmE1mDKjg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame C2C6 		0
0
log_event
www.youtube.com/youtubei/v1/ Frame AE9B 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
X-YouTube-Client-Version
1.20220413.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt1Qm0xamJtemJ3ZyjL8OySBg%3D%3D
X-YouTube-Ad-Signals
dt=1650145357639&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C299%2C168&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 16 Apr 2022 21:42:39 GMT
photo-1551522435-a13afa10f103
images.unsplash.com/ Frame F8E5 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1551522435-a13afa10f103?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDI2fHxjYXIlMjBzYWxlc3xlbnwwfHx8fDE2NDk4Mjk3MzY&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
ea7c517a779bac4568cd357ffa1237072d8a58020446b627c9daaf2db4791a42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 06:02:34 GMT
server
imgix
age
315605
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-imgix-id
dca79a0d9e2ba10fadae4971d8896899d3756ae5
accept-ranges
bytes
content-length
80361
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10061-SJC, cache-fra19137-FRA
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame DDA4 		0
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=922590
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSZsHZAlumOH3wzar%2Fp%2BkEl%2BVmq4kVlkPPZD4eEcbLeHyJLtDTKusclZ8a4aOu6oyjO0r5xKr1bxcx0Q0eAG5%2FPyEavZ4hS1BY9EGpuOkzx2al7StH6BrfVBYP7sr7bYhlpHrxP2HoCPrmmxXJ6Yavlezw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd01791cd3859b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-djlI5TOHhawC1kfh
view
securepubads.g.doubleclick.net/pcs/ Frame DDA4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOUJtxVQzNQA3ZxPv_6xRTwLjdC7Inoj0ZTp7z6oycDg9aWmnbEcsDuBVnW2WmW_Y-UmG5nwhoFgExbs-mNookvJlz75dNzrf7bbF1jzDWiNbmKQQv-UBRYuOcYBQNTGX5Fg9LAPJaIll3p2f8GurcCmVTiqx0_Ljqgi4VVWWy3_Y0x4iDkaG5YT92TW7-6aXqNoUNmE8UAQVkZe6ubdDMGLm2NDmgoKaGqIRLHYsax2o2mRRxd-etUQXEo46JnsbYTkMUxlsxn6ljgTa_1kOH7YLzauw4hmBqOyx6HbOcT6dU73CLCRsth-2DZYqzn0jkjWihCQ&sai=AMfl-YRzcnDdbjK_Ip4j5tkhTbHT-KBjMaW0j_ogcJKYiTIBoah38TnuHazMRBgttEkPpEREL9PCmeuybwTNFrm5NhbV7lproW_8SpSRoN3iRg&sig=Cg0ArKJSzI7HcjG-H6RgEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame AA86 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=199184
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpKwBZ1PN3j9ZSfYgfO1g2yqxu8Wzc2WXLiH%2BowpLBcJ8wZfP%2F7Uz8zcIZ8E7Ac9WFHezcbYkW2hQmnZaRqKU36vVb6pI1alejUSeRsZkY4%2BLbfU06KoaqGxvOPBxf91yzwtGOtEAr%2F8xCF9uNlBtm9g3g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd017920e0359b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dju7WOUex7IC1rUB
view
securepubads.g.doubleclick.net/pcs/ Frame AA86 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJANy0cZ_USzipz4La7_mgsEUZDPR3wHmeS390Y5LhdYo_dS4Y1OWWqE8KaFUn03e8ExaKO0MhiZV_MVVQqf7LkBxDGSCpYzswitsemLbEVv2iNETEi8E0__yz1WLdY9KFCpNovSLVaCmO-CUeddZl5RAx2k9O2Khtca27Vo66UjZMYs0i3DJx9wmKb_htS4_YrtN9N7cAHnrCt47LF1kLQfx2u39HN__UtP-FUwKSRTYd45CHfBhtGtTs_3_7TMgQYrDmND6LebMlG1Wq8uOIB5daS0tXn2DQ0AxZlejArLpV4tCfrZkaBpB8p5cCt_-yd4G5Qg&sai=AMfl-YSNg0n7qryqPlQf8u2QXvPCNLCoX7PdFLr-E2BDcwOJGuUNNbD1LrN-oL2_hcbzP_108WsdP9lmrPqupL8pQ7HI-bpObSNmsXvzA7yw_g&sig=Cg0ArKJSzOunQcY0pOWqEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
zone
tradehouse.advertserve.com/servlet/view/banner/javascript/ Frame AA86 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=382&friendly=friendly_21970536&pid=0&fr=400&frlm=1&random=21970536&encode=1&origin=https%3A%2F%2Fwww.staradvertiser.com&referrer=https://www.staradvertiser.com/&cturl=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssGVsMmJxNQf-EOyWajvoCOPUwX_T096jhe1FbEFi8cyyU4fyD2U62SJEgu0nO1sR1E9oNpA1-FxK6doL0hFXWWnbR58-aOltFU1WLCqq8x2w9td57G6okHGkr3_qY8p1lwXiqKjXJofYngVa7-3PisoKnQG_hXrGZOT8ycXEEnYx0QzMtOq176HcCC0Jh3iK_MPzlP50NWSTLywuSnUaDdzt6zm9qukoyhIQNwBKFQyUz1_K8DK0XOQTeP59J69uXkj_Stgtye00jXG-0W1sNXeW--MP_vf8nBYn7BEN8TOWeJJXUcfDWjIVtLE1sR8iFiKQ&sai=AMfl-YQSyOAT_3dm5_USLRgSC6vNDfPqSHP7rQbV348PquFkLBmDAiQ-VAkqRgnUsCE35hmGjFUUdX_qohNVuOuVVWSNF8c5tJGvuIN5BVLgXA&sig=Cg0ArKJSzPr1uQdbI1xgEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.255.62.202 London, United Kingdom, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
ed56f205-f028-478d-b62c-3322c98f86a3.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/ Frame 1F83 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/ed56f205-f028-478d-b62c-3322c98f86a3.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7c7ef0a2aecd032ddaf97323b10bd1b4ba42c6d367ab1be26a0287354d445e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:38 GMT
age
1
x-guploader-uploadid
ADPycdv_OVA1tl8cMH9zf9FR3EdiO_sXuaoD0enTbTZ3gPbxI4Y-yeSBCFOJleL87mlWDUa3rOtL4sskwm3KL4KiU7BFlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36860
last-modified
Mon, 11 Apr 2022 16:09:35 GMT
server
UploadServer
etag
"7304e42ebae826db26d54f5caa871948"
x-goog-hash
crc32c=5IhOzw==, md5=cwTkLrroJtsm1U9cqocZSA==
x-goog-generation
1649693375284026
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
36860
accept-ranges
bytes
content-type
image/jpeg
expires
Sat, 16 Apr 2022 22:42:38 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 08DC 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=746518
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MWeqRwfnlKfNncbAVF67hjx6XkhYcoWrr7EunOQqL7USSUZMDgEwO1WQSjPXxhxQ%2FwzQzY2fP%2FwRzDoRD%2BzgRZxS4Ff3AFUrsYWihgMltFZweLcJA1BVEqOpVsaq8g2azdfeOkori6wxRWMZzLavdBf4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd017923e8859b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dj2vilaZRskCwXTx
view
securepubads.g.doubleclick.net/pcs/ Frame 08DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstK7tLWKO9ioq6xulDFinMoGvMaS0f6Xo_OO5Was-EGFkbX_bfKGn1L74XKMlq6qHNu_0z38ttTAfYxtV1B4YcAT9DMsiWzg5j9EzYPpyNtCQkbIsYCKPe0Vx_xskV1uD5TFRaxxy2dlQ7iFdNXMZFXjf3ZOOynV8PdgHMYeGdVc6UbnBwqhA_tRFIAkQkUoUcnJtNW1z4Pd95PeWQUImgkZc8EUbuj0Ikp-TsTqkBojwxNrtfjbGbWlJo3GwusjrEI2Br65scU6TABstScxrqe-k5sVh-LL2h2YMK9cAqV2TZoriXyIGHM5CUTgypul525R4aluw&sai=AMfl-YQ_QmzcQwCelUHWT_6Es73hVt_2giI0qNwmbPDW02fOrqXlUac8QXtxK27N-Wpm5t1X0qKWc9_1AnbJAshEv7VtrCG7_9fdxP4EM4B66Q&sig=Cg0ArKJSzNYt7mWZyoOwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame 08DC 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3600:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
922f3471c635c696de732da18714c1f54e6def0d1c6c8179adb3c5993e3f8695

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
K0rbuNHvJy.S8hETn7wudBCfDTGVZxUh
content-encoding
br
last-modified
Tue, 12 Apr 2022 14:46:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
etag
W/"08625d65200494d57f6ddcf1419e4cba"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sat, 16 Apr 2022 21:42:41 GMT
x-amz-cf-id
T-IXs6OPCMW9r0iHhozceFNJPDfyx8rWH_6HCAZg92kKvEZUHB842A==
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 2B2F 		0
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=197881
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FTR1pCHWXRgI41Cizy3RcUKTX3Wt5OJBCxnffl4NaMfUxSHzrBh7JNsG6MEvK8vf5oLIlL%2FaKaXlWOsW16Jz8iFoMUcyAAWMk4Bh%2FBDc4UQQIysYvrlNDFX6H3IqjEgKLWS0OupAKkN%2FoMLG3oh7ezivw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd017926ee759b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dj84nhP6UuwCG-pS
view
securepubads.g.doubleclick.net/pcs/ Frame 2B2F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzPvpAN_XHXSEHskimwT3r4p01mRPhFula-g-3YFq4iv8Uo76mdlQYXodLy0m3B513QwB1T3En7kF33VZyG8qDA1seVszPJyWqwte6mt3KfYX0B3bR6xfP7TlUeMRCM--_9qIhr8iOnSOV8InnIb-u2mfXkDKJIOkepYo35PSSfeZcOld5fNtdDBoHjCsGhvEG8wzLO-GfBf8c5nhrQzyIfB8i33hh1BGIKumdAAkC4-hVPwVkgj7KBIFl4tceTtxlLuh-4u57emmpIvu7yc57HLFswaFwJCxba6V5zywLLTLRGceD2lUjOIp7FCbKPxcs0XQ5ir6nJA&sai=AMfl-YSoFXUPTxHpWC9-wbvRAtQJQNNKH4wzGveORsYIoOYQzBB75sUrsb2tjL8RV54ufr4upOJqNlPMw_P0TJsZSa9OplC2bBsQMAsslQHQyw&sig=Cg0ArKJSzKtppU7vk2_aEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
css
fonts.googleapis.com/ Frame 3BD4 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 20:08:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:39 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 3BD4 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4277
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
DcKAIdglGw8UIc8Dc_CWfrVSLOwmeGCf1jjBXOr9s2FKyIpNNf-_yg==
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 3BD4 		2 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:15:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:15:53 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 3BD4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:41:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 3BD4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
924
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3BD4 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 3BD4 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:35:12 GMT
l
www.google.com/ads/measurement/ Frame 3BD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIlaVQ-CDv0gFLNL_bhQdt3_5AD1WYrm4aBfBL8CKt46RDNp9_UTOxoBcKsgKE4MHGLHB0
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
fb084ba56019ecef1e967c41e75d05fd.js
www.gstatic.com/mysidia/ Frame 3BD4 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 14:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11996
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 00:43:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 14:53:37 GMT
css
fonts.googleapis.com/ Frame 0482 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 21:21:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:39 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 0482 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4277
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
syTHDUjQPK78wYZdqZL9eHLGa_oNGOnoUrMTKapGK5UVuf_tnhnX9Q==
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 0482 		2 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:15:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:15:53 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 0482 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:41:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 0482 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
924
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0482 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 0482 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:35:12 GMT
l
www.google.com/ads/measurement/ Frame 0482 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaToB_xV7L2Xa5GRKuTxXvgQo54YxjOuPaw3ET-hzEHU6WSrrv3TR5CObFj2N2xnBbflkD9U
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
fb084ba56019ecef1e967c41e75d05fd.js
www.gstatic.com/mysidia/ Frame 0482 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 14:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11996
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 00:43:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 14:53:37 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 0731 		0
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=681946
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCGlm0jYaHil7tjBOBe9KwVNfoLvfIQepEVrGY1Jdp9VX1GPa1OiQKK15hpwTsDBChB3%2F1wjvKSHItlUcMJTykElQBp7DmwmRdaZPoMhW1o2DFwJne%2FGq3C6mb3B0hnjV287SIPYsqgvTsGIqtDBgarmxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd01793597e59b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dkhoGZAjEgEBGfui
view
securepubads.g.doubleclick.net/pcs/ Frame 0731 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudbsq_HYKPPibgfgrL6Mylfn7sYo7jSyjGvXv2fIuRzwh90RUfR172gZEWSWBIEsYFYKQo973TLQvr06qf626IBgn1f5TohaIywOPINGAkBK64terfZwZ3uFu8nsNpo6v667ebRONpOM4PNdMCUii36yXJUV6RXqctYeHEg4sHV_fa_K-w8i8kWGMqfrrSh0cnt9rcRa90Zz2J0o7sVJgIYx051qObygZPYcD7wPs-eheF8SV18uoAdd6NFJW0IqaKnkwPy3utWDCGyDXle-4AAX-K0TzXf8q8bLFVTSAVaYzafGG6NT71cd67Xz_Pfu8&sai=AMfl-YQE2R6bMojnZfjZdIKNje75cZDh1vWm_W_aKeEQStVZqZLmCSp7J0jGKWsQWUPGoGO22hiHb7tlhfdGbFCpJ92s0dTNB_9LlAU40UtKsw&sig=Cg0ArKJSzP8DVkvSV5inEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 2DBD 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4277
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
FwZWQINQueRZwHWx7oJJpjbIozWiMo8-QhcsUGpRhXDNVmGKrx0eNw==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 2DBD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2DBD 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 2DBD 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:35:12 GMT
l
www.google.com/ads/measurement/ Frame 2DBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTO6tDsocWhn-hkqM5NJR5qCb3lBuLxCFq_j8QzGN2Bxd36p02c0Hlql7wXsIvAfIOaUeMO
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2DBD 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 08:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 16 Apr 2023 08:15:07 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame C1A2 		0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=580327
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BHbGm%2B8e%2BLiwBDqT13StjbjNuJz%2BQGqniT9qph27xyg1dQ0rEQhsAWV1Hh14BMiCCvdqcdFarkFBAXJrQYCFJizjE9WjW0fir5hTq%2F1bXXjo3TIkbnxqVsDTi83kOEAe9BLIQYNDTRxpZDSe93fYrQzhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd01793ba4b59b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dkvrMf2GYmUC1rZR
view
securepubads.g.doubleclick.net/pcs/ Frame C1A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgN3wHRNcQmc3hjxHsyKmsdgyhFsFMfXOhqkiWf81drS-E1qYuW4EvByVyznMXvcE4x2QiPdm78m76PR2EZ8-ghIPGLo0JFcTcvV3xOiZLDZOmJhso8nhY4OqOdru125m-7LIhzkIm1qsBLMunqDcWVvKU9tpp9smgVB0ipIACrYlQi3LPFlUU4g-tyKEENo7A8et_zYrGB9P5O7-pDxW5GaXTSgu9VaxYS7a2nvv01Fc8fMQ9jYiKJbiVgTLSx0tgaYn4bB3SAyWg6t-rHaAA2vnmT-f3oJZsxF5yPxPkm_W9qhcUFaM8PQGkQ7tOon8a7gsm4Q&sai=AMfl-YQbl95a6Q73TucXTwmVOYn83jxNIqV2gFHc1hIAtq6KOFSbcBsEU8ONONAgoVmRhs7ehSgKINYaZaCAQ-JlVH4zozzRcno1OQddRiJArg&sig=Cg0ArKJSzItX0n-kKK5WEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 53D9 		0
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=351631
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhn6fGbfk9cXZqGwETAaeuc4cEjc855p2HjJ%2BGeaegjKtxsNqOzAoczgwy8Xg21TDgnUvgS87Y3FxjzwTnmIIzvIAFh8fWsEwyFl01Ph8bmRG48ZmD%2F%2BaMItY%2BYK8o9WPDeUdxMVSZ%2FmdCen0vKPmngY7w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd01793eae759b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dk2yLAG_swYCtUoB
view
securepubads.g.doubleclick.net/pcs/ Frame 53D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstw7-9jW4xAGbMS74zdggFeObSWB-5pvqFS_FJpMiYHvaARRFtR3gOPgq3pO-gcImbBsmmSgwEiC1e8rn8sDbhVdx2c_bNgVeA7XzPc1nMGUrGzW3zqCJVGPLcd0da72EnZhGwhVEGFSfOUSV7NnrML1-KHVrlSI_KiiW2BlCBw4_6x5bj6esuPsbMezXGTGUZGZkbXuE6Hpl3wrc52Oz_Rdi6fJqloeYbBi4GTyrlX0HJnRP8kxZm-6I0BADV7littfyJodSDtiZ2QlTXbnOb4rZIArrUd5wVcgou4N0Q9V3CMPFNUHtFyEhV52v63UMCQgjnI&sai=AMfl-YTR6F4V8B8flgVtTR0QkMMvXhYg7QuSTNTgIt87cQjyYxiADqvY94ehglyN7vxWNf1OCMlppm_Cxp3Q2zBMA7DcFxDMU-5eT5XMDMo1kg&sig=Cg0ArKJSzHmkySF_2PKAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame 53D9 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3600:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
922f3471c635c696de732da18714c1f54e6def0d1c6c8179adb3c5993e3f8695

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
K0rbuNHvJy.S8hETn7wudBCfDTGVZxUh
content-encoding
br
last-modified
Tue, 12 Apr 2022 14:46:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
etag
W/"08625d65200494d57f6ddcf1419e4cba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sat, 16 Apr 2022 21:42:41 GMT
x-amz-cf-id
30gH7EzDVqSDO3Lnl_xMtE6S-aeT3IfLi3L4h7EpXcl16Dji5hjE_Q==
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 42A9 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4277
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
gq26kp5US9ELmCtjU_7nKxboST5IzkZKQmKFlaXjEfK2myhibGloOA==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 42A9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 42A9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 42A9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:35:12 GMT
l
www.google.com/ads/measurement/ Frame 42A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQF1UTv6zul-qWwzkykzfGsBkcdedMZv4TSJrNF3TyS_MKbDklkitNcB-Ta0yUbeOOqiW4q
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 42A9 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 08:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 16 Apr 2023 08:15:07 GMT
a6b197f8-4bbf-4700-8b40-b6c77cba7e3f
https://www.staradvertiser.com/ Frame DDA4 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/a6b197f8-4bbf-4700-8b40-b6c77cba7e3f
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
d1410ce2-1486-4e7d-91db-1b616ae06b4d
https://www.staradvertiser.com/ Frame AA86 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/d1410ce2-1486-4e7d-91db-1b616ae06b4d
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
40052ec9-2649-4346-b974-623c3b9afc9e
https://www.staradvertiser.com/ Frame 08DC 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/40052ec9-2649-4346-b974-623c3b9afc9e
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
7c34d51c-17a1-40f2-a6c3-001d3cef1a86
https://www.staradvertiser.com/ Frame 2B2F 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/7c34d51c-17a1-40f2-a6c3-001d3cef1a86
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 3B0E 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4278
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
FoNyfFY6cDBobAGzXv3oEbg3tfpCnqSvbcBQ-xeysL98dXc6qVUotw==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 3B0E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
924
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B0E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 3B0E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:35:12 GMT
l
www.google.com/ads/measurement/ Frame 3B0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqutjA6kMGabo6yCoHjygNrejw7fMn4QQ-AvenzkIxgkYXSRBNijLgVHwgci94rnB6LwEi
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3B0E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 08:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 16 Apr 2023 08:15:07 GMT
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 1F83 		26 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1650145361727&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=AdForge%20Ad%20Unit&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=b918a224-b6b3-4b35-acb3-558b71c7c740&dtm=1650145359948&vp=300x250&ds=300x250&vid=1&sid=469e6768-6262-47dc-b544-8a2b67db884c&duid=7b5a167f-7ba1-4e5a-bff1-2a7288fdc416&fp=2521163034&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiMzI4ZDY3NTAtOThhMy00ZDQ2LWI1NmItOTRmZDNjNmJjYTVlIiwiYmlkIjoiOTFkODhjNDYtZTVmYi00MjBmLWE1YmUtMjMwYmIwODc0MTYxIiwicGlkIjoiYzQ2Y2YxNWQtMTYyMi00MTU3LThmM2YtMThiOWE2MTk0NmRlIn19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
e459e7fdb403ecc9c7eae88314fa6745
function-execution-id
1fkl8l785tka
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
view
securepubads.g.doubleclick.net/pcs/ Frame 0731 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQ9ealWWr8w_rGfV_QNfrFT9xwzZBu2OfnwPhBVNvSmx9WUZb-o6cGaAtS8Oxr09eap7goJ1jd5_JXjKc9QdF8PtnZJkCVZSfJUILWjzGZC8MC29JaFwcdCm5pK1fnmC0cC9sZkPTI9rjKvIe7i9y7PhCzlbkhZLsoW9RrbJn1SeCabnpGlGfc4W5LIzSPHA9L8XZEqzSjbAVmnRR-RkgUWtWFqNlWmNSQeppBR1eX7qiQssnTyZyp8J-1zGNu2OTnElXn-kC7wTLlYmiEwq0XXCuMkOr3CwWPhuERuyER-ptnbMyfmyHa-nN647Hthk8vOA&sai=AMfl-YROhxv9yhh0oJVrIJvwIXC2GghPSsxeUcqGigvzosO2dABPHBzhisELMhoVqYvXmFhrs_ZY7CNEAnCZiOk5gPace18PHjEdzfeGeOOLvw&sig=Cg0ArKJSzGGesWs4bbaNEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 16 Apr 2022 21:42:40 GMT
truncated
/ Frame 0731 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcf659710071e7b9fc2e9687ccac9e53a69c63068acbce0013c9ffe351a05026

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C1A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsue-PGx3-XJY0boc6d4-4nM7EjAVu_7Eed_e7y-JoOqg3neVP1g9SD0sCfI1LMKma5oJVQV4iwBrMpYer6kdbsgAeFPy8EOOHq3_qiX5nyDRKzQyuPe-9h9t6VEKzyRMY2y_ZeLlyJZOLK3ppfQO0UGRvyfgEH96j7GPGp1-QZRjhKAaPAprTbcVJy_lLigUdVIgNjZ9wNApUOReU9U86FzIa4eGq9kUd8R4n2ftkJ9LsgfBsUWAGTXPw5Uor7q_0G6s1XE-DBbf1dZ0YhEKr3MxAE9g3BMZvZDx-jC7Miu7aTLXP48HJdZq_kRCHW507aCQWjg26Ma&sai=AMfl-YTMzS5YV51Q4lxDmD12Js2hJEuKqtBNgFQHRozytaZTZP-X-l54HSM36ngs_nL-YBSb1CrEHKIu3rmqr5RwraldR-pcwRU5zWSuE2v-hg&sig=Cg0ArKJSzH4H4-IbXnnfEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 16 Apr 2022 21:42:40 GMT
truncated
/ Frame C1A2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72fc76a489952ea8ad70eb417fc0803fbea5ce5af036ac979d45dcb3ef3dd849

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
6fba2507-40b9-4a2c-8ee8-88fe450b8855
https://www.staradvertiser.com/ Frame 0731 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/6fba2507-40b9-4a2c-8ee8-88fe450b8855
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
truncated
/ Frame 53D9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52992adaeb6b6780d8b514544418661d12d97d58c62127608de7f431c10aee19

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
11bd2f91-4724-4d73-a010-7fc8e13e00e8
https://www.staradvertiser.com/ Frame C1A2 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/11bd2f91-4724-4d73-a010-7fc8e13e00e8
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
2750e55b-98ba-49c2-8ba2-cd6735416500
https://www.staradvertiser.com/ Frame 53D9 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/2750e55b-98ba-49c2-8ba2-cd6735416500
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
truncated
/ Frame AA86 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afbb0b0469da4b0016476de18cad1eec612610fe81d12d7f5704e9c7c3a0cb7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame DDA4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOea26opUPy3_Q5zvmdNBFJYTS5tk-e4daWTgCTTFJ7gVhopz6PAv0Mej1SLlhH8IBzRSyGQqqEWsMI9Me47ag9vjVTQFbO1FIzvOYAqdVysWg7QhU_5bQOES9rR-MWp7jOz_vSBoi5GnYrIYD1FMGPuO-adnEFGrpqO_UNm0cKLktnD7udEadZKErV0fBpdNI-X4hwRYrMUhbXc2TzuevQKWf3y5yiX1UGAU7UG4EjxdlVXqCLqEZpTVYUafpyWUY6JR6qM0dOc8HkIvkCoTEUwcf_PTB0Kx3VidUYmxEfuoxdohcf4mXwPdkE3947lLlQyxjdXNm&sai=AMfl-YToKD3fT2AM37xMPTOuANvXOI8Ze2ugNz16cIl_7hZlz5D29UQVQQlC9H21UMUGzeaP2vUV_9M21TGdUeMwP6F_Ec66W03xXpAOJ6AQMw&sig=Cg0ArKJSzLK1f2LmyHkQEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 16 Apr 2022 21:42:40 GMT
truncated
/ Frame DDA4 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ec9ef970365aa411100cb557249ba0e53b19467584a913ad5dd4818d08b96d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 08DC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b99156a25ed2ba93d8fe9c37cb499b2b44b6f2ac57be2c3bd3add651b995e50

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.113.js
static.criteo.net/js/ld/ Frame C2C6 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2B2F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuebvzNGG5yeuhnOiK-u_wUowgbo2VS1PpevgsVEPe0DhTy8Ar84IdSSVh_EFt8JKlaymVZzDLkCk3DTgC1PRi4X8O7EXgXisgOtLKGzZAVS2Q5PWRl_gKoqY6K3I_tG6pi-XEeb6PMVppEgpELgzNt5GEClbeIhkFEeYa2N8evwT47hDNfSGFUIXd-AQpmIeKqdLbWAgIMlQB0Xe8y0Vbxu0M6mz8nGPzOr55hl87Lgb-IDneu0sopQEtublpRPpQf-2RgSeGggbj25qkT-Y-hKhgmR_YrL8ywUeA4seURyszLoEX9TnjlASvalUJEn6iCm50Hpg_aQhhQ&sai=AMfl-YRX_vpyH61kPU3pHg3vYmQOHSM8ZgMzOrWhPkmdH2aIOXYTavGWN-zp62_OVPtOrKAOIOm0-719lxpIki7JAClI90HQfH4xWINLgz_ANw&sig=Cg0ArKJSzO-UDu3BSQgxEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 16 Apr 2022 21:42:40 GMT
truncated
/ Frame 2B2F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
285ba0faf37195c99cf20e24e587c3fb58d083e80df6870cd0903df85e48b495

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 63AE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date
Sat, 16 Apr 2022 21:42:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
9634c0f74e9ae93ba8902d8c43d251b628dc6577b86ff6b9e265cedd3517f28c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28554
x-xss-protection
0
server
sffe
etag
"1189 / 875 of 1000 / last-modified: 1650060514"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 16 Apr 2022 21:42:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AA86 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukKRGdcdGlZQLGJ6sjXSCo_fz8Mrk0l1Pd4Nf0IFRfznWKu__uX6rFe1y-nBy2ExXTkDBIy535TQfHQJk3ePf3lZcuwj6NIiilFi_tg2bqjfnP8i2_CwZMjagTn5e7Xjyx29gNX3igmTWsecW_r8oWZaTFPcotMiEK-JfQftzBMl2T_OKx0NHoxat9HO1Dcv1gYvfgD9ukNDedZKf0xgm8EUmdmqnkGkMtPyVKnNtuvPPU1diWQHPMZ5LUaVWPJ3uZk70bJ-Q6B9cQUqDFWl-Hv2VBS0K_FQTcA2VgZjc5Qdaj7XF8xDdO5122nciOW-ggJqz4AMCj&sai=AMfl-YTD3W4Yflyx6XQ9WK1m3iD0elVtdy6jKoO7RR7XB7ZeSkQsJUzH4CHm03LiUZykLacPsRT41Pd5EnSNUcu9S_iFHAra13LSyCPfwrKsyA&sig=Cg0ArKJSzF_7lintJhSYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 16 Apr 2022 21:42:40 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 3BD4 		0
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=1085371
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOCuGjdt9PspBmzBruzD7%2BZKaqlBZ5HPS1WY4qXlZxEV9GELPAyW70mMW6eCF3rYlltDl%2Fu2s1USGNv5uV5tGmPkxR1fBRuqacVhERyhgprXZRISPQB3AK%2FyarfZ0WGA%2FM9KB3dZFwW4414VdHDkVSy6QA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd01796fa3659b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dmrLx4re5moBQMtC
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 0482 		0
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=453858
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2b2v6fnzM2WdH%2FWXkboirycp9LXCoeHHNBh%2Ft%2Bw9%2BUzQa9wCJ7t5ZiOMLQfOrJI8q4W4My4iNAoql4eU60cm8UFbS%2Bc6EZzLoyp9bbwJCJh399uLGDEKkogX1YmYM2tQGHccGyQTw%2BNsXqrmiMyRXD7BfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd017971a8059b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dmwtpq0XJI8C1kvh
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 2DBD 		0
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=462297
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TMhs9vtJWx1%2F5MVCk741bj3r%2F%2FfxX05p2l8U56GuQeKr738%2FPq5WMAXtB7aT%2B%2BEz3c5NYjHfyEXJ9qmWexv2gkwK81mjDLhvA9Pes7fakWJAVMElezb5u0We1zP%2FCnOyYeesMg3%2B1RS%2BYArq04g077e%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd017977b2859b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dm-lD4k4Ed4CxpGx
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 42A9 		0
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=651186
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvEF1ANEUJwL7dj10kCaicxLI6R5JPqrAEkJPgI9GhoFUb1o%2B5LdYacANw9bd6lTzW5uLrjL6GcqytkC5mVeeWJTN4PP4Yco4mr%2FWQhIn2sk0PN67HCd4yvm4G6THQO0EuMWw%2FBdoogsw0WkNKEf0kc3mA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd01797dc2859b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dnL_aVJE7p4CG-yS
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 3B0E 		0
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=557810
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnQyo2mUUOfYsGnugGGJGicPCXxBrEzRzEgfQJWLgMHa8Pu5bjS0AWkN6DmCo3xB6JMoBxobnxfHW%2FeVCUGNnbb94B5%2FX%2BoC9Jjv8uaeIrvw8LCnMzNefPdOX%2Bx8ChFuu4xrz5yiLngJTp9XPkiXZ4xkbA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd017986dee59b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-dnjlQ3ClgTYFW3sx
87a558d0-8708-4dc4-8982-4906fcffcd5f
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/ Frame 3BD4 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/87a558d0-8708-4dc4-8982-4906fcffcd5f
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame 3BD4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C61vhTThbYrXMMNKRrAT8z56IDYqYguNotJy5pN4OZBABILmOkB9gleKwgrgHoAGrzYT_A8gBCakCX_01J_cksj7gAgCoAwHIA8sEqgSSAk_Q0HvbEe6IAiB_YU8dFQtCCbBAsVZqD2CNycdOJ6xmXrCNYzkP-8YyX7LbMlYwfLK41S74JjaogvIwV_wnAuV73hYM9tODFfVABiwEIgre5f8bAPMTlGPJizMXoIp0Ixa-Z0ST9fn6JEmOgSWNJC28FnZWOjKwBfKoYdsTPjF8yAFzKpwSOE8j_5pDcwh_nZfsdauAhzQuYnVI8Orf21CUFov_6QqJNNXIDedwloFlG5ECkudqGD7VsgYxnTDNwdTOzyVpliUSE_ISpj3gzX6Fvs6SF7XkCQcJ43Crl94gSQYBq9MFXx1yASBNRcb2gw772xpz3HKWm0qkaQUkg8pR6y9HOpO8Z1FqWV2UF1Og2I3ABP2uyMTlA-AEAZIFBAgEGAGSBQQIBRgEoAYugAe9snuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC_ngHSCAkIiOGAcBABGB2ACgPICwGYDPz_0fDrA7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzIzODU1NTIxODU4ODQzORixsww&sigh=O2CLLllwBuo&uach_m=[UACH]&template_id=515
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
430c17b4-4c6d-4365-ae30-d7019d5e46fc
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/ Frame 0482 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/430c17b4-4c6d-4365-ae30-d7019d5e46fc
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame 0482 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C77ZNTThbYrbMMNKRrAT8z56IDYqYguNo5Ju5pN4OZBABILmOkB9gleKwgrgHoAGrzYT_A8gBCakCX_01J_cksj7gAgCoAwHIA8sEqgSVAk_QnVrB_kvma4NFwSpwsnbPZqog8OUoEpVppDpbykl6ergou6SmrQHAAuMW_uqMzgqcrLetvEWTwpbdthXseEbDxubjIhOGCGUZ-oxpvn0v_wbnp3Yf5zX2hGze4N83dWm_eoMZw8gRHLXkHtDJoFcsHR6HUX8KspX5CKW3u4vJ9DlgBB8ftgIq2KzmZdBeUigkl_CizZ0EePHZd1zltyUy6a06KmHHp0fkqny9An8Sg9vT7i_NhlO18tRPYdnI7hWgHRI1FyhxGMnUJTizOjbFrju8vW4GqGmVylCkS7IYG4kfZMRElimurnXcRmH2-1mPZMpEmiqeOxo34inhNdfN1CNToSnxOCY4gdRbQTbbFfhMIDHABP2uyMTlA-AEAZIFBAgEGAGSBQQIBRgEoAYugAe9snuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC-hAHSCAkIiOGAcBABGB2ACgPICwGYDPz_0fDrA7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzIzODU1NTIxODU4ODQzORixsww&sigh=lyecTN-bFlY&uach_m=[UACH]&template_id=515
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
a3015713-1e94-406a-9843-e2058519ed9c
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/ Frame 2DBD 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/a3015713-1e94-406a-9843-e2058519ed9c
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame 2DBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpfOaTThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSHAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfqbciTqPi1h7xYaBwAH-e6kYhqZGUPFnWPzn5PwYYhdtooB260Bm4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzIzODU1NTIxODU4ODQzORixsww&sigh=d8TjvDuVkn4&uach_m=[UACH]&cid=CAQSLgCNIrLMVefizmNq0hy0zAUdSGXBXZEQUHZW7drPfsw10GInFxYoQhtygVn55fYYAQ
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 2DBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U-LTEPiUWNgFWp2DYgICAAAAz7yy2s2NMjCzYYIJ0TkUqBBMOFti375oeplCU06bdZ4AEg&wp=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
server
Kestrel
server-processing-duration-in-ticks
270011
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 0073 		162 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
53a2c7f03de874b71be1114f550160dd82f1579bf41d351c7539ff81ddaaf3f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=NdhZA3Dw8wNanMxeVYfrzL__5bagbNoxO_n2CcSvrj9AwJ7UhfgtnEi0mJ_pRC96LHZafEGCsp5cUaMlPpI_ZnCAUUksiSNDv-y1W1wlSJB-bEN3C2yklKRhk6ve9B0UDMxVTxdGxO1vpScSzzCk4ipZzphIdp_xwtSH4bV8fUqyxhE_bugF7tPAITSbFVeOesHuM6S-72a0qmFZvcG5oK3pFLmqOAj1-6g6400J8Hacc_TLSg6-W_BuN81XnmB5tf0pWg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
119162801
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
13438876712274494559
tpc.googlesyndication.com/simgad/ Frame 3BD4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13438876712274494559?w=100&h=100
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8994b54cee931abc74f31e59173d788f51288f68cd197864d9ba90d02da311f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 06:24:49 GMT
x-content-type-options
nosniff
age
487071
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4567
x-xss-protection
0
last-modified
Thu, 07 Nov 2019 15:26:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Apr 2023 06:24:49 GMT
truncated
/ Frame 3BD4 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
13438876712274494559
tpc.googlesyndication.com/simgad/ Frame 0482 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13438876712274494559?w=100&h=100
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8994b54cee931abc74f31e59173d788f51288f68cd197864d9ba90d02da311f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 06:24:49 GMT
x-content-type-options
nosniff
age
487071
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4567
x-xss-protection
0
last-modified
Thu, 07 Nov 2019 15:26:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Apr 2023 06:24:49 GMT
truncated
/ Frame 0482 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
b322a97a-f44b-4cb6-9411-4e6156d366cb
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/ Frame 42A9 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/b322a97a-f44b-4cb6-9411-4e6156d366cb
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame 42A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8E3wTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSHAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeVjxUiDUzUcLV3G4BwS2ZkIiFFTI5kaXL6XklZoqot0lI_VOyg_k4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzIzODU1NTIxODU4ODQzORixsww&sigh=DnQd_0jEexQ&uach_m=[UACH]&cid=CAQSLgCNIrLMVefizmNq0hy0zAUdSGXBXZEQUHZW7drPfsw10GInFxYoQhtygVn55fYYAQ
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 42A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U-LTEPiUWNgFWp2DYgICAAAAz7yy2s2NMjCzYYIJ0TkUqBBNOFtiwa6qFoJTz8goIBUAEg&wp=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
server
Kestrel
server-processing-duration-in-ticks
284216
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame E7E6 		167 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
574f915470372a47ebafae1ffe05a57f125a575ad589b5bc2f9a282ffd03de26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=PD_f7HDw8wNanMxez0iZQ1BZrYkxEZ1d_LhpmjqWN83xSrEfJQV1Yzix2mq9jHlkgy3Wh030PnpswyiMMpmyVbsPHZO1b3-k25apNa8Dd2y-wZvLu4NfmqaQRmAsIqjMmGQ7H_1Rp7XXBEKpe9V89NZJe-WogKXfSEYQw36F1blnLIP-GDr0s-L0CpNT9fvCsR9WqkvII5se5YDfUZ5hzxL6jSkf-cqimFCeeTUMPwaCQe6X3r0syZlM3jxTcfU0Y5k_MQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
119206785
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ Frame 53D9 		171 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3600:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2aba27accf7f080e7ae4cd31a180c51ca7b3937d1db6096f7c640ca2dc94d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
rdMiKYp_L8WGTwjxPUZntWGha7Zk7n6t
content-encoding
br
last-modified
Tue, 12 Apr 2022 14:46:00 GMT
server
AmazonS3
age
4
etag
W/"030d3cd329b8b90cbb02afbecba0b7e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sat, 16 Apr 2022 21:42:37 GMT
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
kv0E-zp0vxYdMituJWSdjKaXyM-o9559sD8Cj-52pi2zDDgwDKe57g==
/
geoip.instiengage.com/json/ Frame 53D9 		210 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.75.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-75-204.compute-1.amazonaws.com
Software
/
Resource Hash
e3a9cf322cb19945de4c50329a80acd3a1b06dce6ab8bc822d01de0dc76584ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sat, 16 Apr 2022 21:42:40 GMT
access-control-allow-credentials
true
x-database-date
Sat, 16 Apr 2022 02:42:49 GMT
content-length
210
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame F3A8 		73 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:6800:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
262
content-length
73
content-type
text/html
date
Sat, 16 Apr 2022 21:38:19 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
server
AmazonS3
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-id
7bX_g9LbChLayG5kpDovcn3mUTofBgm4xGSnaTi5JArj396D5YculA==
x-amz-cf-pop
DUS51-P2
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
x-cache
Hit from cloudfront
58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ Frame 08DC 		171 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3600:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2aba27accf7f080e7ae4cd31a180c51ca7b3937d1db6096f7c640ca2dc94d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
rdMiKYp_L8WGTwjxPUZntWGha7Zk7n6t
content-encoding
br
last-modified
Tue, 12 Apr 2022 14:46:00 GMT
server
AmazonS3
age
4
etag
W/"030d3cd329b8b90cbb02afbecba0b7e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sat, 16 Apr 2022 21:42:37 GMT
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
womtpuPi4cAOkTLiDAZpCTAPbimD4gAo9zgAEqeHss73qhgM2lXFiA==
/
geoip.instiengage.com/json/ Frame 08DC 		210 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.75.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-75-204.compute-1.amazonaws.com
Software
/
Resource Hash
e3a9cf322cb19945de4c50329a80acd3a1b06dce6ab8bc822d01de0dc76584ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sat, 16 Apr 2022 21:42:40 GMT
access-control-allow-credentials
true
x-database-date
Sat, 16 Apr 2022 16:06:53 GMT
content-length
210
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame F3B0 		73 B
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:6800:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
262
content-length
73
content-type
text/html
date
Sat, 16 Apr 2022 21:38:19 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
server
AmazonS3
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-id
JWFR0W-KsDRiW14gKdgp6Iqsr1CrPEZLtufK4GGjiBJxlj6NwNVQXg==
x-amz-cf-pop
DUS51-P2
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
x-cache
Hit from cloudfront
96642148-8b85-486d-bbaf-369ed79a0af1
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/ Frame 3B0E 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/96642148-8b85-486d-bbaf-369ed79a0af1
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame 3B0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CI-8iTThbYsHMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSNAk_QdcaB-Q9ghtqHGfRpZJVf5EjbrGd8h4shEYQLHm2V48obRDI6CJjYGOKMv5DqGNzFcoXSXe07GmC8KIDEwDT9j4tICYOWebZuCCtHxdri0TUhALjcoAZaxmVpN3dU8uSuQdLJzCrs7zEtGOp_7Szh3jBVTl-Pns7CXyZrFdPf6T3O2Fe80uOmjc96Stz-gMlfVjU2FX5R90knECXqStbveJJkc1GyW8qOIzPZSZ4wzA-IAS834kWM4Fhw-kL2XEZhjfYt-fgHF8RrLUy8gRXcM9Jkbn6SLH6NfwsdGL7pWW6nsVt7-caL11HuUCvpEQOSnOflY1JwX_2tRukBjUczsTXrS7X00x_lDxQp4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzIzODU1NTIxODU4ODQzORixsww&sigh=okbvaOqdj_Q&uach_m=[UACH]&cid=CAQSLgCNIrLMVefizmNq0hy0zAUdSGXBXZEQUHZW7drPfsw10GInFxYoQhtygVn55fYYAQ
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 3B0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=U7-yEvKUWKwC-gGdg2ICAgAAAAoxdSRftf8Vs2GCCdE5FKgQTThbYsFfAGH2E0trnKO5ABI&wp=Yls4TQAMJkEKiwjSAAen_PFURH3zeERYBKZobw
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.129 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
server
Kestrel
server-processing-duration-in-ticks
255609
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 9B42 		43 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJkEKiwjSAAen_PFURH3zeERYBKZobw&u=%7CH1LL%2FjjDGhFZD96MiOPNE9qZR15UUuX4eSYYiKVkzJo%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnd6kEB97FJX7W25m7jsdXAEqDx-eWRlibZJf_knYhN74na8EgygqAGI0nfaqh7IUnE-1sMfE2KssYEPZccHveEAfPv1HOM5bdWmYflnvg9-hWGOrhJIofTY8Ahpzis0hT3Fwx2_p1R9fnhi8LBUCOv_GXn9I7bcIjz1Tcm4pdQWZOMyw_XKvVwlIC_CwCUUQ9FJ3yfz_fBm3iaDJ6dYOwLBW1C3slYInvFy1Y3N_fV3VMycii2Hv9qAbpyX-HqmgR2G6UxMSJ7xezdcHMof1rDKi7Tz2VVL25F-bHJTGzAEGvdIxaEtD41rhtctSZKDAtAxdMtZcThiB_N3_OF63sqyleq-smEoY0u7QZUOAp7mp2J3PEVhoM6IdVg3pEtXzcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UaxTThbYsHMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSQAk_QdcaB-Q9ghtqHGfRpZJVf5EjbrGd8h4shEYQLHm2V48obRDI6CJjYGOKMv5DqGNzFcoXSXe07GmC8KIDEwDT9j4tICYOWebZuCCtHxdri0TUhALjcoAZaxmVpN3dU8uSuQdLJzCrs7zEtGOp_7Szh3jBVTl-Pns7CXyZrFdPf6T3O2Fe80uOmjc96Stz-gMlfVjU2FX5R90knECXqStbveJJkc1GyW8qOIzPZSZ4wzA-IAS834kWM4Fhw-kL2XEZhjfYt-fgHF8RrLUy8gRXcM9Jkbn6SLH6NfwsdGL7pWW6nsVt7-YSJ9sNp37f6rp-GPzfYxap5S_cbTMcZD_P7jJMZ9KvYy5pPiweWozp64AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xv5U0J7iil2KXN8bJM8KvTN0IUA%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e04445baceefe3f6bac0d4b371255540a174c1f4d81211e17c90d322df96b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=yQf3JHDw8wNanMxebOZxs3g5m1Xbx_a0OGgLzMaEky9OCTEZ5gij39dbwU7hGpMyp1xz2N6P-SgfsfK4Seos6CPeZby5NAlHYztFO2aA-mWzOgbwJ_QRgX10waEOiRaLwOfSPvHVhSpNRAbUEZRyMWxZlbAZsMQZhaUVzZns0e_6pDeUaXK1N-rxZeJ5VTVGeZZA1610qI_uNeu06UE-yXvGnRPRqwGq8D30L0fflcx_bus5Db90WFvbyaRTBMAxfUukg8j14O_69b5G"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4981548
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 3BD4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8bb36b8b214b54eecb5688cacd28254c8d1fbed289333c0f7e76002aa2c17a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0482 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
653d4cf53d4120f3778cbb4f58011c7c7d0dc54985a0fd7dc1b9f06c2417f69d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
lg.php
cdn.firstimpression.io/delivery/ 		1 B
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=67472&campaignid=35&zoneid=110722&dt=1&_fiid=A7&cb=48547897
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-88.fra6.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:40 GMT
content-encoding
gzip
server
nginx/1.20.0
x-amz-cf-pop
FRA6-C1
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
Yxz4RooYgoITRVsvdD0i-GAQNi5u-yIbJXyeu16SIfJh2DwJb7xu3g==
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
expires
0
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=550833199&e=e&n=8892309490705637&aid=53T65BNiEei3kAY3v_uBow&amp=0&at=1&c=-1&ccp=0&cp=0&d=0&eb=1&ed=9&emi=1gtqet15ds57&i=0&id=ReiuWYBP&lid=1a28etk5ucvf&lsa=set&mt=1&pbd=1&pbr=1&pgi=waztvcaregwu&ph=1&pid=ZoPFXSjg&pii=0&pl=0&plc=5&pli=14efg2i1cghu&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&pu=https%3A%2F%2Fwww.staradvertiser.com%2F&pv=8.24.6&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Department%20of%20Health%3A%20Preventing%20High%20Blood%20Pressure&tv=3.39.0&vb=0&vi=0&vl=90&wd=0&ab=0&cae=0&cb=0&cdid=partners-video-ads&cme=0&dd=0&fed=025uSCQm&flc=0&fv=&ga=1&lng=en-US&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FReiuWYBP.m3u8&pbc=0&pd=1&pdr=&plng=en-US&plt=2850&pni=0&po=0&pogt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&sp=0&st=1270&sa=1650145358094
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:40 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-served-by
cache-mxp6971-MXP
x-cache
MISS
x-cache-hits
0
truncated
/ Frame 2DBD 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95172f8b627381eb371cfe383c7d06a5613a7800e121144b991b6f59fd324191

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 42A9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04747005bea66573295b4f30b3ac94c148a18a65e077122a43f2ae70b325e270

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160074
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160074&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhFMTUwMEItNUMxQi00NkFBLTlGRDEtNEMyQUI4QzUyNUMy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sat, 16 Apr 2022 21:42:42 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:515
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
truncated
/ Frame 3B0E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9dd71fde8b68b24a62896f4b71ba69657a248ce16383482f23f3640abfcad8bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
diberp-tcx-v4.29.0-v2.js
americanhometownmedia.com/static/ 		337 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 16:38:48 GMT
content-encoding
gzip
age
1573433
x-guploader-uploadid
ADPycdtkjoBMZTUUsQMRONHML5lTmS_WNyuxi-LPlRyEQ-qNGKhMCluz-sfK4qLAq7R4PBfGAFgxpJUSsixLLQoWxos
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
106099
last-modified
Thu, 04 Mar 2021 16:18:32 GMT
server
UploadServer
etag
"02c7b9ff3fbd84a1b8d93e95e255b626"
vary
Accept-Encoding, Origin
x-goog-hash
crc32c=2R6v6g==, md5=Ase5/z+9hKG42T6V4lW2Jg==
x-goog-generation
1614874712638160
cache-control
public, max-age=31536000
x-goog-stored-content-length
106099
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 29 Mar 2023 16:38:48 GMT
bundle.js
auth.instiengage.com/auth/ Frame F3A8 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:6800:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
z9_dsDhFEXvmKWuBLcY14W3grjGzZbNe
content-encoding
br
last-modified
Fri, 11 Feb 2022 18:07:15 GMT
server
AmazonS3
age
217
etag
W/"9bea1145c763a33ae96eac3f3997743f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
date
Sat, 16 Apr 2022 21:39:05 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
Nzje1-wi6kjavTWpJVUhMe5GfxvSt56bClrjsHD8o6AkjHBDEm1Zhg==
bundle.js
auth.instiengage.com/auth/ Frame F3B0 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:6800:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
z9_dsDhFEXvmKWuBLcY14W3grjGzZbNe
content-encoding
br
last-modified
Fri, 11 Feb 2022 18:07:15 GMT
server
AmazonS3
age
217
etag
W/"9bea1145c763a33ae96eac3f3997743f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
date
Sat, 16 Apr 2022 21:39:05 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
WFgs4ZC4Plqr3X5I2VW0Flhi-PZPCP9Ze6ybqKM-cm5Qs4zff4uW6A==
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9B42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJkEKiwjSAAen_PFURH3zeERYBKZobw&u=%7CH1LL%2FjjDGhFZD96MiOPNE9qZR15UUuX4eSYYiKVkzJo%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnd6kEB97FJX7W25m7jsdXAEqDx-eWRlibZJf_knYhN74na8EgygqAGI0nfaqh7IUnE-1sMfE2KssYEPZccHveEAfPv1HOM5bdWmYflnvg9-hWGOrhJIofTY8Ahpzis0hT3Fwx2_p1R9fnhi8LBUCOv_GXn9I7bcIjz1Tcm4pdQWZOMyw_XKvVwlIC_CwCUUQ9FJ3yfz_fBm3iaDJ6dYOwLBW1C3slYInvFy1Y3N_fV3VMycii2Hv9qAbpyX-HqmgR2G6UxMSJ7xezdcHMof1rDKi7Tz2VVL25F-bHJTGzAEGvdIxaEtD41rhtctSZKDAtAxdMtZcThiB_N3_OF63sqyleq-smEoY0u7QZUOAp7mp2J3PEVhoM6IdVg3pEtXzcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UaxTThbYsHMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSQAk_QdcaB-Q9ghtqHGfRpZJVf5EjbrGd8h4shEYQLHm2V48obRDI6CJjYGOKMv5DqGNzFcoXSXe07GmC8KIDEwDT9j4tICYOWebZuCCtHxdri0TUhALjcoAZaxmVpN3dU8uSuQdLJzCrs7zEtGOp_7Szh3jBVTl-Pns7CXyZrFdPf6T3O2Fe80uOmjc96Stz-gMlfVjU2FX5R90knECXqStbveJJkc1GyW8qOIzPZSZ4wzA-IAS834kWM4Fhw-kL2XEZhjfYt-fgHF8RrLUy8gRXcM9Jkbn6SLH6NfwsdGL7pWW6nsVt7-YSJ9sNp37f6rp-GPzfYxap5S_cbTMcZD_P7jJMZ9KvYy5pPiweWozp64AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xv5U0J7iil2KXN8bJM8KvTN0IUA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9B42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJkEKiwjSAAen_PFURH3zeERYBKZobw&u=%7CH1LL%2FjjDGhFZD96MiOPNE9qZR15UUuX4eSYYiKVkzJo%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnd6kEB97FJX7W25m7jsdXAEqDx-eWRlibZJf_knYhN74na8EgygqAGI0nfaqh7IUnE-1sMfE2KssYEPZccHveEAfPv1HOM5bdWmYflnvg9-hWGOrhJIofTY8Ahpzis0hT3Fwx2_p1R9fnhi8LBUCOv_GXn9I7bcIjz1Tcm4pdQWZOMyw_XKvVwlIC_CwCUUQ9FJ3yfz_fBm3iaDJ6dYOwLBW1C3slYInvFy1Y3N_fV3VMycii2Hv9qAbpyX-HqmgR2G6UxMSJ7xezdcHMof1rDKi7Tz2VVL25F-bHJTGzAEGvdIxaEtD41rhtctSZKDAtAxdMtZcThiB_N3_OF63sqyleq-smEoY0u7QZUOAp7mp2J3PEVhoM6IdVg3pEtXzcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UaxTThbYsHMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSQAk_QdcaB-Q9ghtqHGfRpZJVf5EjbrGd8h4shEYQLHm2V48obRDI6CJjYGOKMv5DqGNzFcoXSXe07GmC8KIDEwDT9j4tICYOWebZuCCtHxdri0TUhALjcoAZaxmVpN3dU8uSuQdLJzCrs7zEtGOp_7Szh3jBVTl-Pns7CXyZrFdPf6T3O2Fe80uOmjc96Stz-gMlfVjU2FX5R90knECXqStbveJJkc1GyW8qOIzPZSZ4wzA-IAS834kWM4Fhw-kL2XEZhjfYt-fgHF8RrLUy8gRXcM9Jkbn6SLH6NfwsdGL7pWW6nsVt7-YSJ9sNp37f6rp-GPzfYxap5S_cbTMcZD_P7jJMZ9KvYy5pPiweWozp64AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xv5U0J7iil2KXN8bJM8KvTN0IUA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9B42 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJkEKiwjSAAen_PFURH3zeERYBKZobw&u=%7CH1LL%2FjjDGhFZD96MiOPNE9qZR15UUuX4eSYYiKVkzJo%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnd6kEB97FJX7W25m7jsdXAEqDx-eWRlibZJf_knYhN74na8EgygqAGI0nfaqh7IUnE-1sMfE2KssYEPZccHveEAfPv1HOM5bdWmYflnvg9-hWGOrhJIofTY8Ahpzis0hT3Fwx2_p1R9fnhi8LBUCOv_GXn9I7bcIjz1Tcm4pdQWZOMyw_XKvVwlIC_CwCUUQ9FJ3yfz_fBm3iaDJ6dYOwLBW1C3slYInvFy1Y3N_fV3VMycii2Hv9qAbpyX-HqmgR2G6UxMSJ7xezdcHMof1rDKi7Tz2VVL25F-bHJTGzAEGvdIxaEtD41rhtctSZKDAtAxdMtZcThiB_N3_OF63sqyleq-smEoY0u7QZUOAp7mp2J3PEVhoM6IdVg3pEtXzcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UaxTThbYsHMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSQAk_QdcaB-Q9ghtqHGfRpZJVf5EjbrGd8h4shEYQLHm2V48obRDI6CJjYGOKMv5DqGNzFcoXSXe07GmC8KIDEwDT9j4tICYOWebZuCCtHxdri0TUhALjcoAZaxmVpN3dU8uSuQdLJzCrs7zEtGOp_7Szh3jBVTl-Pns7CXyZrFdPf6T3O2Fe80uOmjc96Stz-gMlfVjU2FX5R90knECXqStbveJJkc1GyW8qOIzPZSZ4wzA-IAS834kWM4Fhw-kL2XEZhjfYt-fgHF8RrLUy8gRXcM9Jkbn6SLH6NfwsdGL7pWW6nsVt7-YSJ9sNp37f6rp-GPzfYxap5S_cbTMcZD_P7jJMZ9KvYy5pPiweWozp64AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xv5U0J7iil2KXN8bJM8KvTN0IUA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 11 Apr 2023 21:42:41 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 9B42 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJkEKiwjSAAen_PFURH3zeERYBKZobw&u=%7CH1LL%2FjjDGhFZD96MiOPNE9qZR15UUuX4eSYYiKVkzJo%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnd6kEB97FJX7W25m7jsdXAEqDx-eWRlibZJf_knYhN74na8EgygqAGI0nfaqh7IUnE-1sMfE2KssYEPZccHveEAfPv1HOM5bdWmYflnvg9-hWGOrhJIofTY8Ahpzis0hT3Fwx2_p1R9fnhi8LBUCOv_GXn9I7bcIjz1Tcm4pdQWZOMyw_XKvVwlIC_CwCUUQ9FJ3yfz_fBm3iaDJ6dYOwLBW1C3slYInvFy1Y3N_fV3VMycii2Hv9qAbpyX-HqmgR2G6UxMSJ7xezdcHMof1rDKi7Tz2VVL25F-bHJTGzAEGvdIxaEtD41rhtctSZKDAtAxdMtZcThiB_N3_OF63sqyleq-smEoY0u7QZUOAp7mp2J3PEVhoM6IdVg3pEtXzcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UaxTThbYsHMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSQAk_QdcaB-Q9ghtqHGfRpZJVf5EjbrGd8h4shEYQLHm2V48obRDI6CJjYGOKMv5DqGNzFcoXSXe07GmC8KIDEwDT9j4tICYOWebZuCCtHxdri0TUhALjcoAZaxmVpN3dU8uSuQdLJzCrs7zEtGOp_7Szh3jBVTl-Pns7CXyZrFdPf6T3O2Fe80uOmjc96Stz-gMlfVjU2FX5R90knECXqStbveJJkc1GyW8qOIzPZSZ4wzA-IAS834kWM4Fhw-kL2XEZhjfYt-fgHF8RrLUy8gRXcM9Jkbn6SLH6NfwsdGL7pWW6nsVt7-YSJ9sNp37f6rp-GPzfYxap5S_cbTMcZD_P7jJMZ9KvYy5pPiweWozp64AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xv5U0J7iil2KXN8bJM8KvTN0IUA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Tue, 11 Apr 2023 21:42:41 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 9B42 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=_tSFvEbIe4DMPFxdzKgn4-7vqfmXEU3oU-RAO0fKWZUYKGCE28A1zxod4hd-laVxCHX3mWU1klhh1bYSjjjubDh6-96xP1WwTwqB8dQYWMnXb-q1LDVglv2-de98PhARJSKAu2vZEIuSyGCaXmNSAN_A44T_4WM8ecCMVE4t4rLoW3VucnBu-VGH1ryfwV2ZYQiz1UFnP3qNHi_Tev2CoqRE1bdHsoM4-BWZh3AT2ZDBC6DxV63crctxiAh-GIczXd9e70TttQ-4JOq5x9jH4cbwVEK6wsCAxMe3diQKR9oVaDN-WBKJ5E0VMocSnMhBgjAec6O02Fsz6UdbPc8YOg_LrIslgJUP8PsWs5QQW5lSTiaYjfgHj2rqZ5NAc4G5CyyJsI-_Qw6xAzrZoepBPFCtBd5olLQMSurfFm0PVwMOIB2c6g1Nmoc03a-mBQg3ovONJg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJkEKiwjSAAen_PFURH3zeERYBKZobw&u=%7CH1LL%2FjjDGhFZD96MiOPNE9qZR15UUuX4eSYYiKVkzJo%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnd6kEB97FJX7W25m7jsdXAEqDx-eWRlibZJf_knYhN74na8EgygqAGI0nfaqh7IUnE-1sMfE2KssYEPZccHveEAfPv1HOM5bdWmYflnvg9-hWGOrhJIofTY8Ahpzis0hT3Fwx2_p1R9fnhi8LBUCOv_GXn9I7bcIjz1Tcm4pdQWZOMyw_XKvVwlIC_CwCUUQ9FJ3yfz_fBm3iaDJ6dYOwLBW1C3slYInvFy1Y3N_fV3VMycii2Hv9qAbpyX-HqmgR2G6UxMSJ7xezdcHMof1rDKi7Tz2VVL25F-bHJTGzAEGvdIxaEtD41rhtctSZKDAtAxdMtZcThiB_N3_OF63sqyleq-smEoY0u7QZUOAp7mp2J3PEVhoM6IdVg3pEtXzcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UaxTThbYsHMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSQAk_QdcaB-Q9ghtqHGfRpZJVf5EjbrGd8h4shEYQLHm2V48obRDI6CJjYGOKMv5DqGNzFcoXSXe07GmC8KIDEwDT9j4tICYOWebZuCCtHxdri0TUhALjcoAZaxmVpN3dU8uSuQdLJzCrs7zEtGOp_7Szh3jBVTl-Pns7CXyZrFdPf6T3O2Fe80uOmjc96Stz-gMlfVjU2FX5R90knECXqStbveJJkc1GyW8qOIzPZSZ4wzA-IAS834kWM4Fhw-kL2XEZhjfYt-fgHF8RrLUy8gRXcM9Jkbn6SLH6NfwsdGL7pWW6nsVt7-YSJ9sNp37f6rp-GPzfYxap5S_cbTMcZD_P7jJMZ9KvYy5pPiweWozp64AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xv5U0J7iil2KXN8bJM8KvTN0IUA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:41 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2318062
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
fc91354f0ebf4923b829904e1af0a332_image_ad_300x250.gif
static.criteo.net/design/dt/70777/220127/ Frame 9B42 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/70777/220127/fc91354f0ebf4923b829904e1af0a332_image_ad_300x250.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJkEKiwjSAAen_PFURH3zeERYBKZobw&u=%7CH1LL%2FjjDGhFZD96MiOPNE9qZR15UUuX4eSYYiKVkzJo%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnd6kEB97FJX7W25m7jsdXAEqDx-eWRlibZJf_knYhN74na8EgygqAGI0nfaqh7IUnE-1sMfE2KssYEPZccHveEAfPv1HOM5bdWmYflnvg9-hWGOrhJIofTY8Ahpzis0hT3Fwx2_p1R9fnhi8LBUCOv_GXn9I7bcIjz1Tcm4pdQWZOMyw_XKvVwlIC_CwCUUQ9FJ3yfz_fBm3iaDJ6dYOwLBW1C3slYInvFy1Y3N_fV3VMycii2Hv9qAbpyX-HqmgR2G6UxMSJ7xezdcHMof1rDKi7Tz2VVL25F-bHJTGzAEGvdIxaEtD41rhtctSZKDAtAxdMtZcThiB_N3_OF63sqyleq-smEoY0u7QZUOAp7mp2J3PEVhoM6IdVg3pEtXzcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UaxTThbYsHMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSQAk_QdcaB-Q9ghtqHGfRpZJVf5EjbrGd8h4shEYQLHm2V48obRDI6CJjYGOKMv5DqGNzFcoXSXe07GmC8KIDEwDT9j4tICYOWebZuCCtHxdri0TUhALjcoAZaxmVpN3dU8uSuQdLJzCrs7zEtGOp_7Szh3jBVTl-Pns7CXyZrFdPf6T3O2Fe80uOmjc96Stz-gMlfVjU2FX5R90knECXqStbveJJkc1GyW8qOIzPZSZ4wzA-IAS834kWM4Fhw-kL2XEZhjfYt-fgHF8RrLUy8gRXcM9Jkbn6SLH6NfwsdGL7pWW6nsVt7-YSJ9sNp37f6rp-GPzfYxap5S_cbTMcZD_P7jJMZ9KvYy5pPiweWozp64AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xv5U0J7iil2KXN8bJM8KvTN0IUA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4ddb98bef9732a8caf32acb37b5799bd27556ca0f2a26b9b6e17b6d0d77b66b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Thu, 27 Jan 2022 15:42:08 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"61f2bd50-cc4b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
52299
expires
Tue, 11 Apr 2023 21:42:41 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0073 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0073 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0073 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 11 Apr 2023 21:42:41 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 0073 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Tue, 11 Apr 2023 21:42:41 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 0073 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=m4BXiTSqKowv9dWR-GB2pDGmskkV4p9Hby_yfEXnlLrfykwpvO-re8GmdYnVqULoi4LLAE1tH8-t1WvzokqtRGquJuoNVo8c9w9i0ugjeU-jtAJOPD1Y4wo-2a-b5rhRmkPbUcYEU38YlQgsxt3xhtiwdt6GcB-v5uVslCaFbn3yuCZO42PkMs9xDY8s6HkIU4bXiV0bb1hBRubMN4IKoxOBYSQRXqZDFWYpfSls0X2CqwGLjEcl2hqEbJqTHMNC0ZELjFfxV4FO9zOmPgEonfDT4SEBRvFNxfQuG45xFQ-q4_lx-ENNrmAwb8t4YWkyJm-MK-rw6pA_YzikaPKn4g_ozIa2XqsavjEzCQ6bmNjqqNQ7eei4LjfH3aMZdCDMSskOqCdQcIAUodWnZZ7Ed27fofgJTfkKySHFcAVPwNtd8_loF5Ymj148humGWRk1FOQ6QH_TfIC9_wJW7Y6wIKUiBsE
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:40 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2244708
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame E7E6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame E7E6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E7E6 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 11 Apr 2023 21:42:41 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame E7E6 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Tue, 11 Apr 2023 21:42:41 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame E7E6 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=kTmWkTSqKowv9dWR-GB2pDGmskmpj5N2Cwck9mFMkm9geETV8O6pgIY_65Q0q07XlArZOgGrKSBHnfjAUgc7qWLy7nRYSFUGUMZ5lFjGSCxLDRfkEoTrW16A7fFZdzprTn_JZhU45f-OO-QVHIJvQ3KhG0IO5qfgHPQTWmLYEqSCO-siSh9KejgqrEC82Y0UTlKjoecWo4VhG9ViOiCsshaINBKawcid7m89MuGGPlTdW6jVOxyCHpjigpWs8bMMVfamSmywWXyuhzr3PNQofpOiTsvOKjHnDDloVbik7KVDVaakeYaDPvoEOh38RPDS_a66F1z-sowalC73fPjuuOM6fPbQEORlKqR-ZAEY7Xi4AmyohL0Rhyo4aake0WZzxT_ZAckfVbkd2lZq59DajoCe2V4CaLsSwVP2EaJdAlwikBkHefP6AFEr-vImdgx_6zTpMQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:40 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1675708
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
geoip.insticator.com/json/ Frame 53D9 		210 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.20.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-20-6.compute-1.amazonaws.com
Software
/
Resource Hash
e3a9cf322cb19945de4c50329a80acd3a1b06dce6ab8bc822d01de0dc76584ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sat, 16 Apr 2022 21:42:41 GMT
access-control-allow-credentials
true
x-database-date
Sat, 16 Apr 2022 02:42:49 GMT
content-length
210
vary
Origin
content-type
application/json
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ Frame 53D9 		350 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f200:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e433559fd43eb30dbc17d639eb7686547d3e7f19b78b349ad8c5fb31fe5b53d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
z52NyqJ_hn6tyPqSbaqcyIIjgKsL9qXm
content-encoding
br
last-modified
Tue, 12 Apr 2022 14:45:53 GMT
server
AmazonS3
age
75946
etag
W/"df0691b8072c2a69923c0f3c4d7d8039"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
date
Sat, 16 Apr 2022 00:36:56 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
3t12rNrLbj0tw5MEEg0J99EGvJMmxBFLe-66AlAZ5hwN1H97h_r5lQ==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ Frame 53D9 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 20:41:28 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-31c24-5db4d56343065"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=82337
accept-ranges
bytes
content-type
text/javascript
content-length
63950
expires
Sun, 17 Apr 2022 20:34:58 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame 53D9 		71 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cb4b91714c9ed8f644ab9e033a9516c9423ff5ce44f5727780c5e5b5de2dd1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:41 GMT
Content-Encoding
gzip
Age
723
X-Cache
HIT
Connection
keep-alive
Content-Length
17270
x-amz-id-2
vrPOT+vXiAELMw+2Q+g9Xfc/oXvOHI8tHTg4QKty9TE4FrB+mK8ApCxhjCFqatfmt2Pla808Oh4=
X-Served-By
cache-hhn4026-HHN
Last-Modified
Sat, 16 Apr 2022 20:18:24 GMT
Server
AmazonS3
X-Timer
S1650145361.112959,VS0,VE0
ETag
"0132cf4f8906cd654602caf49ace79aa"
x-amz-request-id
46NZ9HXZ1XPVHTJ3
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
25
/
geoip.insticator.com/json/ Frame 08DC 		210 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.20.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-20-6.compute-1.amazonaws.com
Software
/
Resource Hash
e3a9cf322cb19945de4c50329a80acd3a1b06dce6ab8bc822d01de0dc76584ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sat, 16 Apr 2022 21:42:41 GMT
access-control-allow-credentials
true
x-database-date
Sat, 16 Apr 2022 16:06:53 GMT
content-length
210
vary
Origin
content-type
application/json
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ Frame 08DC 		350 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f200:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e433559fd43eb30dbc17d639eb7686547d3e7f19b78b349ad8c5fb31fe5b53d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
z52NyqJ_hn6tyPqSbaqcyIIjgKsL9qXm
content-encoding
br
last-modified
Tue, 12 Apr 2022 14:45:53 GMT
server
AmazonS3
age
75946
etag
W/"df0691b8072c2a69923c0f3c4d7d8039"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
date
Sat, 16 Apr 2022 00:36:56 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
l07aeVQzN1taawRmLTUSL2XJBXVFerWWwPfG7lb1stdIxMq_RuxZiw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ Frame 08DC 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 20:41:28 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-31c24-5db4d56343065"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=82337
accept-ranges
bytes
content-type
text/javascript
content-length
63950
expires
Sun, 17 Apr 2022 20:34:58 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame 08DC 		71 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cb4b91714c9ed8f644ab9e033a9516c9423ff5ce44f5727780c5e5b5de2dd1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:41 GMT
Content-Encoding
gzip
Age
723
X-Cache
HIT
Connection
keep-alive
Content-Length
17270
x-amz-id-2
vrPOT+vXiAELMw+2Q+g9Xfc/oXvOHI8tHTg4QKty9TE4FrB+mK8ApCxhjCFqatfmt2Pla808Oh4=
X-Served-By
cache-hhn4026-HHN
Last-Modified
Sat, 16 Apr 2022 20:18:24 GMT
Server
AmazonS3
X-Timer
S1650145361.133008,VS0,VE0
ETag
"0132cf4f8906cd654602caf49ace79aa"
x-amz-request-id
46NZ9HXZ1XPVHTJ3
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
26
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 3BD4 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 22:47:37 GMT
x-content-type-options
nosniff
age
341704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Apr 2023 22:47:37 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 0482 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 22:47:37 GMT
x-content-type-options
nosniff
age
341704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Apr 2023 22:47:37 GMT
all
csm.eu.criteo.net/ Frame 9B42 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=yQf3JHDw8wNanMxebOZxs3g5m1Xbx_a0OGgLzMaEky9OCTEZ5gij39dbwU7hGpMyp1xz2N6P-SgfsfK4Seos6CPeZby5NAlHYztFO2aA-mWzOgbwJ_QRgX10waEOiRaLwOfSPvHVhSpNRAbUEZRyMWxZlbAZsMQZhaUVzZns0e_6pDeUaXK1N-rxZeJ5VTVGeZZA1610qI_uNeu06UE-yXvGnRPRqwGq8D30L0fflcx_bus5Db90WFvbyaRTBMAxfUukg8j14O_69b5G&sds=2&rev=81123&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJkEKiwjSAAen_PFURH3zeERYBKZobw&u=%7CH1LL%2FjjDGhFZD96MiOPNE9qZR15UUuX4eSYYiKVkzJo%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnd6kEB97FJX7W25m7jsdXAEqDx-eWRlibZJf_knYhN74na8EgygqAGI0nfaqh7IUnE-1sMfE2KssYEPZccHveEAfPv1HOM5bdWmYflnvg9-hWGOrhJIofTY8Ahpzis0hT3Fwx2_p1R9fnhi8LBUCOv_GXn9I7bcIjz1Tcm4pdQWZOMyw_XKvVwlIC_CwCUUQ9FJ3yfz_fBm3iaDJ6dYOwLBW1C3slYInvFy1Y3N_fV3VMycii2Hv9qAbpyX-HqmgR2G6UxMSJ7xezdcHMof1rDKi7Tz2VVL25F-bHJTGzAEGvdIxaEtD41rhtctSZKDAtAxdMtZcThiB_N3_OF63sqyleq-smEoY0u7QZUOAp7mp2J3PEVhoM6IdVg3pEtXzcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UaxTThbYsHMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSQAk_QdcaB-Q9ghtqHGfRpZJVf5EjbrGd8h4shEYQLHm2V48obRDI6CJjYGOKMv5DqGNzFcoXSXe07GmC8KIDEwDT9j4tICYOWebZuCCtHxdri0TUhALjcoAZaxmVpN3dU8uSuQdLJzCrs7zEtGOp_7Szh3jBVTl-Pns7CXyZrFdPf6T3O2Fe80uOmjc96Stz-gMlfVjU2FX5R90knECXqStbveJJkc1GyW8qOIzPZSZ4wzA-IAS834kWM4Fhw-kL2XEZhjfYt-fgHF8RrLUy8gRXcM9Jkbn6SLH6NfwsdGL7pWW6nsVt7-YSJ9sNp37f6rp-GPzfYxap5S_cbTMcZD_P7jJMZ9KvYy5pPiweWozp64AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xv5U0J7iil2KXN8bJM8KvTN0IUA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 16 Apr 2022 21:42:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9B42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJkEKiwjSAAen_PFURH3zeERYBKZobw&u=%7CH1LL%2FjjDGhFZD96MiOPNE9qZR15UUuX4eSYYiKVkzJo%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnd6kEB97FJX7W25m7jsdXAEqDx-eWRlibZJf_knYhN74na8EgygqAGI0nfaqh7IUnE-1sMfE2KssYEPZccHveEAfPv1HOM5bdWmYflnvg9-hWGOrhJIofTY8Ahpzis0hT3Fwx2_p1R9fnhi8LBUCOv_GXn9I7bcIjz1Tcm4pdQWZOMyw_XKvVwlIC_CwCUUQ9FJ3yfz_fBm3iaDJ6dYOwLBW1C3slYInvFy1Y3N_fV3VMycii2Hv9qAbpyX-HqmgR2G6UxMSJ7xezdcHMof1rDKi7Tz2VVL25F-bHJTGzAEGvdIxaEtD41rhtctSZKDAtAxdMtZcThiB_N3_OF63sqyleq-smEoY0u7QZUOAp7mp2J3PEVhoM6IdVg3pEtXzcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UaxTThbYsHMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSQAk_QdcaB-Q9ghtqHGfRpZJVf5EjbrGd8h4shEYQLHm2V48obRDI6CJjYGOKMv5DqGNzFcoXSXe07GmC8KIDEwDT9j4tICYOWebZuCCtHxdri0TUhALjcoAZaxmVpN3dU8uSuQdLJzCrs7zEtGOp_7Szh3jBVTl-Pns7CXyZrFdPf6T3O2Fe80uOmjc96Stz-gMlfVjU2FX5R90knECXqStbveJJkc1GyW8qOIzPZSZ4wzA-IAS834kWM4Fhw-kL2XEZhjfYt-fgHF8RrLUy8gRXcM9Jkbn6SLH6NfwsdGL7pWW6nsVt7-YSJ9sNp37f6rp-GPzfYxap5S_cbTMcZD_P7jJMZ9KvYy5pPiweWozp64AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xv5U0J7iil2KXN8bJM8KvTN0IUA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9B42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJkEKiwjSAAen_PFURH3zeERYBKZobw&u=%7CH1LL%2FjjDGhFZD96MiOPNE9qZR15UUuX4eSYYiKVkzJo%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnd6kEB97FJX7W25m7jsdXAEqDx-eWRlibZJf_knYhN74na8EgygqAGI0nfaqh7IUnE-1sMfE2KssYEPZccHveEAfPv1HOM5bdWmYflnvg9-hWGOrhJIofTY8Ahpzis0hT3Fwx2_p1R9fnhi8LBUCOv_GXn9I7bcIjz1Tcm4pdQWZOMyw_XKvVwlIC_CwCUUQ9FJ3yfz_fBm3iaDJ6dYOwLBW1C3slYInvFy1Y3N_fV3VMycii2Hv9qAbpyX-HqmgR2G6UxMSJ7xezdcHMof1rDKi7Tz2VVL25F-bHJTGzAEGvdIxaEtD41rhtctSZKDAtAxdMtZcThiB_N3_OF63sqyleq-smEoY0u7QZUOAp7mp2J3PEVhoM6IdVg3pEtXzcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UaxTThbYsHMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSQAk_QdcaB-Q9ghtqHGfRpZJVf5EjbrGd8h4shEYQLHm2V48obRDI6CJjYGOKMv5DqGNzFcoXSXe07GmC8KIDEwDT9j4tICYOWebZuCCtHxdri0TUhALjcoAZaxmVpN3dU8uSuQdLJzCrs7zEtGOp_7Szh3jBVTl-Pns7CXyZrFdPf6T3O2Fe80uOmjc96Stz-gMlfVjU2FX5R90knECXqStbveJJkc1GyW8qOIzPZSZ4wzA-IAS834kWM4Fhw-kL2XEZhjfYt-fgHF8RrLUy8gRXcM9Jkbn6SLH6NfwsdGL7pWW6nsVt7-YSJ9sNp37f6rp-GPzfYxap5S_cbTMcZD_P7jJMZ9KvYy5pPiweWozp64AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xv5U0J7iil2KXN8bJM8KvTN0IUA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame C2BD 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
782
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0FC6XHPBM8Y2Q084422A
date
Sat, 16 Apr 2022 21:29:43 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
8GGs9NKWdTGVx4ivz6Ko2iU3oTvLF_cXsY0ma5-R0nMXDppkdC99XA==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 15CB 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
782
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0FC6XHPBM8Y2Q084422A
date
Sat, 16 Apr 2022 21:29:43 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
yqkSunam744X3YYaZkr_X6DAtU0ESA_SbxdQXjAGPJkanuBO5nbWvg==
activeview
pagead2.googlesyndication.com/pcs/ Frame 0731 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHKopzpWKpPY7OH0fRNILi7XWzB7QES4scWwhfxu7HUYNxuRxC3qoZPvH-jY3nzoye98uCDUH5wt7JmXdsvPPuc_IJine1hlKVrRGMVPROTnLJ1ztz&sig=Cg0ArKJSzAeT8ca-eUmGEAE&id=lidar2&mcvt=1097&p=336,436,426,1164&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&v=20220413&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=776454535&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650145360413&rpt=1349&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 0BC5 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 18:31:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
11484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Apr 2023 18:31:17 GMT
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 29AB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 18:31:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
11484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Apr 2023 18:31:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2B2F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHBzObrPVPInQxDBrZrmqnjwnNiy5kLVlxO0IKXeaOBXkTTp0QyqPg5fkj_15SacUDMDBDafTP082H9f6J82X4MbtRIhRKqXy8OwkSWQqdCcV5M3vL&sig=Cg0ArKJSzORle52Q9Z43EAE&id=lidar2&mcvt=1080&p=493,1161,743,1461&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20220413&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=713581990&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650145360634&rpt=1259&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0073 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
237339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pc5xQWoX6x%2BNqDuBXL0%2FL5zLvMP9as4oBiIbItdiP2%2BxHFp5Kxv%2Fz8qgxVMJOHBQmWzAbXxSPB27mvnUy7dInxnZIJyyH6UekL8SgKXTEMA9KMywTnLrTHmALeg5oo2EqoWY5tQ5o271CZDNjBOkkWB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fd0179cfd5f0219-ZRH
expires
Thu, 06 Apr 2023 21:42:41 GMT
animejs.js
static.criteo.net/animejs/ Frame 0073 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
img
pix.eu.criteo.net/img/ Frame 0073 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=78767&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F78767%2F201120%2F234dc9f6e5d64670b63e428d7e0dd444_logo_all_horizontal-cotosen.png&v=3&w=256&s=sQLloKf244P_RyL4H6H5IloB
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
72ebdf933f58e4d763ca91b8b9e05c09745f7a86ec52f7af46cc42498e0311fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28867653
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
13613
expires
Fri, 17 Mar 2023 00:30:15 GMT
img
pix.eu.criteo.net/img/ Frame 0073 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=78767&q=80&r=0&u=https%3A%2F%2Fups.aopcdn.com%2Fs30885%2Fgoods%2F18990%2F1437uaf1b44f94b19442e9dbb24e67b5b26a1.jpg%40%21h900-w900&v=3&w=800&s=78fAGkcDi3ga6XfOUkPrnHrP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
70cb3941a36929cbffbacadc6a313051fc65474cc7bc1ccc91156c5e6ae185c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1391743
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6934
expires
Tue, 03 May 2022 00:18:25 GMT
img
pix.eu.criteo.net/img/ Frame 0073 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=78767&q=80&r=0&u=https%3A%2F%2Fups.aopcdn.com%2Fs30885%2Fgoods%2F19055%2F-2u85c896b2b1f845fe952021ea50589d4c.jpg%40%21h900-w900&v=3&w=800&s=96c4noY8zdJ3ZOv57Ag81Avs&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4dab582b3815ee8db6e755ce2664564977a02b443401c36de65033c6779808ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1672372
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11758
expires
Fri, 06 May 2022 06:15:34 GMT
img
pix.eu.criteo.net/img/ Frame 0073 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=78767&q=80&r=0&u=https%3A%2F%2Fups.aopcdn.com%2Fs24731%2Fgoods%2F18813%2F1010u33d3a6dd9604488b8bde8a234245425f.jpg%40%21h900-w900&v=3&w=800&s=0TIRS_CNfSZmAhwiklNtCZRC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c7d3b06695597052a85cd5b46e5e6ec38831dbb1ce9d6eb42a9858513321606b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=219716
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
20056
expires
Tue, 19 Apr 2022 10:44:38 GMT
img
pix.eu.criteo.net/img/ Frame 0073 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=78767&q=80&r=0&u=https%3A%2F%2Fups.aopcdn.com%2Fs30885%2Fgoods%2F18997%2F-2ufe94c62ce76445c4a1244d14089c592c.jpg%40%21h900-w900&v=3&w=800&s=8KTosFLkMYY9pv6rMTdGW2P5&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
acf081d72afefbf443516e182ee644e04662e17c9381123ccaf60ef8db66f425
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2023742
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
29144
expires
Tue, 10 May 2022 07:51:43 GMT
all
csm.eu.criteo.net/ Frame 0073 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=NdhZA3Dw8wNanMxeVYfrzL__5bagbNoxO_n2CcSvrj9AwJ7UhfgtnEi0mJ_pRC96LHZafEGCsp5cUaMlPpI_ZnCAUUksiSNDv-y1W1wlSJB-bEN3C2yklKRhk6ve9B0UDMxVTxdGxO1vpScSzzCk4ipZzphIdp_xwtSH4bV8fUqyxhE_bugF7tPAITSbFVeOesHuM6S-72a0qmFZvcG5oK3pFLmqOAj1-6g6400J8Hacc_TLSg6-W_BuN81XnmB5tf0pWg&sds=2&rev=81123&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 16 Apr 2022 21:42:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0073 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0073 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjoKiwjSAAen_J4m-I2nBhrRWtd0TQ&u=%7CH1LL%2FjjDGhEnEwDwwHy5LTbiK5ROe9cHFGj1uCWvPFs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGUeqqFrJW8ab2eZbIHZ0MIqWzi5x02grsmo8M3Ytq7xaMleNDeVbLSC14debTgnu_jI41NYvONJcxawHbWgxhlN-IDBOqqb97jsYcG5EsQv13wDB21ofhy2xoxQt4QQEivBGI9pzGTt8xi9Xu3Rt4IgX020uhgK_luwJ_ikBtLjKCOO79iwBb3jNvcqy_qW51djfWn_K4DQC6KAggJ58Yct0S1SFcRb8IEIJnj64jhNcAYPrVHUECxp8BTW0ajqlexIVt5My3PPXRUbcpNMPptWTHw_5yGujkaaxs4LSpJmXxp_mOgCHHKYZlpqNa_rX3EFjLrZ3_oNjMD814njANJM0dv9hR3e1zaSJsl4er-Qgrivyi0Fnp43&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf-_-TThbYrrMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_QWv2iR0kKg1kxQEwBvxm-LsUz6-dQzHhdKNXSoEmq5WU1_dl0W9jHBG7o86LZPGtPg3M9zGymqnJKl2PeNLGK9MFNBLAftmk1kvtakes8vXJW7w5p3t40FuujjIVQD1FNu-NXbroGrc5bMJ_LEWm79LzXgqI8b_5HNi_tErHIFytaHqdTHsp2wVtBHWrjN4iW51-g4Ive2sgL_n2Dz-QHNN9PyEX5szDK0mNENNN-fP3WEJFoOEBOSzHBVJtfHbbG2pGrgKXRcpmYnHC5EdYAiyQRweaUyMuVSL0YeLCKfuTeqKgIBMRoehqVY9HD3VERkqzwWt9_2kgv2Vrq3QlBugXcb1PZpr_N4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Gq-8mtWrTdgMhDPlWlgMnjUG-Yw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E7E6 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
237339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puusBOUPc6HwLEEheNQ5JRZcnAuZ7Wc6Kb8htloPL3jmINk2WT8INAUP9bc%2FSVTqEclPXDh1z5SH1KciLLJ%2BaNcs9Bhla8z6dki4y2fQ0Ej3%2FyMxQYhvV2jFkkZoW7t6mrYIXIjDqX2yLcsZxVhVLXuR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fd0179d6de40219-ZRH
expires
Thu, 06 Apr 2023 21:42:41 GMT
animejs.js
static.criteo.net/animejs/ Frame E7E6 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
img
pix.eu.criteo.net/img/ Frame E7E6 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=78767&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F78767%2F201120%2F234dc9f6e5d64670b63e428d7e0dd444_logo_all_horizontal-cotosen.png&v=3&w=256&s=sQLloKf244P_RyL4H6H5IloB
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
72ebdf933f58e4d763ca91b8b9e05c09745f7a86ec52f7af46cc42498e0311fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28867653
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
13613
expires
Fri, 17 Mar 2023 00:30:15 GMT
img
pix.eu.criteo.net/img/ Frame E7E6 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=78767&q=80&r=0&u=https%3A%2F%2Fups.aopcdn.com%2Fs30885%2Fgoods%2F18990%2F1437uaf1b44f94b19442e9dbb24e67b5b26a1.jpg%40%21h900-w900&v=3&w=800&s=78fAGkcDi3ga6XfOUkPrnHrP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
70cb3941a36929cbffbacadc6a313051fc65474cc7bc1ccc91156c5e6ae185c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1391743
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6934
expires
Tue, 03 May 2022 00:18:25 GMT
img
pix.eu.criteo.net/img/ Frame E7E6 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=78767&q=80&r=0&u=https%3A%2F%2Fups.aopcdn.com%2Fs24731%2Fgoods%2F18813%2F1010u33d3a6dd9604488b8bde8a234245425f.jpg%40%21h900-w900&v=3&w=800&s=0TIRS_CNfSZmAhwiklNtCZRC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c7d3b06695597052a85cd5b46e5e6ec38831dbb1ce9d6eb42a9858513321606b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=219716
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
20056
expires
Tue, 19 Apr 2022 10:44:38 GMT
img
pix.eu.criteo.net/img/ Frame E7E6 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=78767&q=80&r=0&u=https%3A%2F%2Fups.aopcdn.com%2Fs49186%2Fgoods%2F19046%2F-2u14074954b18c494d93a97b31e27e323b.jpg%40%21h900-w900&v=3&w=800&s=6IyaVzunueMktyaiEKRFnfgQ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b6a1cb7af8a626339a45d22b7a0bdc6e5e6570aff1e8313680e49fcdc21dd574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=900606
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
18566
expires
Wed, 27 Apr 2022 07:52:48 GMT
img
pix.eu.criteo.net/img/ Frame E7E6 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=78767&q=80&r=0&u=https%3A%2F%2Fups.aopcdn.com%2Fs30885%2Fgoods%2F19054%2F-2u321fa3d8ded7426a8cf335859963fbf7.jpg%40%21h900-w900&v=3&w=800&s=CnwcUeyFZ-O_0S-gdHpaq5BY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fe1a5473e791b4aaed27438fa858042b0b36559825eed55d71a201dceb4dafec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1565165
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
22048
expires
Thu, 05 May 2022 00:28:47 GMT
img
pix.eu.criteo.net/img/ Frame E7E6 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=78767&q=80&r=0&u=https%3A%2F%2Fups.aopcdn.com%2Fs24748%2Fgoods%2F18969%2F-2u75835b5dcb884c1f80a56b85b233f52b.jpg%40%21h900-w900&v=3&w=800&s=MY0vWplwWy2xinZiG1dHHlek&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9877f1bcdef2a8242574907bf67bdb73dcc74b537ed54ee439a89efcce63534e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2277394
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
22870
expires
Fri, 13 May 2022 06:19:16 GMT
img
pix.eu.criteo.net/img/ Frame E7E6 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=78767&q=80&r=0&u=https%3A%2F%2Fups.aopcdn.com%2Fs30885%2Fgoods%2F18607%2F1082uf4dd375dc662401b988a1d887a159d37.jpg%40%21h900-w900&v=3&w=800&s=_-pQvjDkw59JWQ5KrKkXhM68&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9ba86aff81024b35b285cc52b66be13441a0ed20cdec37f2c7d3af507681a6a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2259971
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8378
expires
Fri, 13 May 2022 01:28:53 GMT
img
pix.eu.criteo.net/img/ Frame E7E6 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=78767&q=80&r=0&u=https%3A%2F%2Fups.aopcdn.com%2Fs30222%2Fgoods%2F19051%2F109uf60494f26e1b408c92802877f327f418.jpg%40%21h900-w900&v=3&w=800&s=HJ3Jw0aWUVdzm5v6nHvJG3Jy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c7499cc0a4079d0d9aa9910c5f8fbedcb21abbc4688bd104ad91894ffddda16a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1370910
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
24262
expires
Mon, 02 May 2022 18:31:12 GMT
all
csm.eu.criteo.net/ Frame E7E6 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=PD_f7HDw8wNanMxez0iZQ1BZrYkxEZ1d_LhpmjqWN83xSrEfJQV1Yzix2mq9jHlkgy3Wh030PnpswyiMMpmyVbsPHZO1b3-k25apNa8Dd2y-wZvLu4NfmqaQRmAsIqjMmGQ7H_1Rp7XXBEKpe9V89NZJe-WogKXfSEYQw36F1blnLIP-GDr0s-L0CpNT9fvCsR9WqkvII5se5YDfUZ5hzxL6jSkf-cqimFCeeTUMPwaCQe6X3r0syZlM3jxTcfU0Y5k_MQ&sds=2&rev=81123&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 16 Apr 2022 21:42:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E7E6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E7E6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4TQAMJjsKiwjSAAen_EgSzqQgO3P1JgTnaw&u=%7CH1LL%2FjjDGhHNSdngmRXalGLk0dVZq8QB54%2BaX0x77gA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdNqy3fW6eEjwCtOi9r04IGWYlzdErFjgYO6uqiB4v8TRa2oTeC-5aUjlmSDVaOCQeR7WL1jDemt1T83ISd-3LxmAdkLhf0S7kEcnk4Daigke92twqXN640jPf9TYYiulPGKE14k5TSvFsZPa-JZVEXgRSGEhtfHJOpxUBlTDISPEKHKc7ZZphJh-R1zEQfRtYiO5jKXF1fAZMxvgwYnpspkb06ra4IWQjh0RfnaVUJ9h7Q6HyWRUSXDO-zFPwJ9lKmRWfZbMVDvWOu3b2c7Y4C_Lw0qREgdb-FHka2tZnOgk9g77jh0o-Y3nq93aM6znS9jdXScp2-BjytlNb0QUXcum4VqLP-5_8qHmRnKSKQn-O_2_OFkES7eK4BdglhAR6Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtGciTThbYrvMMNKRrAT8z56IDcme0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSKAk_Q2_710ZO2MuJlJS07PjiOAggd_7wzSI6wNlOp6CxEat1vQ40seVJlk9YUV1SxfB9ZsUfQ8w5APtyoT4afHBSoY5MHk5SKXVudaWQQ4r2TbKJ1tk7rmy54WUTkNCYd5Qy54SktK9jfuwU8HQqTvL-IiU5Ki-yqrzkqQV8BUMWDIoKr-q9U9XQnJ2Dm_KoN2J82BSDh60-MIOOse-_SHqXFd5ATBgJ9kvIz9uamlPu7W2tK3boJnskhcebnWVBuDHGpAmdzyzgaOg0u3oZAm0L5U63a7wbaeMw3OfZkVgDHeRrzc7JTQtsY6O2spNSLwLorAF5-7GiPrREsqDzYHcMJO3DkThxbn1aC4AQBgAbK3P7N9eDvnOoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Dijxp1bWMOqHiz8mcVuRP-rSvAA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:41 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/ Frame 53D9 		192 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:41 GMT
Content-Encoding
gzip
Age
590
X-Cache
HIT
Connection
keep-alive
Content-Length
62535
x-amz-id-2
Yk686UX3tf+sfw6s00j+izfI0JrqyGDELTeuED0o6vdJRolZ5EiShW+T+zVfuBcB3LCtNA9qHNs=
X-Served-By
cache-hhn4026-HHN
Last-Modified
Tue, 29 Mar 2022 15:47:05 GMT
Server
AmazonS3
X-Timer
S1650145362.602659,VS0,VE0
ETag
"52d00808545427ec106d5efaf477f68a"
x-amz-request-id
9PNTNSCKC5Z77DFH
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1571
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=8HxPSV9EYTJGZndZdVo2VklTcldhR3VwbkVjOUtOMGNUYnZNUTRMakd1b0pBaFR2bGFnaTFUaXpwaVlvNFBSRG5sOU9HVlBLbjJtczVUMTZrSU5yWjZ0cExkRWJTWFI4RDhVWlkxY3ZDZWFhR1RhQXBUJTJCaDQzdkNMVmZ0SEtRTVVXJTJGMFU&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 16 Apr 2022 21:42:40 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1709
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 53D9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=8HxPSV9EYTJGZndZdVo2VklTcldhR3VwbkVjOUtOMGNUYnZNUTRMakd1b0pBaFR2bGF...
  • https://mug.criteo.com/sid?cpp=T0O0nXxBRHR4dmo1NVhVaWp5ekg0dVpGalJLZnlVY3RKaGM0ZDNNQlcwYVRwUWdXanFJRjlsU0dMNXZOc2dJU0ZJa3ltMnR5UGhLVENxTnh3MTBxbmZvSkF3VUhoZ2Q4OWxGaWZDc2NmYzZMSGJmTGJ1aHBQSDEyTFF1Ul...
352 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=T0O0nXxBRHR4dmo1NVhVaWp5ekg0dVpGalJLZnlVY3RKaGM0ZDNNQlcwYVRwUWdXanFJRjlsU0dMNXZOc2dJU0ZJa3ltMnR5UGhLVENxTnh3MTBxbmZvSkF3VUhoZ2Q4OWxGaWZDc2NmYzZMSGJmTGJ1aHBQSDEyTFF1UldKM0pzSVlQNzZsR01SMC91d21FOWQwbkJhenVsWS95Ym9oUXNDSFVIUWF4a3ZxcG1JQ1NQYTFNYWszNUJpSnpaMUViZ1FmdzhmVHRtSC9QRXJycVM2cFFrellkQk5nZzRQbDdEMWtOMVNzOGU5bU5Tei8yVTY2cHFoVnJ6WHZkZytDWUowZUh4eldwT3oyUjZ0ajNWUmZCbGd4L0Vqdz09fA&cppv=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ac03139c9a76863f84e67d3ec0b8bf2379d66ec51230c6726cb9510d077bae32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4385
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:41 GMT
location
https://mug.criteo.com/sid?cpp=T0O0nXxBRHR4dmo1NVhVaWp5ekg0dVpGalJLZnlVY3RKaGM0ZDNNQlcwYVRwUWdXanFJRjlsU0dMNXZOc2dJU0ZJa3ltMnR5UGhLVENxTnh3MTBxbmZvSkF3VUhoZ2Q4OWxGaWZDc2NmYzZMSGJmTGJ1aHBQSDEyTFF1UldKM0pzSVlQNzZsR01SMC91d21FOWQwbkJhenVsWS95Ym9oUXNDSFVIUWF4a3ZxcG1JQ1NQYTFNYWszNUJpSnpaMUViZ1FmdzhmVHRtSC9QRXJycVM2cFFrellkQk5nZzRQbDdEMWtOMVNzOGU5bU5Tei8yVTY2cHFoVnJ6WHZkZytDWUowZUh4eldwT3oyUjZ0ajNWUmZCbGd4L0Vqdz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2113
content-length
541
expires
0
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ Frame 53D9 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-91.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d71e8cbdb53102b681f51bb059059ea3eb93148b75426a076f6c9206620b1008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 02:14:33 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 10:50:53 GMT
server
AmazonS3
age
70089
etag
W/"25bd9a6d37c4f9fe771763986ea8b6cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
EGQWlQ.lK.8OAVRMOQEmijL6oEDuzu3E
via
1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
text/javascript
x-amz-cf-id
ogbcBBfKSAmso3W8q7O9YsnxsuYVxAc3dw0D2oIIZA5RJpNwjlVGRw==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/ Frame 08DC 		192 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:41 GMT
Content-Encoding
gzip
Age
590
X-Cache
HIT
Connection
keep-alive
Content-Length
62535
x-amz-id-2
Yk686UX3tf+sfw6s00j+izfI0JrqyGDELTeuED0o6vdJRolZ5EiShW+T+zVfuBcB3LCtNA9qHNs=
X-Served-By
cache-hhn4026-HHN
Last-Modified
Tue, 29 Mar 2022 15:47:05 GMT
Server
AmazonS3
X-Timer
S1650145362.626086,VS0,VE0
ETag
"52d00808545427ec106d5efaf477f68a"
x-amz-request-id
9PNTNSCKC5Z77DFH
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1572
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 53D9 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
607621318571f4c48784c196784133fb7ea6db9c1ad3fb28deac95d17d91883f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28546
x-xss-protection
0
server
sffe
etag
"1189 / 406 of 1000 / last-modified: 1650060417"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 16 Apr 2022 21:42:41 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=8HxPSV9EYTJGZndZdVo2VklTcldhR3VwbkVjOUtOMGNUYnZNUTRMakd1b0pBaFR2bGFnaTFUaXpwaVlvNFBSRG5sOU9HVlBLbjJtczVUMTZrSU5yWjZ0cExkRWJTWFI4RDhVWlkxY3ZDZWFhR1RhQXBUJTJCaDQzdkNMVmZ0SEtRTVVXJTJGMFU&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 16 Apr 2022 21:42:41 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1603
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 08DC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=8HxPSV9EYTJGZndZdVo2VklTcldhR3VwbkVjOUtOMGNUYnZNUTRMakd1b0pBaFR2bGF...
  • https://mug.criteo.com/sid?cpp=sPGY4XxjaG5ML2FYdjR0aS9mZ0M4TlcrbmlCUno1WmhzVmppbS9MNFZtdWFhM1VxeklPUVZweW1vUjRZSEVFTk1DYjJpSnFyMEY4QXJrRlgxUnozd0x4aTNvSzRKNTRNd000ajVyMjBkMUFGS1ZsVE5weVFGTDNXNjdGeD...
350 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=sPGY4XxjaG5ML2FYdjR0aS9mZ0M4TlcrbmlCUno1WmhzVmppbS9MNFZtdWFhM1VxeklPUVZweW1vUjRZSEVFTk1DYjJpSnFyMEY4QXJrRlgxUnozd0x4aTNvSzRKNTRNd000ajVyMjBkMUFGS1ZsVE5weVFGTDNXNjdGeDZYaVFKOHNoL1NCQTBzTHUzdzFDRE9HQ0VoNkhFNjZYOFpLWFc1TlI4YzVWbTZJekF3NmFpQVNUQkpkSVhiYzQwdEoxWEhiOHFlSVhZYXpPOUNLUnhNdHJ3M3g5dWhkdXZWd3YwZ0hzazFlTGRZc0w4NVZXQTAxMTF1QUoyZkc0RDBOMDNIU2FDQU5SVTRobWNPZzZRWDBEd1Z0S1lnQT09fA&cppv=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f94c0cf4ee6b520a79f91ad3deca4efe2c83ec5f82bcc40f4d53179ff9d7e0eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:40 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2384
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:41 GMT
location
https://mug.criteo.com/sid?cpp=sPGY4XxjaG5ML2FYdjR0aS9mZ0M4TlcrbmlCUno1WmhzVmppbS9MNFZtdWFhM1VxeklPUVZweW1vUjRZSEVFTk1DYjJpSnFyMEY4QXJrRlgxUnozd0x4aTNvSzRKNTRNd000ajVyMjBkMUFGS1ZsVE5weVFGTDNXNjdGeDZYaVFKOHNoL1NCQTBzTHUzdzFDRE9HQ0VoNkhFNjZYOFpLWFc1TlI4YzVWbTZJekF3NmFpQVNUQkpkSVhiYzQwdEoxWEhiOHFlSVhZYXpPOUNLUnhNdHJ3M3g5dWhkdXZWd3YwZ0hzazFlTGRZc0w4NVZXQTAxMTF1QUoyZkc0RDBOMDNIU2FDQU5SVTRobWNPZzZRWDBEd1Z0S1lnQT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2044
content-length
541
expires
0
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ Frame 08DC 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-91.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d71e8cbdb53102b681f51bb059059ea3eb93148b75426a076f6c9206620b1008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 02:14:33 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 10:50:53 GMT
server
AmazonS3
age
70089
etag
W/"25bd9a6d37c4f9fe771763986ea8b6cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
EGQWlQ.lK.8OAVRMOQEmijL6oEDuzu3E
via
1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
text/javascript
x-amz-cf-id
9gLGYprY3w6TAUAOyL0ubcyeUtuTLewihZct09WAEtsaALlfFwIMJQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame C2BD 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e4e330b75bce30e11721b1a4d4afc02a6ec19bd2b9c9e5cf8106ad097e402b8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:07:26 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server
Server
age
2114
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
content-length
1945
x-amz-cf-id
I6HQneu3Q41PY3yXxJvDu50E6ZDlgRHNQl_2cpqSbyJ_3aQ5ZIFxtQ==
bid
c.amazon-adsystem.com/e/dtb/ Frame C2BD 		23 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=EVyGwsI2VRrhn&cb=0&ws=0x0&v=7.75.0&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_728x90_1%22%7D%5D&cfgv=1&schain=1.0%2C1!insticator.com%2C0eda47e1-3a3f-4444-8ab9-a525f4133e8d%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
TZGC48XNQGBSHFBXZXVX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
kARbVS2w43uTi6VclgEh6CAaf0r42Vq9H8CGBGQ9j_oawQ-RdROmdA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame C2BD 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 03:40:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
64941
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
qBV8e-b38-Tr8A-DvYHRAfEwdkDpT8mwFVGeN_OvZzZ0wnJOErh_fA==
config
c.amazon-adsystem.com/cdn/prod/ Frame 15CB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e4e330b75bce30e11721b1a4d4afc02a6ec19bd2b9c9e5cf8106ad097e402b8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:07:26 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server
Server
age
2114
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
content-length
1945
x-amz-cf-id
01vkTK5dqO1hK3VT0_enfx4L3OblNTHgqMh-2n3szsxv8b1h-g-1Og==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 15CB 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 03:40:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
64941
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
jaRKGov9ZhwHUa3ju-hyfOXoRnr0GJ9kRE7Nq-XPXcbp9pKSSv5pSg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 08DC 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
607621318571f4c48784c196784133fb7ea6db9c1ad3fb28deac95d17d91883f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28546
x-xss-protection
0
server
sffe
etag
"1189 / 75 of 1000 / last-modified: 1650060417"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 16 Apr 2022 21:42:41 GMT
bid
c.amazon-adsystem.com/e/dtb/ Frame 15CB 		23 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=qqSsGVS5sDGR8&cb=0&ws=0x0&v=7.75.0&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_3%22%7D%5D&cfgv=1&schain=1.0%2C1!insticator.com%2C0eda47e1-3a3f-4444-8ab9-a525f4133e8d%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
S2T7MRD9CMDM3E7XKPCT
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
AGw2TuwGCb2MbG9w169LZ9r5x-jym6nv9GpEpNJoUACFPyocJGujOg==
ats.js
ats.rlcdn.com/ Frame C2BD 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
49036
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Sat, 16 Apr 2022 08:05:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/x-javascript
x-amz-cf-id
PUCecrgEjoDYt5QL7BxuitCLwbx1OOQm8wpdW6bF4zXiDK9evziQkw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame C2BD 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Sat, 16 Apr 2022 21:57:41 GMT
config.js
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ Frame C2BD 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
405b064828676a3169ad7b2477629478e200849f1d0e5663ffc4f183a6d6001c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:41 GMT
Content-Encoding
gzip
Age
3251
X-Cache
HIT
Connection
keep-alive
Content-Length
12095
x-amz-id-2
t4IBNAag/XnXGDENENYpo7vZxtoaxVV6D239wWWB/GDr0Ll5mT/q7NehO+usPEXG9TLl7WXxvx8=
X-Served-By
cache-hhn4026-HHN
Last-Modified
Sat, 16 Apr 2022 19:02:17 GMT
Server
AmazonS3
X-Timer
S1650145362.890598,VS0,VE0
ETag
"ba2834639015637566e6479e8225b52d"
x-amz-request-id
T22DEWQG7CDSV5QX
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
178
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame C2BD 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Sat, 16 Apr 2022 21:11:12 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
310837940
ats.js
ats.rlcdn.com/ Frame 15CB 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
49036
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Sat, 16 Apr 2022 08:05:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/x-javascript
x-amz-cf-id
FTwjbDlWdIr45AS3LPwpXibyyybDwtlyFlX_Nfzo_adQ1MXAxgNxBg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 15CB 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:41 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Sat, 16 Apr 2022 21:57:41 GMT
config.js
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ Frame 15CB 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
405b064828676a3169ad7b2477629478e200849f1d0e5663ffc4f183a6d6001c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:41 GMT
Content-Encoding
gzip
Age
3251
X-Cache
HIT
Connection
keep-alive
Content-Length
12095
x-amz-id-2
t4IBNAag/XnXGDENENYpo7vZxtoaxVV6D239wWWB/GDr0Ll5mT/q7NehO+usPEXG9TLl7WXxvx8=
X-Served-By
cache-hhn4026-HHN
Last-Modified
Sat, 16 Apr 2022 19:02:17 GMT
Server
AmazonS3
X-Timer
S1650145362.904593,VS0,VE0
ETag
"ba2834639015637566e6479e8225b52d"
x-amz-request-id
T22DEWQG7CDSV5QX
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
179
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 15CB 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Sat, 16 Apr 2022 21:11:12 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
310837940
css
fonts.googleapis.com/ Frame 0073 		5 KB
698 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
deeba1f14bea343d707fd5725a9dbcd7a9fe2d310f6361a95e24a90bb4d7665a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 20:09:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:41 GMT
css
fonts.googleapis.com/ Frame E7E6 		5 KB
698 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
deeba1f14bea343d707fd5725a9dbcd7a9fe2d310f6361a95e24a90bb4d7665a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 20:50:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Apr 2022 21:42:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Apr 2022 21:42:41 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=T0O0nXxBRHR4dmo1NVhVaWp5ekg0dVpGalJLZnlVY3RKaGM0ZDNNQlcwYVRwUWdXanFJRjlsU0dMNXZOc2dJU0ZJa3ltMnR5UGhLVENxTnh3MTBxbmZvSkF3VUhoZ2Q4OWxGaWZDc2NmYzZMSGJmTGJ1aHBQSDEyTFF1UldKM0pzSVlQNzZsR01SMC91d21FOWQwbkJhenVsWS95Ym9oUXNDSFVIUWF4a3ZxcG1JQ1NQYTFNYWszNUJpSnpaMUViZ1FmdzhmVHRtSC9QRXJycVM2cFFrellkQk5nZzRQbDdEMWtOMVNzOGU5bU5Tei8yVTY2cHFoVnJ6WHZkZytDWUowZUh4eldwT3oyUjZ0ajNWUmZCbGd4L0Vqdz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 16 Apr 2022 21:42:41 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1081
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=sPGY4XxjaG5ML2FYdjR0aS9mZ0M4TlcrbmlCUno1WmhzVmppbS9MNFZtdWFhM1VxeklPUVZweW1vUjRZSEVFTk1DYjJpSnFyMEY4QXJrRlgxUnozd0x4aTNvSzRKNTRNd000ajVyMjBkMUFGS1ZsVE5weVFGTDNXNjdGeDZYaVFKOHNoL1NCQTBzTHUzdzFDRE9HQ0VoNkhFNjZYOFpLWFc1TlI4YzVWbTZJekF3NmFpQVNUQkpkSVhiYzQwdEoxWEhiOHFlSVhZYXpPOUNLUnhNdHJ3M3g5dWhkdXZWd3YwZ0hzazFlTGRZc0w4NVZXQTAxMTF1QUoyZkc0RDBOMDNIU2FDQU5SVTRobWNPZzZRWDBEd1Z0S1lnQT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 16 Apr 2022 21:42:41 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1098
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pubads_impl_2022041201.js
securepubads.g.doubleclick.net/gpt/ Frame 53D9 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127945
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 08:36:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 16 Apr 2023 17:46:30 GMT
pubads_impl_2022041201.js
securepubads.g.doubleclick.net/gpt/ Frame 08DC 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127945
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 08:36:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 16 Apr 2023 17:46:30 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/ Frame 15CB 		192 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:42 GMT
Content-Encoding
gzip
Age
591
X-Cache
HIT
Connection
keep-alive
Content-Length
62535
x-amz-id-2
Yk686UX3tf+sfw6s00j+izfI0JrqyGDELTeuED0o6vdJRolZ5EiShW+T+zVfuBcB3LCtNA9qHNs=
X-Served-By
cache-hhn4026-HHN
Last-Modified
Tue, 29 Mar 2022 15:47:05 GMT
Server
AmazonS3
X-Timer
S1650145362.026318,VS0,VE0
ETag
"52d00808545427ec106d5efaf477f68a"
x-amz-request-id
9PNTNSCKC5Z77DFH
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1573
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v26/ Frame 0073 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v26/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:24:32 GMT
x-content-type-options
nosniff
age
213490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 06:16:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Apr 2023 10:24:32 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v26/ Frame 0073 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v26/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:24:32 GMT
x-content-type-options
nosniff
age
213490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12684
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 06:17:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Apr 2023 10:24:32 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v26/ Frame E7E6 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v26/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:24:32 GMT
x-content-type-options
nosniff
age
213490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 06:16:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Apr 2023 10:24:32 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v26/ Frame E7E6 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v26/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:24:32 GMT
x-content-type-options
nosniff
age
213490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12684
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 06:17:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Apr 2023 10:24:32 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/ Frame C2BD 		192 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:42 GMT
Content-Encoding
gzip
Age
591
X-Cache
HIT
Connection
keep-alive
Content-Length
62535
x-amz-id-2
Yk686UX3tf+sfw6s00j+izfI0JrqyGDELTeuED0o6vdJRolZ5EiShW+T+zVfuBcB3LCtNA9qHNs=
X-Served-By
cache-hhn4026-HHN
Last-Modified
Tue, 29 Mar 2022 15:47:05 GMT
Server
AmazonS3
X-Timer
S1650145362.052461,VS0,VE0
ETag
"52d00808545427ec106d5efaf477f68a"
x-amz-request-id
9PNTNSCKC5Z77DFH
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1574
activeview
pagead2.googlesyndication.com/pcs/ Frame 63AE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth1innSmdKxQXeHqsDwNyiw9ZODpFvHWUpe0Fz6yhEY_OF0ZBWFE2Y4V8U8VUmLKp5XAwlYUO3z2s8dwomz5WwkE8pcTTpyFYpAXDOAz76gIRn2hqddg&sai=AMfl-YRw-T_P2klHwIpqc9yJRnrVUIxux5WrFykKeDKin7tZfI56pQqtHfvoTGiSceAlNo0ti1XhDsaLPNqzMIVcVAGjqrwRRX1ZvW5oSGrgbg&sig=Cg0ArKJSzLREeyTnQ7t3EAE&cid=CAQSLgCNIrLMVefizmNq0hy0zAUdSGXBXZEQUHZW7drPfsw10GInFxYoQhtygVn55fY&id=ampim&o=1161,1085&d=300,100&ss=1600,1200&bs=1600,1200&mcvt=1050&mtos=0,0,1050,1050,1050&tos=0,0,1050,0,0&tfs=2112&tls=3162&g=100&h=100&tt=3162&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=4116631529
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 53D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcShHnQ9Na15HyWKTfJQG4dCivN1e-j0WgY98F4ypPFtq7cRBKruFPKVSNom9GGQAITrqfiVRYO8LzmHeXAiYch9C0WEmPIHP4UDwmMuEpUFvAwLFhCPg_9xAhr6EMb8i-XkKDobhnSCOUvqdOkQ3bHI_xt58nSbGudlOI1SzB2nrtmA-fN5ZdMbX5bnEkkxaNKJVv7qoVeMxDqohg2OQMbeJn82qmDeWrglEUCAIICNMVT_H8cRWmwF3ZbAY_h47ahj2et4h75RSwpTHapFriSzVkV4dRSYeuIAJgAarqO4PZ7SWpj0J4QH1bcmkTVf13aqs6Hr0&sai=AMfl-YRMJpdvi0Bm_0Y_N6Zu0lkT3xom2yzFxAY-pFEgwizkI7_EZg3Ql8z0Q67GWIYwsLm1huD82pSdfPRQWhDZCl8Zf--DWEzjEhzDj9WzYA&sig=Cg0ArKJSzE01KwlgBbmrEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 16 Apr 2022 21:42:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 08DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMBCmGtiiGEt2hxySTAjYR_g9eg-s-5wa_NJ-TxYNx4OJbyjT6SMvdc2HKNACrhvBZ6MMIJmP_NSl_OAXyoQ1xUetLCSmogotyWpXef0meHXJKYdW2W2-Nqz-4U_VdiLc2BBTmRvJ2XRcno6kh3Ip0_ZtIkOq-Mcdw0giKVVCvro-xhZnToJG7UWyCnjR4m5e7oOOLYLmBLJigzsO72ZqzOmsD5pX8-gMKEABGAwLsJYKThHXfAG03nL4IEWnMzjaNbh8wR6i-yYESmoW2qkbT5PCofBDoxcnmK2nNX8Jcx2H9fsN1RAsgcvK0PkM88F_ZRUPq0RDU&sai=AMfl-YRSPsR_zwHkxdXqsu3ZiNUDdE97IQ6KP7zAEHWSpLr9C8cM4SiHYXn9MWwCVfscYejYfNJEEDLoDGW_25fv5vMgD9sJHyMCbHXM9wpotw&sig=Cg0ArKJSzO1yxF8jTh65EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 16 Apr 2022 21:42:42 GMT
integrator.js
adservice.google.de/adsid/ Frame 53D9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 53D9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 53D9 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=52108502604653&correlator=932409926261362&eid=31065787%2C31062931&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=128770239&sfv=1-0-38&ecs=20220416&fsapi=false&prev_scp=h%3D21%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cust_params=ip%3D0%26he%3D0&sc=1&cookie=ID%3D93812bf541706c75%3AT%3D1650145357%3AS%3DALNI_MaOvyKbSukggtOb6fpZwRMq1FKr6A&cdm=www.staradvertiser.com&abxe=1&dt=1650145363875&lmt=1650145363&dlt=1650145360452&idt=3343&biw=1600&bih=1200&isw=728&ish=90&adxs=436&adys=1932&ucis=e22rbl5x4scn&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&top=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=2089291300.1650145357&ga_sid=1650145364&ga_hid=946872458&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
dfeeb5cf9c0221af7dd87c0a6396e8645f3a73679c47aef976a735c429a0d8f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11501
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 53D9 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bce1043a90649b2b48f68d0480d338349f9c5548ae5cee6f110abf10acff945f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10615
x-xss-protection
0
container.html
7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F56A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:42 GMT
expires
Sun, 16 Apr 2023 21:42:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 08DC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 08DC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 08DC 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3721424857747395&correlator=2171793558270765&eid=31063377%2C31067095%2C31061829%2C31062931&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2933112504&sfv=1-0-38&ecs=20220416&fsapi=false&prev_scp=h%3D21%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cust_params=ip%3D0%26he%3D0&sc=1&cookie=ID%3D93812bf541706c75%3AT%3D1650145357%3AS%3DALNI_MaOvyKbSukggtOb6fpZwRMq1FKr6A&cdm=www.staradvertiser.com&abxe=1&dt=1650145363889&lmt=1650145363&dlt=1650145360619&idt=3204&biw=1600&bih=1200&isw=300&ish=250&adxs=1161&adys=8130&ucis=cx3f7q7tieb7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&top=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=2089291300.1650145357&ga_sid=1650145364&ga_hid=934450444&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
3fbf983539e9ad5c26bb42d802b6a582eec8af6498a6e85dfd8e9c4ebe113176
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11923
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 08DC 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49413cc48f78b34219e4dc39751ee2ca656a37c02cd4772a52a7d3bb1df4e81f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10625
x-xss-protection
0
container.html
73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F896 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:42 GMT
expires
Sun, 16 Apr 2023 21:42:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 53D9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:42 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3BD4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CY1nYTThbYrXMMNKRrAT8z56IDYqYguNotJy5pN4OZBABILmOkB9gleKwgrgHoAGrzYT_A8gBCakCX_01J_cksj7gAgCoAwGqBJICT9DQe9sR7ogCIH9hTx0VC0IJsECxVmoPYI3Jx04nrGZesI1jOQ_7xjJfstsyVjB8srjVLvgmNqiC8jBX_CcC5XveFgz204MV9UAGLAQiCt7l_xsA8xOUY8mLMxeginQjFr5nRJP1-fokSY6BJY0kLbwWdlY6MrAF8qhh2xM-MXzIAXMqnBI4TyP_mkNzCH-dl-x1q4CHNC5idUjw6t_bUJQWi__pCok01cgN53CWgWUbkQKS52oYPtWyBjGdMM3B1M7PJWmWJRIT8hKmPeDNfoW-zpIXteQJBwnjcKuX3iBJBgGr0wVfHXIBIE1FxvaDDvvbGnPccpabSqRpBSSDylHrL0c6k7xnUWpZXZQXU6DYjcAE_a7IxOUD4AQBkgUECAQYAZIFBAgFGASgBi6AB72ye6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL-eAdIICQiI4YBwEAEYHYAKA8gLAZgM_P_R8OsDuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zMjM4NTU1MjE4NTg4NDM5GLGzDA&sigh=lUomwFjacdc&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 3BD4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstN2FSRoqM2QVpVhiXSMVsuDpSAUXyG12-MdM5Kl4E8zXLPlIhU_3TTyQFuq4_uLdIS_RTFfwIe16Ht4PDgSvfFC_FkS-z1m0mXldY93LThnYEd6CdB0CnEjif5sQn-T2QxEppYllHUXnW7bb45k6rSwr76WxxNUQ&sai=AMfl-YTGoF9tO5Kk9nS-O13Y5k1Lm71WcMid2ECdClMUdNbhzNh2ZSf-DC38jBbqa-TgwQcXGc7GtGW9SRYAiUWUXDFI8Uz_DnuIQQ-OFdtEBQ&sig=Cg0ArKJSzMbgvLzYmSi0EAE&cid=CAQSLgCNIrLMVefizmNq0hy0zAUdSGXBXZEQUHZW7drPfsw10GInFxYoQhtygVn55fY&id=lidar2&mcvt=1007&p=78,1159,178,1459&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=323572193&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1650145360314&rpt=2567&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 08DC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 920D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 18:35:46 GMT
expires
Sun, 16 Apr 2023 18:35:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 156D 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
061983029ccfda624e44d49a0cddb5b83ce086e181f87a9047d26c43aa7450cc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hT+XMhfT+rJiV/pvUFkV5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-hT+XMhfT+rJiV/pvUFkV5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:42 GMT
expires
Sat, 16 Apr 2022 21:42:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7AE5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 18:35:46 GMT
expires
Sun, 16 Apr 2023 18:35:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 81F9 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
759ab653bc62aa00074c5006eee8b3f9f5bbb16183822c1ead4888c0265c82b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Pc9Hz7W01I0H0GRtMt4miw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Pc9Hz7W01I0H0GRtMt4miw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:42 GMT
expires
Sat, 16 Apr 2022 21:42:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adview
securepubads.g.doubleclick.net/pagead/ Frame 0482 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLU-KTThbYrbMMNKRrAT8z56IDYqYguNo5Ju5pN4OZBABILmOkB9gleKwgrgHoAGrzYT_A8gBCakCX_01J_cksj7gAgCoAwGqBJUCT9CdWsH-S-Zrg0XBKnCyds9mqiDw5SgSlWmkOlvKSXp6uCi7pKatAcAC4xb-6ozOCpyst628RZPClt22Fex4RsPG5uMiE4YIZRn6jGm-fS__Buendh_nNfaEbN7g3zd1ab96gxnDyBEcteQe0MmgVywdHodRfwqylfkIpbe7i8n0OWAEHx-2AirYrOZl0F5SKCSX8KLNnQR48dl3XOW3JTLprToqYcenR-SqfL0CfxKD29PuL82GU7Xy1E9h2cjuFaAdEjUXKHEYydQlOLM6NsWuO7y9bgaoaZXKUKRLshgbiR9kxESWKa6uddxGYfb7WY9kykSaKp47GjfiKeE1183UI1OhKfE4JjiB1FtBNtsV-EwgMcAE_a7IxOUD4AQBkgUECAQYAZIFBAgFGASgBi6AB72ye6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL6EAdIICQiI4YBwEAEYHYAKA8gLAZgM_P_R8OsDuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zMjM4NTU1MjE4NTg4NDM5GLGzDA&sigh=2lJYipVEd7Q&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 0482 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssM8KV0BMdBo8Y3VVs5YJlyM3mR507d0EX1_ccM5LQGwVhntXAUlpxZnqr3igkV-gjKxWUSkUNtgbwRnfssHp6wvf94dETstsQlcLb4g-uUbsaGCjD4j1VOzF3zQK8I4WZ3xKqd4ks3S8Y-lXQco6a86NnKkRymag&sai=AMfl-YRbMdRfVbXJYaC71esoKWJr752ky6P9jt9_IxNxJ5E8bIrOzFko30XiRseHRpb743oeth_mVqxMR8wEXCZ1KGRcag900GTtpQNw3UvcqA&sig=Cg0ArKJSzLUGfmT7GeXtEAE&cid=CAQSLgCNIrLMVefizmNq0hy0zAUdSGXBXZEQUHZW7drPfsw10GInFxYoQhtygVn55fY&id=lidar2&mcvt=1015&p=78,140,178,440&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=415600777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1650145360410&rpt=2521&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 156D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=52108502604653&rc=null
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69fac801b387ed7cacf011fd6b5bcf210a8179bbf4abbce1553d127ef4249861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10721
x-xss-protection
0
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 920D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 09:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
42926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Apr 2023 09:47:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 81F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=3721424857747395&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 7AE5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 09:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
42926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Apr 2023 09:47:16 GMT
container.html
7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5FDE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:42 GMT
expires
Sun, 16 Apr 2023 21:42:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:42 GMT
container.html
73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 38D3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:42 GMT
expires
Sun, 16 Apr 2023 21:42:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 5FDE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C46noUjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEmwJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgbX7xMkBQZXIFfIIOnEAD-VpYDZsJb0tJqtCmlA-xSaeH96djmRO4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjY5NzY3OTUxODUxNTg4NhjUxAw&sigh=JxbZcyGLpUQ&uach_m=[UACH]&cid=CAQSPACNIrLM7FRRKIxN3jHNdf1fD8HhykhiL11eiAwtLaMBvcoocW0n5bELDeBt1oIQ-UCS6hRYkIyVSQ4KExgB
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 5FDE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jz4vrckg1ghv0a9pkgfrkx6g1gnx82ftc6saseghjqarb81tk50r755whm16gqt838tghzahbfyg68rzmkfpagpeh4wbge2chy6b7ts7zjq7dd9ykjarvwjncgs3v2qk93wae2m5dzzgjn2zcy54w37mm7mts1y4ys5egtm9ztz825ck7qjdm9gc3pah0t3ezmqhnxnvrdh9stm3gws5bgyyj30nf5zaw51gkvd7pw1zqr6pxq9h7rrqg309whtkm8ct3hf7bxxttw1435hadyxgef5tmf6agr4d9ekzpe6a3hja7vy0913rqz4y6nrarhb2add1qncfkkz88ev3tg68832xya3nmqt5aevs94afytpkmq3th2tna3h7zm11vc2bw74x2xeqs1ne53ygz8ecdy6y&b=Yls4UgAEYA0Kd7DJAAlU_VN2w2F_-veeaQsXVg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Apr 2022 21:42:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 54E0 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hr6v59r6gg7j4kgyqm0z1scscpvtp0xf9qsy33wdevg4nba9kex0nbmd3j6w6f8sw64b51hmjv0by0vrwvfxj7shffk685fxjcmbfw9edzr2f2q096t5ne4hf56gfpxj8p0jpd3pav5x7ka91270dhhh5ar6fgb7555zsnvg75t5ch2k5w5pqetdqhfredagpqm94thes7mfh0p1zn6514mhdfsm0ngaz2prs28dngptne102pwexktdrdndpkv8jfx61g8vey1rynyv6fbz89pw9a4h2xxba6daqfrjj4r1qvhphfbzkdm945btck54r7vv41mvaw2bk7tgj4zp04fk71pedeqnqjyf24nhn2wzf7mbe4n2kds11jna36r6xxcqv0g6eg3vdyhg33vycmzr4ywkbzn5v9019mzdrxg3yw848x0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa16bceeeef3f7826655058b508207aa91e3211c598e39a4127cad70c5b39c9e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fd017a48d5359cb-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:42 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 5FDE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 492A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 17 Apr 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5FDE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 5FDE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:35:12 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5FDE 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 08:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 16 Apr 2023 08:15:07 GMT
pixel
protected-by.clarium.io/ Frame 5FDE 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6NzI4eDkw&v=5&s=v31g0q5827d&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsNTEzNjc4NS9zdGFyYWR2ZXJ0aXNlci5jb21fV2ViXzcyOHg5MF8xIiwieSI6MCwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC00In19&sb=undefined&cb=9091388&h=www.staradvertiser.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZOekk0ZURrdyIsIndkIjp7Im8iOjI4OTYyMTcyNDAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.114.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-114-98.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Apr 2022 21:42:42 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8AAC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 18:35:46 GMT
expires
Sun, 16 Apr 2023 18:35:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6A0C 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8af995fb113b245281b143a1a8522e22decd26f394b2e6688825e057cb3f47fa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kDAQRZFE8Yn1yWm3qbozYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-kDAQRZFE8Yn1yWm3qbozYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:42 GMT
expires
Sat, 16 Apr 2022 21:42:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adview
securepubads.g.doubleclick.net/pagead/ Frame 38D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJttJUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEoAJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIQfKBl3n1kc2CpmVxyLh3_9k36BCqPSlqJNEFpDUywdqDS-N9IKTgBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI2OTc2Nzk1MTg1MTU4ODYY1MQM&sigh=LkqoTMfWtPU&uach_m=[UACH]&cid=CAQSPACNIrLMdZlT0b1iGyj2tvQ5yvuEvRd2pieGyyOM7yYEmR5Quc3zVCYXLqQARr4nT_kcPRTD9rbNBoSaqRgB
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 38D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kaq497gpzwx4z50j8vgpg7kc8p07dm48fv88n15v8shyx5f3p614h8ms1h1n4w71skn7bv3vsvsvtqs95bq3m5mj70h85rm9a14zxc5ztnttx1vj4e3mk9sk5tw9ryye5ss1aatfrw4wgb9zx209dr639bbgq85kd0tmqxt825v2j3fvhnwe0jrxaahjp3v0n18rvws1gf454131czjnxy4q4yjk97bj92rq9cgy6be6s6twdfp5zbmkn0qrs11y2dzzzkp1ytv3wsfqt8mzjjy564fdg2avxxbyfg9wjr596dkytz9g9f6x3cdd3gg3jkchfmt7gqp4pp90ajmmanxcr8acmmnxp5cbmgxcx0gszxmf7h0ph49tcg9385999kb7m4h7m48pftn35thsqyg8bys2&b=Yls4UgAEkOcKd5qbAAM1kkiF4xAnJkh3-CZ6iw
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Apr 2022 21:42:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame F1EF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1k6dhqbxb6v59cjjj99cxqka5dfketejnbp82tvqratvhpven6tq7nm7nyxtgfkrd2915rqc9axsfq7skzz5z2gvz2rd7094t5s2jsafq4k4xbht2cftcmbd3hwmh84ccx55sv31mf0k7v1vpcy9481rz32jfer5tmw4bptn5463nj6fy3mffhhzvs2rxkp707tb67j60gxk6r1qqj2q857e7az0c9ykjexnakt54ea9shyy715dsem1v3wxgd82qfjp0r8afjj0jcqr933rf01hbe11nkn83212cv0a32vzhnb8hb9sz8wnd074m5rnb3tzkyx131hrgepnfbqrpjnp7e84d8w7tvgc0gv4r1357kc947jp4m71w3ehkyynazbk093vd3dypxjje2cahh4w2d1rfjce47wf6e3v3dswnd616gc9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f4ea85fb3bfb6f7b1f3e703ebd4dc4a5205ec59f2dadda76cc70d3e2729736c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fd017a48d6459cb-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:42 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 38D3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6B2C 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 17 Apr 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 38D3 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 38D3 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:35:12 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 38D3 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 08:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 16 Apr 2023 08:15:07 GMT
pixel
protected-by.clarium.io/ Frame 38D3 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31g0q58294&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsNTEzNjc4NS9zdGFyYWR2ZXJ0aXNlci5jb21fV2ViXzMwMHgyNTBfMyIsInkiOjAsImNvIjowLCJzIjoiZGl2LWluc3RpY2F0b3ItYWQtMyJ9fQ%3D%3D&sb=undefined&cb=515274&h=www.staradvertiser.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.114.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-114-98.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Apr 2022 21:42:42 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 54E0 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hr6v59r6gg7j4kgyqm0z1scscpvtp0xf9qsy33wdevg4nba9kex0nbmd3j6w6f8sw64b51hmjv0by0vrwvfxj7shffk685fxjcmbfw9edzr2f2q096t5ne4hf56gfpxj8p0jpd3pav5x7ka91270dhhh5ar6fgb7555zsnvg75t5ch2k5w5pqetdqhfredagpqm94thes7mfh0p1zn6514mhdfsm0ngaz2prs28dngptne102pwexktdrdndpkv8jfx61g8vey1rynyv6fbz89pw9a4h2xxba6daqfrjj4r1qvhphfbzkdm945btck54r7vv41mvaw2bk7tgj4zp04fk71pedeqnqjyf24nhn2wzf7mbe4n2kds11jna36r6xxcqv0g6eg3vdyhg33vycmzr4ywkbzn5v9019mzdrxg3yw848x0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hr6v59r6gg7j4kgyqm0z1scscpvtp0xf9qsy33wdevg4nba9kex0nbmd3j6w6f8sw64b51hmjv0by0vrwvfxj7shffk685fxjcmbfw9edzr2f2q096t5ne4hf56gfpxj8p0jpd3pav5x7ka91270dhhh5ar6fgb7555zsnvg75t5ch2k5w5pqetdqhfredagpqm94thes7mfh0p1zn6514mhdfsm0ngaz2prs28dngptne102pwexktdrdndpkv8jfx61g8vey1rynyv6fbz89pw9a4h2xxba6daqfrjj4r1qvhphfbzkdm945btck54r7vv41mvaw2bk7tgj4zp04fk71pedeqnqjyf24nhn2wzf7mbe4n2kds11jna36r6xxcqv0g6eg3vdyhg33vycmzr4ywkbzn5v9019mzdrxg3yw848x0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%26client%3Dca-pub-2697679518515886%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
883051
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 06 Apr 2022 16:25:11 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6fd017a56bdd59c5-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 54E0 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hr6v59r6gg7j4kgyqm0z1scscpvtp0xf9qsy33wdevg4nba9kex0nbmd3j6w6f8sw64b51hmjv0by0vrwvfxj7shffk685fxjcmbfw9edzr2f2q096t5ne4hf56gfpxj8p0jpd3pav5x7ka91270dhhh5ar6fgb7555zsnvg75t5ch2k5w5pqetdqhfredagpqm94thes7mfh0p1zn6514mhdfsm0ngaz2prs28dngptne102pwexktdrdndpkv8jfx61g8vey1rynyv6fbz89pw9a4h2xxba6daqfrjj4r1qvhphfbzkdm945btck54r7vv41mvaw2bk7tgj4zp04fk71pedeqnqjyf24nhn2wzf7mbe4n2kds11jna36r6xxcqv0g6eg3vdyhg33vycmzr4ywkbzn5v9019mzdrxg3yw848x0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=RQuziQ==, md5=aEKpUkwBcgJ5WaD3yT+HcA==
date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35469
x-guploader-uploadid
ADPycdsjbbGwoClAviClI_b-RVGsj419bRsgc2aQTBcPeuotIInjk03xCTJ5ZFya9lTCf2IXRkywzizAjOFu7NjVd8qPMQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 05 Apr 2022 11:51:07 GMT
server
cloudflare
etag
W/"6842a9524c0172027959a0f7c93f8770"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdUIHtEaOk7L9nGGCa3Y9bZ%2BRSH4yQZXgax8tOPpxXsvH08YZKSEt09weyy95SHf9pE3QACRmfFXw8irQXBhYbcX1O8zJus6F1jP7JP6w5keQ6tgdgs2jFZzyJr5Vm8wkp9%2B2so%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1649159467260020
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11886
cf-ray
6fd017a55f5859cb-MXP
expires
Sat, 16 Apr 2022 11:51:33 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame F1EF 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k6dhqbxb6v59cjjj99cxqka5dfketejnbp82tvqratvhpven6tq7nm7nyxtgfkrd2915rqc9axsfq7skzz5z2gvz2rd7094t5s2jsafq4k4xbht2cftcmbd3hwmh84ccx55sv31mf0k7v1vpcy9481rz32jfer5tmw4bptn5463nj6fy3mffhhzvs2rxkp707tb67j60gxk6r1qqj2q857e7az0c9ykjexnakt54ea9shyy715dsem1v3wxgd82qfjp0r8afjj0jcqr933rf01hbe11nkn83212cv0a32vzhnb8hb9sz8wnd074m5rnb3tzkyx131hrgepnfbqrpjnp7e84d8w7tvgc0gv4r1357kc947jp4m71w3ehkyynazbk093vd3dypxjje2cahh4w2d1rfjce47wf6e3v3dswnd616gc9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1k6dhqbxb6v59cjjj99cxqka5dfketejnbp82tvqratvhpven6tq7nm7nyxtgfkrd2915rqc9axsfq7skzz5z2gvz2rd7094t5s2jsafq4k4xbht2cftcmbd3hwmh84ccx55sv31mf0k7v1vpcy9481rz32jfer5tmw4bptn5463nj6fy3mffhhzvs2rxkp707tb67j60gxk6r1qqj2q857e7az0c9ykjexnakt54ea9shyy715dsem1v3wxgd82qfjp0r8afjj0jcqr933rf01hbe11nkn83212cv0a32vzhnb8hb9sz8wnd074m5rnb3tzkyx131hrgepnfbqrpjnp7e84d8w7tvgc0gv4r1357kc947jp4m71w3ehkyynazbk093vd3dypxjje2cahh4w2d1rfjce47wf6e3v3dswnd616gc9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%26client%3Dca-pub-2697679518515886%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
883051
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 06 Apr 2022 16:25:11 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6fd017a56bdb59c5-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame F1EF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k6dhqbxb6v59cjjj99cxqka5dfketejnbp82tvqratvhpven6tq7nm7nyxtgfkrd2915rqc9axsfq7skzz5z2gvz2rd7094t5s2jsafq4k4xbht2cftcmbd3hwmh84ccx55sv31mf0k7v1vpcy9481rz32jfer5tmw4bptn5463nj6fy3mffhhzvs2rxkp707tb67j60gxk6r1qqj2q857e7az0c9ykjexnakt54ea9shyy715dsem1v3wxgd82qfjp0r8afjj0jcqr933rf01hbe11nkn83212cv0a32vzhnb8hb9sz8wnd074m5rnb3tzkyx131hrgepnfbqrpjnp7e84d8w7tvgc0gv4r1357kc947jp4m71w3ehkyynazbk093vd3dypxjje2cahh4w2d1rfjce47wf6e3v3dswnd616gc9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=RQuziQ==, md5=aEKpUkwBcgJ5WaD3yT+HcA==
date
Sat, 16 Apr 2022 21:42:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35469
x-guploader-uploadid
ADPycdsjbbGwoClAviClI_b-RVGsj419bRsgc2aQTBcPeuotIInjk03xCTJ5ZFya9lTCf2IXRkywzizAjOFu7NjVd8qPMQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 05 Apr 2022 11:51:07 GMT
server
cloudflare
etag
W/"6842a9524c0172027959a0f7c93f8770"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wP%2FoHw7J4%2F%2BJ7GQsLwXWGGnsZkYJOl8F1WlONEnwA7h1y12ig264MLX6x9QQIjeAkq6oPrpjQZTRur7WT5uQgmcI8BYUddI4OPcMzPJbolNbekPbVF9tkPLJTNFWZjnR29dljME%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1649159467260020
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11886
cf-ray
6fd017a55f5b59cb-MXP
expires
Sat, 16 Apr 2022 11:51:33 GMT
i.match
s.tribalfusion.com/z/ Frame 492A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENJxpRDJj-gjmWKgI3v2sLg&google_cver=1&google_push=AYg5qPIS5Be4wap1lw8p5Llg_LnkbGK_ZQORbJQk3cFvhVYuPu-cfCFjhhjQs-0g2ma2KvgKsnN7jnf2EnrCDaBEkF_1vxzKazw&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENJxpRDJj-gjmWKgI3v2sLg&google_cver=1&google_push=AYg5qPIS5Be4wap1lw8p5Llg_LnkbGK_ZQORbJQk3cFvhVYuPu-cfCFjhhjQs-0g2ma2KvgKsnN7jnf2EnrCDaBEkF_1vxzKazw...
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENJxpRDJj-gjmWKgI3v2sLg&google_cver=1&google_push=AYg5qPIS5Be4wap1lw8p5Llg_LnkbGK_ZQORbJQk3cFvhVYuPu-cfCFjhhjQs-0g2ma2KvgKsnN7jnf2EnrCDaBEkF_1vxzKazw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIS5Be4wap1lw8p5Llg_LnkbGK_ZQORbJQk3cFvhVYuPu-cfCFjhhjQs-0g2ma2KvgKsnN7jnf2EnrCDaBEkF_1vxzKazw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6fd017a73def01f0-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
297
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6fd017a58c3201f0-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENJxpRDJj-gjmWKgI3v2sLg&google_cver=1&google_push=AYg5qPIS5Be4wap1lw8p5Llg_LnkbGK_ZQORbJQk3cFvhVYuPu-cfCFjhhjQs-0g2ma2KvgKsnN7jnf2EnrCDaBEkF_1vxzKazw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIS5Be4wap1lw8p5Llg_LnkbGK_ZQORbJQk3cFvhVYuPu-cfCFjhhjQs-0g2ma2KvgKsnN7jnf2EnrCDaBEkF_1vxzKazw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 492A
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGv56j315s2188iBsJHvJco&google_cver=1&google_push=AYg5qPJeCqMAD55O_w_2MZhbe2LEQgeM1f2b-EIWoyb8anZ3TdCg7N0yhaZrs0K_kL3CEB1Ulxaqw3DoD_mW-jLP...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1wmLSUxmTNm_U0oZXPGSPg2&google_push=AYg5qPJeCqMAD55O_w_2MZhbe2LEQgeM1f2b-EIWoyb8anZ3TdCg7N0yhaZrs0K_kL3CEB1Ulxaqw3DoD_mW-jLP3uqUE4MJHvo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1wmLSUxmTNm_U0oZXPGSPg2&google_push=AYg5qPJeCqMAD55O_w_2MZhbe2LEQgeM1f2b-EIWoyb8anZ3TdCg7N0yhaZrs0K_kL3CEB1Ulxaqw3DoD_mW-jLP3uqUE4MJHvo
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 16 Apr 2022 21:42:42 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1wmLSUxmTNm_U0oZXPGSPg2&google_push=AYg5qPJeCqMAD55O_w_2MZhbe2LEQgeM1f2b-EIWoyb8anZ3TdCg7N0yhaZrs0K_kL3CEB1Ulxaqw3DoD_mW-jLP3uqUE4MJHvo
x-host
tde-deliveryengine-production-6ff4b889bb-jdcrq
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 492A
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOC_rhXUrL8Y4S6_CY-yL6I&google_cver=1&google_push=AYg5qPKtHsAsBCvtr_j6j_Zd_9TXlWJv4TCDA3zTSX1-qtoVpU_Ht-1FcbA9kClxnjyS3v4C8CJVQRaMI_vhA0qSy14OS65...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOC_rhXUrL8Y4S6_CY-yL6I&google_cver=1&google_push=AYg5qPKtHsAsBCvtr_j6j_Zd_9TXlWJv4TCDA3zTSX1-qtoVpU_Ht-1FcbA9kClxnjyS3v4C8CJVQRaMI_vhA0qSy14OS...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKtHsAsBCvtr_j6j_Zd_9TXlWJv4TCDA3zTSX1-qtoVpU_Ht-1FcbA9kClxnjyS3v4C8CJVQRaMI_vhA0qSy14OS65PwLM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKtHsAsBCvtr_j6j_Zd_9TXlWJv4TCDA3zTSX1-qtoVpU_Ht-1FcbA9kClxnjyS3v4C8CJVQRaMI_vhA0qSy14OS65PwLM
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKtHsAsBCvtr_j6j_Zd_9TXlWJv4TCDA3zTSX1-qtoVpU_Ht-1FcbA9kClxnjyS3v4C8CJVQRaMI_vhA0qSy14OS65PwLM
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame 492A 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEAzuJiQRGTRvxJzdzir14ho&google_cver=1&google_push=AYg5qPJMUcV_iyas-8K_fhdddiK38rbrQlwAOFXijdelb1S7CDs1H6x0mWT2_sZ6j07hdPLzmUbA_wOoodYI4ki0Q_ROgI3_zH8
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:41 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
skgvpmtshvk65bcq8fes3s35vnot441m
pixel
cm.g.doubleclick.net/ Frame 492A
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEPuuMmSk5YXtLOG8oe4uMIk&google_cver=1&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
0
0
pixel
cm.g.doubleclick.net/ Frame 492A
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEOZ_xNx27mKCkJK_l8gM0d8&google_cver=1&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTg...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOZ_xNx27mKCkJK_l8gM0d8&google_cver=1&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01...
0
0
pixel
cm.g.doubleclick.net/ Frame 492A
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEA9AJY_v9AI2-t33bGe0pRQ&google_cver=1&google_push=AYg5qPIPKtQvshMM5nYz9Bsp-qKta7y9K5nVnRL_MdPlinu-w2Osj41qeOsd6YbrXd4OAcNnxaBgsE-QEsKt3ljvHR3N2jJy-0w
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzMTQ2OTYyODg5MDA5NzAwMFYxMA%3d%3d&mn_hm=MjkzMTQ2OTYyODg5MDA5NzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIPKtQvshMM5nYz9Bsp-qKta7y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzMTQ2OTYyODg5MDA5NzAwMFYxMA%3d%3d&mn_hm=MjkzMTQ2OTYyODg5MDA5NzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIPKtQvshMM5nYz9Bsp-qKta7y9K5nVnRL_MdPlinu-w2Osj41qeOsd6YbrXd4OAcNnxaBgsE-QEsKt3ljvHR3N2jJy-0w&gdpr=&gdpr_consent=
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 16 Apr 2022 21:42:42 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzMTQ2OTYyODg5MDA5NzAwMFYxMA%3d%3d&mn_hm=MjkzMTQ2OTYyODg5MDA5NzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIPKtQvshMM5nYz9Bsp-qKta7y9K5nVnRL_MdPlinu-w2Osj41qeOsd6YbrXd4OAcNnxaBgsE-QEsKt3ljvHR3N2jJy-0w&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Sat, 16 Apr 2022 21:42:42 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 492A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ItW4F-COCnK_aRdZP15A4TQ6UguzSmZJ0M7u6ahKo3jOejzcu899luzMpD_dn1uhVHeG2e
Requested by
Host: 7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
URL: https://7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
google2waycm.netmng.com/cm/ Frame 6B2C 		0
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6B2C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAycK-NHYs_-xB07hph3x4I&google_cver=1&google_push=AYg5qPKo6b5-iICotkHKE84jkZGBavnZ3nVqZLnBlpdVnpVNyyxA3fmDg7JceL0gjpd6eeJiRNTLGnUhQ92ZzXmRGgkuidyFutcU
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU2MzQ0MjU0ODQ4OTY4MzkxNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAycK-NHYs_-xB07hph3x4I&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAycK-NHYs_-xB07hph3x4I&google_cver=1
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAycK-NHYs_-xB07hph3x4I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6B2C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEKLaXcidHMB9Pk-pwCbMfY&google_cver=1&google_push=AYg5qPIjtcfSRuJDfMdPGg4xCIVHuDdfTZBa3NYpQTguhwvIv3d_2bs_UQ4bJf5JJL934txbKO6V9K9gW9DEcU7Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIjtcfSRuJDfMdPGg4xCIVHuDdfTZBa3NYpQTguhwvIv3d_2bs_UQ4bJf5JJL934txbKO6V9K9gW9DEcU7QE5oZbDvcGmU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIjtcfSRuJDfMdPGg4xCIVHuDdfTZBa3NYpQTguhwvIv3d_2bs_UQ4bJf5JJL934txbKO6V9K9gW9DEcU7QE5oZbDvcGmU
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 16 Apr 2022 21:42:43 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x52 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIjtcfSRuJDfMdPGg4xCIVHuDdfTZBa3NYpQTguhwvIv3d_2bs_UQ4bJf5JJL934txbKO6V9K9gW9DEcU7QE5oZbDvcGmU
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 16 Apr 2022 21:42:42 GMT
i.match
s.tribalfusion.com/z/ Frame 6B2C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENJxpRDJj-gjmWKgI3v2sLg&google_cver=1&google_push=AYg5qPIql3YqkvKA3tFkk6Aaq0DeqiuvSVL9rj4sWZBZwS-MxT4Fb3shkkRQ_vy7yM_hgWOZttFL49-rUoHdBYWE5B745sW3tzo&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENJxpRDJj-gjmWKgI3v2sLg&google_cver=1&google_push=AYg5qPIql3YqkvKA3tFkk6Aaq0DeqiuvSVL9rj4sWZBZwS-MxT4Fb3shkkRQ_vy7yM_hgWOZttFL49-rUoHdBYWE5B745sW3tzo...
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENJxpRDJj-gjmWKgI3v2sLg&google_cver=1&google_push=AYg5qPIql3YqkvKA3tFkk6Aaq0DeqiuvSVL9rj4sWZBZwS-MxT4Fb3shkkRQ_vy7yM_hgWOZttFL49-rUoHdBYWE5B745sW3tzo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIql3YqkvKA3tFkk6Aaq0DeqiuvSVL9rj4sWZBZwS-MxT4Fb3shkkRQ_vy7yM_hgWOZttFL49-rUoHdBYWE5B745sW3tzo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6fd017a73df001f0-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
426
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6fd017a58c3301f0-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENJxpRDJj-gjmWKgI3v2sLg&google_cver=1&google_push=AYg5qPIql3YqkvKA3tFkk6Aaq0DeqiuvSVL9rj4sWZBZwS-MxT4Fb3shkkRQ_vy7yM_hgWOZttFL49-rUoHdBYWE5B745sW3tzo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIql3YqkvKA3tFkk6Aaq0DeqiuvSVL9rj4sWZBZwS-MxT4Fb3shkkRQ_vy7yM_hgWOZttFL49-rUoHdBYWE5B745sW3tzo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6B2C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBtXz9J7PULUwgc-A4Vw51k&google_push=AYg5qPIZTQVyTlqcZeDpnfbPIW549TnyEkGBjl2JKAXPwaeEZV_NN3iOV3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBtXz9J7PULUwgc-A4Vw51k&google_push=AYg5qPIZTQVyTlqcZeDpnfbPIW549TnyEkGBjl2JKAXPwaeEZV_NN3iOV3iQHbE2FsZfCfQ1NP1WJDoL0-M0xLKmipn1MXs5OQ8
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1650145363.828733,VS0,VE89
x-served-by
cache-hhn4070-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBtXz9J7PULUwgc-A4Vw51k&google_push=AYg5qPIZTQVyTlqcZeDpnfbPIW549TnyEkGBjl2JKAXPwaeEZV_NN3iOV3iQHbE2FsZfCfQ1NP1WJDoL0-M0xLKmipn1MXs5OQ8
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
dot.gif
s0.2mdn.net/ Frame 6B2C 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEIiR_P3UgdE11wqJJlIFF5U&google_cver=1&google_push=AYg5qPL4h0uX3HiRjjrNITE9DHfMzanWMk_bIlaLthnLb_5J01YH-THQLkr35MaIHhup16fUH617ncnDabZ-MQIolIvyzFPfQ49L
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Apr 2022 21:42:42 GMT
pixel
cm.g.doubleclick.net/ Frame 6B2C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=COFQC1wbRqqf0UwquMUlwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=COFQC1wbRqqf0UwquMUlwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIpFxwR_I_gqu_7arZY6rFA1pQw4AXaT-DKsHMxKl_3t_30r2aCBG2HI83IghPgq1pI9JBoh4ni1iKCbzoWoE_lBHDg2ZiF
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=COFQC1wbRqqf0UwquMUlwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIpFxwR_I_gqu_7arZY6rFA1pQw4AXaT-DKsHMxKl_3t_30r2aCBG2HI83IghPgq1pI9JBoh4ni1iKCbzoWoE_lBHDg2ZiF
date
Sat, 16 Apr 2022 21:42:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame 6B2C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IPZwgE5nY6Pm-OyyXIhhBk0r-FW7gUQzbgJEP1dh6z_tomqQGsVJ3fhaht-JigluiLlBmF
Requested by
Host: 73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
URL: https://73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 5FDE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36ee31f962e951741ba0010cd12e156c417c8b53f9506ae63afb5e93d13744bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 6A0C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=3951357139723597&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
truncated
/ Frame 38D3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee748afbc8c3c439eccc4592e71ec54c04594fd50a3ed67316b509ab631b6f00

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 920D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uT2WRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 8AAC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 09:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
42926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Apr 2023 09:47:16 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 54E0 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11647677
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWA4ym8oe4%2BFQvjpdwHjwGa9oCycVLDDJ0KXFlS99%2BKyjlFgP10VbPSn8Vht4kGQbRLfq5qO%2F67m82YqcKt5JQ5Eo1Vhi7WQju0n3ZL2kZFYBLIxayvxs6waE9S7vTb3IlFqDz1viEoY%2FoyqdEO%2BoRla"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6fd017a68dcc3761-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
frame.html
ad4m.at/ Frame 1779 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
934573
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
6fd017a64d9d59c5-MXP
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 16 Apr 2022 21:42:42 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 16 Apr 2022 22:42:42 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLc0EEthdiyLnZ2CMzOcyyL3aoiIVBTzNrFE4x6BLgYBHMetZ1VSXpx6L7Gzq7Fz%2BCrhMZD50ZmiyQ0Imtfxu5gnwWuxLSq4WE3DPXxdzX6n1jsODb0Ly9%2F2M55RrHBD9LUEqlg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration
3
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
generate_204
tpc.googlesyndication.com/ Frame 7AE5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?f_nx7g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F1EF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11647677
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrZxQWci1kyr2Zrv8URiZ7ISjmw3k%2FB7jhzPPYwNUReQFQCMySaeA0FR%2BgWHqkag7EAJv0KwlIFX%2BSwzR1FmtsMj2BJqE6aIBjz2Tn3HpA2jDimTBWa8LkySmELZf%2Bl53eEHCjpwjpFObvVteijrxFXT"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6fd017a69ddb3761-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
frame.html
ad4m.at/ Frame B7CA 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
934573
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
6fd017a67ded59c5-MXP
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 16 Apr 2022 21:42:42 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 16 Apr 2022 22:42:42 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unXs4EQVFft%2Bs8Yt2WnrcBOxglro39m06Mf1s2u1BvXX5MuWZuJzWoOvKMzuKsoLxKtp9dqfG37te4ZgdJqPQ2pEN1yCfsnAgkmByjgObqnuXNZ6GadQ2EOy6eMIz2T0dRl3R2c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration
3
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
rs
ad4m.at/ Frame 54E0 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3e93836a22a8cf809b29928623d540c5847381492a58727f0cb863889cf0c3

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6fd017a7fc9d59fb-MXP
date
Sat, 16 Apr 2022 21:42:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTVm2HIXR7BdLt%2F0%2FaiMQljQE1fVvgsOvyZYLCiKJDebH%2B6%2FHQNjv2ztfr7EnrJGeiNAp0xDzsQG2C6aUfC%2B3n5AyNWIfsZ5V1vSydODu3UFS%2FhyAp%2BQM2HX11KQdHk36NV9BkA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-395g
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6fd017a79b7059fb-MXP
content-length
24
content-type
text/plain
date
Sat, 16 Apr 2022 21:42:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVC4cohTdRRassMiycInT9dZTXvZvL495mQfN7rhowJAuFtGborOkQWuH7%2F266h0Q1QSswEwoj9AxWrIbbPkwibVPPseqZEuC7NIbjq4YXIOysJV7oHa5JsYIEOUP6qo5vdNNd0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-395g
rs
ad4m.at/ Frame F1EF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e48ed642d90136a7944773eeb5f62fef67e2874f87376d380a3d91d35a9b4ca

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6fd017a7fcaf59fb-MXP
date
Sat, 16 Apr 2022 21:42:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkZUwj8KbyrC9kGBVUKntoTxO9sWScaSxBy2FSPPslR6rEpk%2FaBWyvcEErardMdi6%2BMEZoP4gvbOqFes7qbs%2Bls0%2FggeVRzJbPr90ZedHcyZT0TWY63fl9nIjnmMlTpe9tfYixM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-395g
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6fd017a79b6d59fb-MXP
content-length
24
content-type
text/plain
date
Sat, 16 Apr 2022 21:42:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UauhOCjl3QXo77TpPassTw4aTEulRT6zTnE1h5OJOOEPKDkp5IR5PHyFuS5xoF36nNdzNwrjtxJhEFdYnUiSecEeYZAA2m2519DJLDsXkhlwxLxy298M8vaBqMPXTjwYlMXt88%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-395g
generate_204
tpc.googlesyndication.com/ Frame 8AAC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?desDJA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ats.js
ats.rlcdn.com/ Frame 53D9 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
49038
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Sat, 16 Apr 2022 08:05:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/x-javascript
x-amz-cf-id
nIxMDxCzBJa2AHDa29CGVKWQzr-KU73R0OuipYt-kgffiYBm4MaqSg==
ats.js
ats.rlcdn.com/ Frame 08DC 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
49038
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Sat, 16 Apr 2022 08:05:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/x-javascript
x-amz-cf-id
-Ojm3quuQme8q8GGzw7wltkxA2sX7ICgs0S98JMILc8EgJDIEgjaug==
rar
as.ad4m.at/ad/ Frame 9332 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cf368d3fbf5245e5a8f771e7df972c0e076a0a55cb52ebaa2deeb4c852ee559
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hr6v59r6gg7j4kgyqm0z1scscpvtp0xf9qsy33wdevg4nba9kex0nbmd3j6w6f8sw64b51hmjv0by0vrwvfxj7shffk685fxjcmbfw9edzr2f2q096t5ne4hf56gfpxj8p0jpd3pav5x7ka91270dhhh5ar6fgb7555zsnvg75t5ch2k5w5pqetdqhfredagpqm94thes7mfh0p1zn6514mhdfsm0ngaz2prs28dngptne102pwexktdrdndpkv8jfx61g8vey1rynyv6fbz89pw9a4h2xxba6daqfrjj4r1qvhphfbzkdm945btck54r7vv41mvaw2bk7tgj4zp04fk71pedeqnqjyf24nhn2wzf7mbe4n2kds11jna36r6xxcqv0g6eg3vdyhg33vycmzr4ywkbzn5v9019mzdrxg3yw848x0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%26client%3Dca-pub-2697679518515886%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fd017a8693159c5-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 707D 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a008d5a4fea7f3a1e7dddd233a652e98807c595faf41fd60958b3151188ab060
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1k6dhqbxb6v59cjjj99cxqka5dfketejnbp82tvqratvhpven6tq7nm7nyxtgfkrd2915rqc9axsfq7skzz5z2gvz2rd7094t5s2jsafq4k4xbht2cftcmbd3hwmh84ccx55sv31mf0k7v1vpcy9481rz32jfer5tmw4bptn5463nj6fy3mffhhzvs2rxkp707tb67j60gxk6r1qqj2q857e7az0c9ykjexnakt54ea9shyy715dsem1v3wxgd82qfjp0r8afjj0jcqr933rf01hbe11nkn83212cv0a32vzhnb8hb9sz8wnd074m5rnb3tzkyx131hrgepnfbqrpjnp7e84d8w7tvgc0gv4r1357kc947jp4m71w3ehkyynazbk093vd3dypxjje2cahh4w2d1rfjce47wf6e3v3dswnd616gc9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fd017a899a259c5-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 9332 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
883052
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 06 Apr 2022 16:25:11 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6fd017a91a9f59c5-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9332 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
230722
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdtEN5BLso_pYq9sWvdXvo3kNoMcEnVBWSjkx4P4RyMSkNOYbidAswbSjObgZTW-DoAkzw-0BYkT95l4-MgF5CUlvzdhSToN
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFwy%2BYt9x9G%2Fsnn5CrC1C%2FM%2F2yyNC2%2BDL0fdkzly5Cd7ZGkEARnv4ZCJn5rmiECxQQcKUzIj0MVfnmyPZ8E%2BLb64S8PxbOnv%2BaLirt8ihdf0AoNMEnQcyeWBzH5TxTDH9j0pxrFCWwPSbVDn"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Sun, 17 Apr 2022 21:42:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6fd017a9291c59cb-MXP
cf-bgj
imgq:85,h2pri
94776D1EA84A2C016C3E2F4F2FF5CAFAE59DCE9271B62B383432451DCE910FAAE81B73D3436E567532B91B0BB75A1A9BC40155D0E940C698B45E520EC40D2A19
assets.ad4m.at/product_image/ Frame 9332 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/94776D1EA84A2C016C3E2F4F2FF5CAFAE59DCE9271B62B383432451DCE910FAAE81B73D3436E567532B91B0BB75A1A9BC40155D0E940C698B45E520EC40D2A19
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aa4aec3bf9cf0b1c0b6ac8db92c9c0126c3642e0ceb730601a0d2db7083cac3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=Wi8YDA==, md5=y9zKcIdRhNFPsyrXXLJEgg==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
232927
cf-polished
qual=85, origFmt=jpeg, origSize=57873
x-guploader-uploadid
ADPycdvOrX7dc-8UF0XXCNay2SEK5-6lWBqxh1HmhXUNbmOhJFrTU35Te5QUod4PITX4GwYsYGGy4Glt5ywZpdqB01sD3B6fFx6G
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10528
last-modified
Tue, 19 Oct 2021 12:57:42 GMT
server
cloudflare
etag
"cbdcca70875184d14fb32ad75cb24482"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAlwBcTUIu9Cow%2BNYSUmbA25GL47OpeSTCAw1hrl5v%2BMRspemAIifSYVbQcviGivwyGwUU1EawJsXco46ExEgUc4T6jRoZrlwRzgXV4hGwYG6RNw6%2BwCtsSdlh8hpKn5PwM8fv5%2Bw0Y09b6j"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634648262044462
content-type
image/webp
expires
Sun, 17 Apr 2022 21:42:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
57873
accept-ranges
bytes
cf-ray
6fd017a9292459cb-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame 9332
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid3bgFpf14UB6QC7HrHAtEt997f8TWTReadoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid3bgFpf14UB6QC7HrHAtEt997f8TWTReadoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022041623424367222197679X117679V1226132702MSoneid3bgFpf14UB6QC7HrHAtEt997f8TWTReadoneid__asuiddQia-2F...
49 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022041623424367222197679X117679V1226132702MSoneid3bgFpf14UB6QC7HrHAtEt997f8TWTReadoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022041623424367222197679X117679V1226132702MSoneid3bgFpf14UB6QC7HrHAtEt997f8TWTReadoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:43 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022041623424367222197679X117679V1226132702MSoneid3bgFpf14UB6QC7HrHAtEt997f8TWTReadoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022041623424367222197679X117679V1226132702MSoneid3bgFpf14UB6QC7HrHAtEt997f8TWTReadoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679
date
Sat, 16 Apr 2022 21:42:43 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 9332 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
233651
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdvC2InmMh-zrAR50ZZj4GRb4PITbs3t0e--z8vzdk_8NM4gnF__p5aencKUwD_dZ926qCAcK4U8oxQMKBAAr6ZtqgXO--3m
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZpgkLqz3UnJg333hhtOwq%2BmiOyb63XAvDCkcXNhiTshG2P6uW9jeLPhVEoZE91baDA6c3DU4%2BdYMBbgFUVKjxF08qxOGgKc4KZ%2Fm4q%2F1Bs79WwEoMQ18RqYoqh4oL708%2F5V285q2qpuhG3x"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Sun, 17 Apr 2022 21:42:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6fd017a9292759cb-MXP
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 9332 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2177584
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdsptdp2JHMudyhma4_tRan-1sTXAWuZeU75iOPGSiSi3VWFAgWEo44SxaKV6Y1BqyBrraPCApnQwJCEnDNAE14
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELRWZoW6YiqbaSr3Kh2Frjvy2t9RS%2FsoEbnk35OHnIQ%2FiJQFTMMJeCAdUgP%2FfRj7aRC8S0XJyABGd%2BZ2uXQ700O3rEfAcRsJNPdcDEPMmQinGzlmJyBhKvjNZNYKV7QUQlTmMKIMlKVq0bWD"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Sun, 17 Apr 2022 21:42:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6fd017a9292959cb-MXP
cf-bgj
imgq:85,h2pri
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 9332 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
749398
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdvB00WKgx745cHqkaEv9SP2O4qOtgzTIss7hz8UjeJ5YHr-cN1aZvdY2p2ANOf3K9-3w-Gx1jlYdqTxEli2DqCgNf8OFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeIdFSSVYSBR%2FNsGb%2F32WFlq5NTzyhRQK0BfVXWdRQyQnTm6F0%2FTy9DUsNtZ6vQtIcMHnv5%2B3rZuPQY5sP4xvY6THlriAHBZWpXYSPzqWHvo03MGquZDJo0R9u2fWrfLdm9HykEfbsHRzjYR"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Sun, 17 Apr 2022 21:42:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6fd017a9292c59cb-MXP
cf-bgj
imgq:85,h2pri
363225520B23933D04404EA5147CA5B6CD63C6B1C6364D6285B2D26282895FD1DAB2D8ECCD30BF9CC53888AF94392C8FD1FA5AE54768BA93ADB9FB501497A5B2
assets.ad4m.at/product_image/ Frame 9332 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/363225520B23933D04404EA5147CA5B6CD63C6B1C6364D6285B2D26282895FD1DAB2D8ECCD30BF9CC53888AF94392C8FD1FA5AE54768BA93ADB9FB501497A5B2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53d9315ad819dbec6c644cdc7198c5e19bf01e8a5a5e90be0796cfc3b0ee57ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=hsimQA==, md5=fnIXuaYIHhnY2M4TiaL6XQ==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231518
cf-polished
qual=85, origFmt=jpeg, origSize=119409
x-guploader-uploadid
ADPycdvMjrSzfYdey1asp537toRl5RkbLKRu3hPq5DADLQDyCVRI220u-tPFTYeb6fhCQM3SHtG7kMltIiiMcKMOE9xdeaSZniVa
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16388
last-modified
Fri, 18 Mar 2022 16:12:41 GMT
server
cloudflare
etag
"7e7217b9a6081e19d8d8ce1389a2fa5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJaaRr6nb0lQ4yTV3ohrXh1FcfXT1ARKfUxkMfmAiJ9hfxpmS9DcnIZ5qamoMAuYK4uK8pB7ElmKQvAhnEbfciRBxB%2FjQB2j%2FTdsLOgwX%2FuVyoUKA75aLP0Ci06ocEE3FDpxqZXHCU0JDZx4"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1647619960937474
content-type
image/webp
expires
Sun, 17 Apr 2022 21:42:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
119409
accept-ranges
bytes
cf-ray
6fd017a9292d59cb-MXP
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame 9332
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSWoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSWoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_con...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022041623424367222197673X117663V1225131106MSoneidz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSWoneid__asuiddQia-2F6...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022041623424367222197673X117663V1225131106MSoneidz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSWoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:43 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022041623424367222197673X117663V1225131106MSoneidz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSWoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth
date
Sat, 16 Apr 2022 21:42:43 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 707D 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
883052
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 06 Apr 2022 16:25:11 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6fd017a92ac159c5-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 707D 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
230722
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdtEN5BLso_pYq9sWvdXvo3kNoMcEnVBWSjkx4P4RyMSkNOYbidAswbSjObgZTW-DoAkzw-0BYkT95l4-MgF5CUlvzdhSToN
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLpGYbtb1QgBegXNKkSGkZiJem1YDeDdkQoZikiq93nmEuv5RVZxyXxtZth%2BYhEi3fWmYj4D03asmRs%2B%2BNCTVLv4fnb9tQE3GzYwAs38LamaVOFmsTwiHOeYIbnGeshVL8W6r28pFiJY1W7N"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Sun, 17 Apr 2022 21:42:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6fd017a9291b59cb-MXP
cf-bgj
imgq:85,h2pri
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 707D 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=I4uEDQ==, md5=w0ixd5U6xXIINsBOGiFnPQ==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
254386
cf-polished
qual=85, origFmt=jpeg, origSize=132437
x-guploader-uploadid
ADPycds62x1E-io21q1rdQIuHZ2XxzXmealv8cHk4DA0-_aJZC-thlytvvWnTWsZaXvPMZl5noaEzS5wM3wvlbDWC2VSosy_sLkL
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZK4qV2cqO%2BBtPLkNzNf3Nqa2C7ciJ0%2FGrOOIC9PC%2BJ6Xa7pUzvuNOTy1l%2BbVbRCjLlunAIv9LiyS0A64%2BQjIRZWfxGPYDwPWwymGPM3VVK4uNUUAxnJQjBEP0ncKHQLZ%2BMzj1eWztz4qq7B4"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639072283176296
content-type
image/webp
expires
Sun, 17 Apr 2022 21:42:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
132437
accept-ranges
bytes
cf-ray
6fd017a9394c59cb-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame 707D
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&gd...
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022041623424367222197677X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidUfBoEMX...
49 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022041623424367222197677X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022041623424367222197677X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:43 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022041623424367222197677X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022041623424367222197677X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
date
Sat, 16 Apr 2022 21:42:43 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 707D 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
233651
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdvC2InmMh-zrAR50ZZj4GRb4PITbs3t0e--z8vzdk_8NM4gnF__p5aencKUwD_dZ926qCAcK4U8oxQMKBAAr6ZtqgXO--3m
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yNOXTg9y4VNvfC23dmeShlFNoT%2BH9kyzDyz2ayuWzafiS7xnAoFTT3%2BUFcmG7KhRoUtmNhP7K5FL0ZAsM6O20J8CI%2BQdsvenHpF5fuPCmv3pbX9AMn6IYweV6Igfm1qSu25acQ1Y2G1tUL%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Sun, 17 Apr 2022 21:42:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6fd017a9395259cb-MXP
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 707D 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2177584
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdsptdp2JHMudyhma4_tRan-1sTXAWuZeU75iOPGSiSi3VWFAgWEo44SxaKV6Y1BqyBrraPCApnQwJCEnDNAE14
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dv7E%2FLiaH2WXwcOac4g9lPOvVHxcYMdvDYQXLbnCW3gmqb1%2Bdpoj5Suc67aIwVeB9vx6rASCcXEvBnw2qdwzOH62zYnhs6yFi%2BIR9V0A4c%2FaLAJ%2FQDCd9xanQDrng6%2B%2FBVeHCogeeQ5o7pEU"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Sun, 17 Apr 2022 21:42:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6fd017a9395659cb-MXP
cf-bgj
imgq:85,h2pri
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 707D 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
749398
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdvB00WKgx745cHqkaEv9SP2O4qOtgzTIss7hz8UjeJ5YHr-cN1aZvdY2p2ANOf3K9-3w-Gx1jlYdqTxEli2DqCgNf8OFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymc9wOdw0a94swK3iNHJiZaoW1bACrf3DqGbNjtbnuYQyIaBhmdI8UwaMPYO8mkPhE%2Bs4wvCvFlTQzUT3EIqlX1THPn0BTFFE1E%2FWlfpwFgO1CL8tuJngHPTK39a6PTZzkUZSmSSruEPtJwy"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Sun, 17 Apr 2022 21:42:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6fd017a9497559cb-MXP
cf-bgj
imgq:85,h2pri
363225520B23933D04404EA5147CA5B6CD63C6B1C6364D6285B2D26282895FD1DAB2D8ECCD30BF9CC53888AF94392C8FD1FA5AE54768BA93ADB9FB501497A5B2
assets.ad4m.at/product_image/ Frame 707D 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/363225520B23933D04404EA5147CA5B6CD63C6B1C6364D6285B2D26282895FD1DAB2D8ECCD30BF9CC53888AF94392C8FD1FA5AE54768BA93ADB9FB501497A5B2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53d9315ad819dbec6c644cdc7198c5e19bf01e8a5a5e90be0796cfc3b0ee57ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=hsimQA==, md5=fnIXuaYIHhnY2M4TiaL6XQ==
date
Sat, 16 Apr 2022 21:42:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231518
cf-polished
qual=85, origFmt=jpeg, origSize=119409
x-guploader-uploadid
ADPycdvMjrSzfYdey1asp537toRl5RkbLKRu3hPq5DADLQDyCVRI220u-tPFTYeb6fhCQM3SHtG7kMltIiiMcKMOE9xdeaSZniVa
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16388
last-modified
Fri, 18 Mar 2022 16:12:41 GMT
server
cloudflare
etag
"7e7217b9a6081e19d8d8ce1389a2fa5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1yNASJJLv5vna5mPy352IiHon0rnCUoHopaMIlBorWNEXt56QjdhCPn3wvTSOyZ0CKfmLMK0wytTsKW7aoD%2BD96pahmBvdfhaLiN5hRmcRfNCB5Xp8LGzXfkkkHBkKrNqAa4i2OwiveWrmR"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1647619960937474
content-type
image/webp
expires
Sun, 17 Apr 2022 21:42:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
119409
accept-ranges
bytes
cf-ray
6fd017a9497759cb-MXP
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame 707D
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9oneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&g...
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9oneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022041623424367222197675X117663V1225131106MSoneidApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9oneid__asuidUfBoEMXb...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022041623424367222197675X117663V1225131106MSoneidApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9oneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:43 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022041623424367222197675X117663V1225131106MSoneidApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9oneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush
date
Sat, 16 Apr 2022 21:42:43 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
ats.js
ats.rlcdn.com/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
49038
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Sat, 16 Apr 2022 08:05:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/x-javascript
x-amz-cf-id
f9Qh9d4yHj1IysksA-uNW8_hTKOLvyurSJV4SzFixV1VY6KLvYEc3w==
bid
ap.lijit.com/rtb/ 		94 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.29.0-pre
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
f1271a86d6ea47ee59ce088a27e45eba9fe5ebac4fa2cc0fe5217aa36d82229b

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 16 Apr 2022 21:42:43 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969da301757594a0c49518afc10016&pos=8a9695e3017777b66e76bc36403401e5&cmd=bid&secure=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
524cdd44fe975bed617fc400745293b1d4fb0b39350fbbcc1a5e6ec5dfe10dc5

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Apr 2022 21:42:43 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
content-length
62
trinity.json
apex.go.sonobi.com/ 		94 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2263a93b32eec12d%22%3A%225ada8bc6024f756e9ec4%7C300x250%22%7D&ref=https%3A%2F%2Fwww.staradvertiser.com%2F&s=8cdbdca1-1f80-4b13-898e-edeb1d9ebea4&pv=766667ca-4b62-4de6-a209-8a7b9a1c8173&vp=desktop&lib_name=prebid&lib_v=4.29.0-pre&us=5&ius=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
05a7ed107baa434bf854403602197874b7ea5c72052c23bae91be43c350396e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 16 Apr 2022 21:42:43 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2c629f3b623d16fb8a2a2b8867293e50798faf2032da7c75d3570eb684dcb9cf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 16 Apr 2022 21:42:43 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
672145e9-6bee-4298-bbd3-db8f6a753032
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		36 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=359592&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229b721ac488a614%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0-pre%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210797705d2dbd5d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22359592%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
777a9a14ed6810e65a978e54dffce150d41237cb42b645580fd45d324194c39c

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:43 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.68], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sat, 16 Apr 2022 21:42:43 GMT
link.html
track.webgains.com/ Frame 9332 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k2q3v8a8qkft9qke1by941q88bsn5eknkdera5b3emwk4h9baa6gncg1mhf1syqzznzdf29av6qjce801744yqqf2ydq98y7h7vxey7bg6p7vjfbzdb5pcmtqberat1gxjty3bqx1ks3webhxhfp8b4h8berrjpr397v1se3y6t6f87nnrye0dqwbvvzf5p9bd25308ca2r3x04kqfvp815pkpya8vxccdckmw3473fh7pepawrhv4rspn7tvdhk4nmvpj38rspvp42d6gcx6bgzsyp80p34shmgn49darxg2xsnjryr7bp%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
556ce1343a0e27d3aa7cffc8b7c8ba6112a462866ef9ae94a93eca803676717d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Apr 2022 21:42:43 GMT
Last-Modified
Sat, 16 Apr 2022 21:42:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1462
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 707D 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hb630e8gvezwxjhew0g6566j6t07geb99mmwvt3qb3v41yj9cznh0p9rqfjgxa9bttf3a4zp6gr88xfzpjxnww7mrhmmvmnpb6adh61qn9q60q171pyx1gpefjza80mm3djmjmnb4qagvqrv3vfc5z76gxcj7gt8ywcvcwbb5v8jvhtc0egss79585wjfxvtcp5pfgga6wzgf2p0k7zza0ky6d4w1fg3s3wbj19k7tx3r57c5p4sbngfz9h2y4acm5kmgk4tg6cx74tm5cpc4mmfr929854vs0p5g414ssfp8rmpvwge7g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&clickref=oneidApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9oneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
528b92d15890f91b9c9a71c7721881bd47cfaac3656447005ef3f012507cbd08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Apr 2022 21:42:43 GMT
Last-Modified
Sat, 16 Apr 2022 21:42:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1468
Expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=7743&ntv_r2=8080&ntv_r3=8370&ntv_r4=8581&ntv_pl=1102376&ntv_it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.116.163 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-116-163.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:43 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 53D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=52108502604653&bg=!lZalltLNAAZvJBiFTyQ7ACkAdvg8WgLVolWVlTTp3-j6iewY2B8u6GahHjIkIi8qW3ih92ov-SLbewIAAAGpUgAAAANoAQcKALZqeZfUnkLol-vW35GNNUWE1ijDyODLNtSq5H-1fZLjqq60uy1rkVq25Gq0Drw7hl_DaNNAMsppaFnXe1ZaMG62m40L8wLKyNLPaN1g8WXFvULubiDsa1ggfP4ltjrAsHxjdlLCuDd4jSrQSOMaq7fnwzMkRX6ybzkSBP0Shq1YO_1C1olkGTe2gK7dCx9cD0NV-fCAidrDxFgUrMlOTLM7Ud6pQm9eBOtVVI2MGDoJIXdip4IejJkCynSSo-j66HKvcxA0GFbvzYBB52F6WOMOB9n1IjseSqgXL14aynLvgfZYde5jF2mkkC8jqTxw-mZf1Rt4_Z7hfRUEl9WsqGKJlmsioNZ-qSGt8JdfyoejHiltDFrBakc38P4O2KTUnaeab1EXgrowp6SIeL7cMQ8y2K_ygKP0jDxkaOY9HkRdAMV0XlrKAZdX6XQgoLFSBBW2nul5ibwOvftPzeVJNYiNxEmLanhhOmDWMWeZQ7APPJSydBfXO63N7yOhvwMgAqAKsFdMJT68287k-w2Jnf6VxeVPc5jMaAy-1Apy-NBSrVb19rGHkHLq5wpla-35Qzk5CnQSIqanSOo94fghI4ma9nUS4doCFfaAA2BRV9ZksS2QpsTE2RYvkt6HAgt2hywbUre4o8FlBjQr8bvRxI_05t2_UWav3e_q8TI6rri5z4B4S4t4o0RWnlHGOVoQtKM96pfAo7BMpzfflLBgucPG3XYiLPRwJof3ckjP0IhD3RajVRhCcgDulvg4F-0bWBfwUogK-X3qeKFgOhlryzDdNsJGNOplh8qmLn1Q-NWehSWooiGbczQ-9YD9EIFID2lScSIeLX7KSO8QILQWpjI7zTMPZ3JjFKFYXxh5tOlbIMf_ZCHCNOkBPvn-eEvnYLXJMLIrOCIvMGm8acut5GUUcizhxkE4cHTsgKMn7u6yAwm5meazi_LVguEQeVE_EL0Bn723ZK6DxOhdo3KyReqKIrDWnjUaZAggRds8wsc5XmXJfPALNzhlyogm42oGNGL79viOu3o7gEGGHqIcVAQq-dk3bK6ANkTzHHqh-e7EYUFARcoC1IWXzDqJ8pQhmyf8q_kG7DLF65VMEDOuwjnzQYOWD1PPmdeCGq8WOPKVZQHoU3BcqAJLoURGKadUhBZy5PS6W9QHISzRiMSm3J-Wr-ma2aJDEqGQ0cMsuwrT37IwFA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 08DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=3721424857747395&bg=!WFulWx_NAAZvJBiFTyQ7ACkAdvg8WknY5u5-ojWTJVgLeBAjLV4uw4qJWw9b6qAd-8uv1RO2s-0ZPAIAAAIQUgAAAAJoAQcKADuHGw9EQ0iM8t5rFwHXVtMLA2UrZYfGzgpQnrIbCG6PndUcxqVioQuUl6luo6_MQOr68YnrOrUHdql4zpkCwb4DBlqkhlkMfSjXYZYGRomkGYATZr781vg61R6NOGWIHDMCW7Sl8orBH3JO-zsONq1Vn1wfk4vCNVkTUIDtqM1jeA6QuZOfFkfwFnkcUjCPXyshrVS1zsU2nLvo9sWeXMST5l8nybcwBhb0o8WpC34XymN3M-eatDJi_k4UEGfu4mUgNzSM_nnBzD0bXE1yFJnwPgYNyFbEP-ZXcFCWc7UUd9DPMwpP-IBEWqXtcYKOaH-rfho0H1jzHhvCCI1_i8vKZMuwhMiaO-DclH3T9miiFX4a1pRF-7KNUkZeVUp0sZY6iR771paoOeqJ_YMXj-tl-qGqYSH_fmshxo8eO79ynNi7--KNWVw_XZOvDubu3vnNyJ-oJ5Hio67sOpiZLmNgL9iF-IF7dGCwJaubjoQ7qlYN36U7FqWxp_mkfSw1LbTWEaK7uXtmkvRFY2VTCdRCZttgvKesY6Dibz0Pr_tsSZqcizjTbgAfVc5FMaNtdY8ahQ-MJda1N-nRmngnHpQO5pHFU5M2z1DPGhNVcrfo1NjeZqi20yWFlG3et6gOqwafoWKcgd0msILy5pXHoqtN6BghksxWOS8N0V5eDl_snn5VOWW29vLE1nuEClJNEPWV7sgOE3oLjRP4_UtmUsUQU0t4TSV4YIvfybm97kUJDZL7ZxEU61kEUycd7YQTkWnEbABVLs-iJvQIYS2YnQ2ZqlqPgHjYFqAMqdvh1j7zPLSN2gEfZxzDoQdylLTHEoy6ELOq8TdQR_vf-kxKCimKvWg1_vVAazAC61gYvQUIrrk-PgtBAHSXIGGwMEKJjAZvSLDh5eiThlW9UMqzCUq3NEPf9bm1JRhN0RYADacGpbCwEvskdDh0s9bEd_TFa539obQ3DXiqK1gkf3XDPoKPScyMggEIldSJBKei4Wtk3RegxcyDKxQFrJSJ-f6BXA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
rid
match.adsrvr.org/track/ Frame 53D9 		108 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
1dcf3ac62434f23cfcec4f963a3c3c75f7f8b2ff6f061dfac19c8822e2d2ad25

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Apr 2022 21:42:43 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 16 May 2022 21:42:43 GMT
rid
match.adsrvr.org/track/ Frame 08DC 		108 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
1dcf3ac62434f23cfcec4f963a3c3c75f7f8b2ff6f061dfac19c8822e2d2ad25

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Apr 2022 21:42:43 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 16 May 2022 21:42:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=3951357139723597&bg=!xsWlxYHNAAZvJBiFTyQ7ACkAdvg8WjzwkhmraxM1ug5KV46DWfpV7MW4lImNHv1HBVjf--fHU1CnoQIAAAEBUgAAAAFoAQcKAIl6mxip0Marm7XV64ZKWkzlPFNpTwU38o2tvPoftUH1RYwMKm2Ta7jvZbAhIagC06N9QxswXuly-Dkx6ZwIiRQVYxGlGMWYar3wE8cWE7ER3lRwGhOtSpQ24Nm75bksRIKlCULpP4OqiLtjunWh-vmn-Hg3_IaAWkgflpBu8sOnx2c0YoHzQbdNUpkCoRnHh4_u9Lg44gHOadeASpw66132Zd8cVPMul3kKqRXaxCTiFDA_PplwfZzUvj59cLSD6fz2_bh4MMW8i4aZM3wzhTH5Heh-USZA1OIjpUeFTW3Gv72s7ZGvoHC9_R-U0tlUqaazpZEEP3-9m62KFtQ5LgRn4V-xzCq7JBQ0nR1pYdBnBdgoTdg230tMSn5VkMF5NeR1oFq9s7LDYfmZMDGY4qa2zn7K_2qp-ZJD9ih3fH20k75ZnyHZDxlNIon_2RQeFCIJqlaPK0tDZVH48LrVT2TaaAoXylprjdQ86lqDD9Y0j90tBq_wFxYYzAf9fTLXCN5Y93CRlQjgrOwNyyQOq4FZxInKWDTsCMCK0A_4Z-tQGUXJ6c5Zf6Sobk7rn8Pf9FazFEqCLQ4hp_ao4iZf4fLw06cBsWSkTRQOFfJm4zjC9JQJAB3rE6SQjM8-q4vmzh1iTIU4mCJ6syR3Y7s9lTHNxt0iESXZ7twEKf3Nh3WeQpUJOGcPi1wLmWANyilOANAgkCV5GO6UtoAemPdIpYIJUGjTvAoJfV0RjpT_R9itx-z0wDS7yPnoZCJtlTJ92u6bxRjbQt9bOmfwPAclIK9-_kWRnRYYRqwGuuUOFpaccVSQis8C5phqRESEL7WbJSjd2eI_qnQHTudoxR0oyIyhJr3MbVPGx-rR6qUk0yllgtVhwxR5_s97E24OTsiVoP4bQ3lhlANOiGFghp0PUYHrBu5EGxmcQHb8ssQiwq_i8bP8vfYJQrkV96IdNSQusYM6nEG1sdaV6D9dH-8T4YXlxIe9REG4nhwev_KDVGp8kRA9e2xqnaBYo3yNJogGlFagmnPWkMfrTKUq4fptY9Br0i6ONs5M8wZKwoXZh5ehSw-Iz4DgYvlDSMs-E0A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
pvClk.min.js
analytics.webgains.io/ Frame 9332 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k2q3v8a8qkft9qke1by941q88bsn5eknkdera5b3emwk4h9baa6gncg1mhf1syqzznzdf29av6qjce801744yqqf2ydq98y7h7vxey7bg6p7vjfbzdb5pcmtqberat1gxjty3bqx1ks3webhxhfp8b4h8berrjpr397v1se3y6t6f87nnrye0dqwbvvzf5p9bd25308ca2r3x04kqfvp815pkpya8vxccdckmw3473fh7pepawrhv4rspn7tvdhk4nmvpj38rspvp42d6gcx6bgzsyp80p34shmgn49darxg2xsnjryr7bp%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via
1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 11:22:01 GMT
server
AmazonS3
age
59950
etag
"101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sat, 16 Apr 2022 05:03:34 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
52083
x-amz-cf-id
J1wF0UPHw3n85HkTE4xslL4mL_FDgIfzssvISX8JEVPtkifGdzwVhw==
link.html
track.webgains.com/ Frame 9332 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuid0CHPBkCt9KGB00herJ4RsqJpMoFBmAOuasuid__suite_Netmix_Reach43_TopRotaMonth&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19456%2C24673%2C183376&b=3bgFpf14UB6QC7HrHAtEt997f8TWTRead%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2Cz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSW&f=WrpSrfYdsYJxSYH5HjtDCXXGaPTET4QF2%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C8QjCDfM8FRmYqSgHJHEtqCkk2UPTwT1MUk&c=728&d=90&e=dQia-2F6JaY4Wi8CWk9mJW86Fh73vssw&g=d2bd883441928ca536f3422781000d1b%2F12949471488947941256&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1650145363220&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktk789ynvd7q95e8jbwn28t7sx7y3szc401yb9q4j90wn2gh6jwbcw98gewh3vsezew0mgr4s18q78cybztkkc6vgxbm2e0442p87ekhh9j7pp6dvt1khd6htv9yzdmm04vyrsrf2ewn55f5ffm80my28eatzcw1t1zr0xm3dnf4djwxe2twpny8wwvhy58g0d47p40gm3gyppkngk2nj6c7wnpv205kxb490pyy0vzzj2bm5htcmnn3qphsz3xs268y7fcgjgy2fayasbg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMlP6UjhbYo3AEcnh3gP9qaW4C5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEngJP0Ep-91-NPMP-iCeGAeIpQ_fqYdrCcqQGQkeQOHKyNrnvP6-YQ9jAoAc4-_2U1loc4m7-wgYe0QtY2HvX5MUfihNZJeFnM2m7KIf5TPu2LXwtTUVcAlFKiMOH4yVG0WPnEFxjrLQA_1Isr4hwWuYRao9JMvi3k2v7zNgtFhMY-aSxELsDE1e6EA8dxvby6Qrn8CO9yv6ub-xkv-CyQoAj0m4-eoBkTnlpqAP6st69Mw9zYBKKk74J8IPAlPf2jshlSBme379lDnvABKqWhKEyI-fqgrwgqjSvojDXyCGaFebvlDB9OkcVpyNZEHLOBi6ak_KKgff55VvWuBKI3XVArKtJnRdQdDzBL5M1-yuA08LGUTiyBwtBESSGj93n4AQBgAaj4ejr-ezk1_cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Uxpy81WkFOrYe-tECApRxs3JVHg%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Apr 2022 21:42:43 GMT
Last-Modified
Sat, 16 Apr 2022 21:42:43 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 707D 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hb630e8gvezwxjhew0g6566j6t07geb99mmwvt3qb3v41yj9cznh0p9rqfjgxa9bttf3a4zp6gr88xfzpjxnww7mrhmmvmnpb6adh61qn9q60q171pyx1gpefjza80mm3djmjmnb4qagvqrv3vfc5z76gxcj7gt8ywcvcwbb5v8jvhtc0egss79585wjfxvtcp5pfgga6wzgf2p0k7zza0ky6d4w1fg3s3wbj19k7tx3r57c5p4sbngfz9h2y4acm5kmgk4tg6cx74tm5cpc4mmfr929854vs0p5g414ssfp8rmpvwge7g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&clickref=oneidApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9oneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuidUfBoEMXbxE87mkESujHOnBQXuZXrmQq8asuid__suite_Netmix_Reach13_BlackFridayPush
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via
1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 11:22:01 GMT
server
AmazonS3
age
59950
etag
"101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sat, 16 Apr 2022 05:03:34 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
52083
x-amz-cf-id
CorsGnfzxD0UdgohPtiH6jUy1LjuezXldAY_3ZsyMAM_hmn-Ku-f6w==
link.html
track.webgains.com/ Frame 707D 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuid75Fd6FxIJvkgZMQXuQfvw3BQqHUipwPaasuid__suite_Netmix_Reach13_BlackFridayPush&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C183376&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CApEhYf9mu2AE5hAHRH4tktMMGs7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2CMYrCzfjQsj3YqaWHEHGtQC661t9T4T2gu3&c=300&d=250&e=UfBoEMXbxE87mkESujHOnBQXuZXrmQq8&g=13623aba4e987db84fd3add32ed4d938%2F13202819415178429925&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650145363246&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gctbn4qa1269ey4960jm250ra89ea31wmpx52brks0djqqh03wq3vkh9xdncd0fam8zh9611bwftet0s01b3qjj3t3vcrav5eacpqdbff11nwhr37whgwea8ynfkznhhhyp85ax2aggq9vy84yfq38j9ztvx4s2yeg47bs5461qhv6m2r9tmp2z90wcs31sszf7zkk4q0jnr7vp4z88v73r81ty3m2pz8cwy2qgxh8p59m6jjpxc1h3nbxme9q01gagm9a093p8cn7jv7fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWARLUjhbYuehEpu13gOS64zgB5DhgYRctqjCivACwI23ARABIABgleKwgrgHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQJf_TUn9ySyPuACAKgDAaoEowJP0LtkniWas2xug6CzgoelyRlhf0jWn6ZOBhdHXj_wkKzrltf-NhVJEtN9Jh4330KgOMT9wPvU63Eqht4u5283SMuXbC2wrV-vtssJmmzbVukON_iurz8gflU0AT6AZzLZ3JyR1NLT3OJN13SZdrQyml6cTZwYgjaBJ7D0P9oAHe8hqHoX1MXQsSuthwskXUhoqR6C5Hx2R6AGyclc93nitIX126URGjnpcENhk27u3ORVfinFfQI1BWkq_KigEGlvvcNEWHm6B8MOB70G_m-7Qt-1pfUUqXhhTs3b5bTqCkUbgM-28-7d8h1syOOW3xzzOR3WZ3GYtymIA_CgBa4MFo1KIS3nEvHlDeAj4r2gEzG3pBNMNs2m3_abnj_iYGzCIVngBAGABq20_5ik46TPIqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Ns9IfHYMi931zGXkG87NqdCCoOQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Apr 2022 21:42:43 GMT
Last-Modified
Sat, 16 Apr 2022 21:42:43 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
tracking-event
api.webgains.io/ Frame 9332 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 16 Apr 2022 21:42:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 16 Apr 2022 21:42:44 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 707D 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 16 Apr 2022 21:42:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 16 Apr 2022 21:42:44 GMT
server
nginx
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Apr 2022 21:42:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3951357139723597&correlator=3646126443114473&eid=31066978&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&npa=1&iu_parts=281191609%3A5136785%2Ccityspark_oahu&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=34&adks=1413280974&sfv=1-0-38&ecs=20220416&fsapi=false&prev_scp=frstlk%3Dtrue&eri=1&cust_params=ip%3D0%26he%3D0%26fi_website%3D7470&sc=1&cookie=ID%3D93812bf541706c75%3AT%3D1650145357%3AS%3DALNI_MaOvyKbSukggtOb6fpZwRMq1FKr6A&abxe=1&dt=1650145366895&lmt=1650145366&dlt=1650145355972&idt=1818&biw=1600&bih=1200&adxs=1162&adys=3605&ucis=y&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=298x-1&msz=300x-1&fws=4&ohw=298&ga_vid=2089291300.1650145357&ga_sid=1650145359&ga_hid=1433776692&ga_fc=true&btvi=18&nvt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
25b385300a48db362249ddfe5235c5336b88a0f8181089c46c71f08bc631806c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9884
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA7A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:37 GMT
expires
Sun, 16 Apr 2023 21:42:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame EA7A 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:f400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
x36.VdYGgxOa.khm8UOcUw2ZsDnn9yDL
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 15:41:13 GMT
server
AmazonS3
age
4283
etag
W/"2e255a01fc5a7f15f75622d6026a710a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sat, 16 Apr 2022 20:31:23 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
kObmhs11HnoBC_K19_X43yTQO0wHBsSLBph6TqmviHneLtqeOkbVIA==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame EA7A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:27:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA7A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Apr 2022 21:42:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame EA7A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 21:35:12 GMT
l
www.google.com/ads/measurement/ Frame EA7A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-eTgkzBxldKUTAbs_JhtikSGY_u2zVJ1nCB8elSXh1odIfmPWrmUd4M-oFM0kGcwcHGzi
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EA7A 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 08:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 16 Apr 2023 08:15:07 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame EA7A 		0
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=791740
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2B5vDvpi%2BthCpqZhIJ7Q9bvm107%2ByHgOUKUo6H2iacEiPvUaaR3CV1qFqo2FQUr9LEhUDOa%2Bg%2FlZbZs4PGLkhAU4mWGCmr7Dv4JhX4MhJvUqPVWySo3%2FFAn4aFEC2PyQn3TMHgSG9iwj7HQxAkq3v46j3A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fd017b69eab59b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FuZ-d5kiNgnwnbgCtWbB
bc018626-2dc1-4866-888d-0139ce5cc87f
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/ Frame EA7A 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/bc018626-2dc1-4866-888d-0139ce5cc87f
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame EA7A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoNKSVThbYqnMEomp3wPDuLfgB8me0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMKAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSQAk_QHjpgfoOeKC4M6Jcv_d2Qkk8JTwHJhTgl-9Hh7HTDy2rxxHoCvP7FSW2gNBIwKBlIoivKYbDidSWzaGN9aqfYzBKB33Djhly5DKBWmaXDaU_RwhzLMl6VlK1UOvlBjjO03tglVI3GzWI3q4YPSnRKE1YcMP1vzi42xy7QomcgMAqmxrO_4SeqnwZULCtGIKFCgTkN4FWN4b36nm9oUrS9GBmm7oC0iVci_IWVf3Aw2u1pADi3jnkX3xBTZHDyZyghzEsGYMRlPvgCrmsUZv9K0HK0KmyXMvbAQJ6DB2DH5dt41dsAfQoNwXRMTWZ0J4YBABsrm8izXr7kqAroIx6DOdRKEhml44hVTOk7pl8k4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAHyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjcxODQyNjIzNzYxNTYxMBih6Ck&sigh=IFo64HtZMx8&uach_m=[UACH]&cid=CAQSPACNIrLMBiXzoQqNx9iwxC5BG9tIe_TJpPrMWZ3QlNgKfJ_EH3AGOOkX2JRaSXebe0YmUSRWke9H3AMosRgB
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame EA7A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=U7-yEvKUWKwC-gGdg2ICAgAAAHDupmh9B3kcC3qIsKZOUjYQVDhbYmA_lKRWqN2CmKqGABI&wp=Yls4VQAEpikKd9SJAA3cQ6YNnVeZpMCZ_0D2sA
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.129 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:43 GMT
server
Kestrel
server-processing-duration-in-ticks
188915
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame E37D 		48 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4VQAEpikKd9SJAA3cQ6YNnVeZpMCZ_0D2sA&u=%7CSH9tkSzF%2F%2Bi%2BP7aKofN8H4mvSbqHEc8D61aeJEwsvfQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnYW2pWqilYekY4q6Pi1HBDcq5QXVpOJ6KftnF0qKAJ_CVQnz_G_xpspeiYTYf4ySGcGZfE3tAUaMAC8j6kwqVMQdDxlrOPm7fYBtUMIXk2H5gzueNNhSo5ytGuv9OJapd1W1aNr1Gl7a7YvmEMjHiDJGVk59XDvrq3DK63_lSavkDFWlm7_hUporCg3zUeRn468-4YiW-n6U6TzTK9U4qLD0jf8DRqobmf6wesqyNCYFdI2bG-RHwGhWkqqQlT6DG2wrwSYMIhEGIdjnCnLA7TyvGBoz-9HyGIjgljF60Jq4daMmsgKUEC6NV23IK16Ssjm1tpZvAxLPLmr4esRH4M36GITzD4tNAzDk1uJxynG2vxPaEYGKa5u0E_3UuoQC6yMgY91V2xcd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU7bWVThbYqnMEomp3wPDuLfgB8me0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMKAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSTAk_QHjpgfoOeKC4M6Jcv_d2Qkk8JTwHJhTgl-9Hh7HTDy2rxxHoCvP7FSW2gNBIwKBlIoivKYbDidSWzaGN9aqfYzBKB33Djhly5DKBWmaXDaU_RwhzLMl6VlK1UOvlBjjO03tglVI3GzWI3q4YPSnRKE1YcMP1vzi42xy7QomcgMAqmxrO_4SeqnwZULCtGIKFCgTkN4FWN4b36nm9oUrS9GBmm7oC0iVci_IWVf3Aw2u1pADi3jnkX3xBTZHDyZyghzEsGYMRlPvgCrmsUZv9K0HK0KmyXMvbAQJ6DB2DH5dt41dsAfQoNwTZObPTzqBoSv4c_OBiO-EbtvABeKTCbu2CCL79XXJZ5VGyRIkybzCCR4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAHyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FBSL1c3MIkDgnoNf8gbrxg2AJTg%26client%3Dca-pub-6718426237615610%26adurl%3D
Requested by
Host: 3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
URL: https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abe3da6e2f2f933ca7b608f0148186cc49d7ef35a7a9319d316af489b98fd0f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 21:42:43 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=bCEuh3Dw8wNanMxe6kTwIJbhTFJmtnU06UPLJMTwUR4hfpJFluTJFB010WvQqjsJBYqayZ5Prn2_Dyw2rgQUs89HeAkT7HHMAvCFGOgUipqvVRvrN53ZfgWkSwucHmWmFJP1m1DWa1nS_KKrDGK9lPm6HF5-g-uZjLSEuOmodUSnMvoyFGL_GJ31VGvbehCVukpmqi4sy_9JT_pxoTukN2g_Pr_DuVjA3dbA7u9O4uklkKNjGt3-boCXXyeFwBxvbRpm3A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
6059807
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame EA7A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5040fd5605d96f706a060ed1ef3fd7646b4d0f358aedb2266b11f79dfdbadf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame E37D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4VQAEpikKd9SJAA3cQ6YNnVeZpMCZ_0D2sA&u=%7CSH9tkSzF%2F%2Bi%2BP7aKofN8H4mvSbqHEc8D61aeJEwsvfQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnYW2pWqilYekY4q6Pi1HBDcq5QXVpOJ6KftnF0qKAJ_CVQnz_G_xpspeiYTYf4ySGcGZfE3tAUaMAC8j6kwqVMQdDxlrOPm7fYBtUMIXk2H5gzueNNhSo5ytGuv9OJapd1W1aNr1Gl7a7YvmEMjHiDJGVk59XDvrq3DK63_lSavkDFWlm7_hUporCg3zUeRn468-4YiW-n6U6TzTK9U4qLD0jf8DRqobmf6wesqyNCYFdI2bG-RHwGhWkqqQlT6DG2wrwSYMIhEGIdjnCnLA7TyvGBoz-9HyGIjgljF60Jq4daMmsgKUEC6NV23IK16Ssjm1tpZvAxLPLmr4esRH4M36GITzD4tNAzDk1uJxynG2vxPaEYGKa5u0E_3UuoQC6yMgY91V2xcd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU7bWVThbYqnMEomp3wPDuLfgB8me0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMKAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSTAk_QHjpgfoOeKC4M6Jcv_d2Qkk8JTwHJhTgl-9Hh7HTDy2rxxHoCvP7FSW2gNBIwKBlIoivKYbDidSWzaGN9aqfYzBKB33Djhly5DKBWmaXDaU_RwhzLMl6VlK1UOvlBjjO03tglVI3GzWI3q4YPSnRKE1YcMP1vzi42xy7QomcgMAqmxrO_4SeqnwZULCtGIKFCgTkN4FWN4b36nm9oUrS9GBmm7oC0iVci_IWVf3Aw2u1pADi3jnkX3xBTZHDyZyghzEsGYMRlPvgCrmsUZv9K0HK0KmyXMvbAQJ6DB2DH5dt41dsAfQoNwTZObPTzqBoSv4c_OBiO-EbtvABeKTCbu2CCL79XXJZ5VGyRIkybzCCR4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAHyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FBSL1c3MIkDgnoNf8gbrxg2AJTg%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:45 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:45 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame E37D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4VQAEpikKd9SJAA3cQ6YNnVeZpMCZ_0D2sA&u=%7CSH9tkSzF%2F%2Bi%2BP7aKofN8H4mvSbqHEc8D61aeJEwsvfQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnYW2pWqilYekY4q6Pi1HBDcq5QXVpOJ6KftnF0qKAJ_CVQnz_G_xpspeiYTYf4ySGcGZfE3tAUaMAC8j6kwqVMQdDxlrOPm7fYBtUMIXk2H5gzueNNhSo5ytGuv9OJapd1W1aNr1Gl7a7YvmEMjHiDJGVk59XDvrq3DK63_lSavkDFWlm7_hUporCg3zUeRn468-4YiW-n6U6TzTK9U4qLD0jf8DRqobmf6wesqyNCYFdI2bG-RHwGhWkqqQlT6DG2wrwSYMIhEGIdjnCnLA7TyvGBoz-9HyGIjgljF60Jq4daMmsgKUEC6NV23IK16Ssjm1tpZvAxLPLmr4esRH4M36GITzD4tNAzDk1uJxynG2vxPaEYGKa5u0E_3UuoQC6yMgY91V2xcd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU7bWVThbYqnMEomp3wPDuLfgB8me0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMKAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSTAk_QHjpgfoOeKC4M6Jcv_d2Qkk8JTwHJhTgl-9Hh7HTDy2rxxHoCvP7FSW2gNBIwKBlIoivKYbDidSWzaGN9aqfYzBKB33Djhly5DKBWmaXDaU_RwhzLMl6VlK1UOvlBjjO03tglVI3GzWI3q4YPSnRKE1YcMP1vzi42xy7QomcgMAqmxrO_4SeqnwZULCtGIKFCgTkN4FWN4b36nm9oUrS9GBmm7oC0iVci_IWVf3Aw2u1pADi3jnkX3xBTZHDyZyghzEsGYMRlPvgCrmsUZv9K0HK0KmyXMvbAQJ6DB2DH5dt41dsAfQoNwTZObPTzqBoSv4c_OBiO-EbtvABeKTCbu2CCL79XXJZ5VGyRIkybzCCR4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAHyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FBSL1c3MIkDgnoNf8gbrxg2AJTg%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:45 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:45 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E37D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4VQAEpikKd9SJAA3cQ6YNnVeZpMCZ_0D2sA&u=%7CSH9tkSzF%2F%2Bi%2BP7aKofN8H4mvSbqHEc8D61aeJEwsvfQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnYW2pWqilYekY4q6Pi1HBDcq5QXVpOJ6KftnF0qKAJ_CVQnz_G_xpspeiYTYf4ySGcGZfE3tAUaMAC8j6kwqVMQdDxlrOPm7fYBtUMIXk2H5gzueNNhSo5ytGuv9OJapd1W1aNr1Gl7a7YvmEMjHiDJGVk59XDvrq3DK63_lSavkDFWlm7_hUporCg3zUeRn468-4YiW-n6U6TzTK9U4qLD0jf8DRqobmf6wesqyNCYFdI2bG-RHwGhWkqqQlT6DG2wrwSYMIhEGIdjnCnLA7TyvGBoz-9HyGIjgljF60Jq4daMmsgKUEC6NV23IK16Ssjm1tpZvAxLPLmr4esRH4M36GITzD4tNAzDk1uJxynG2vxPaEYGKa5u0E_3UuoQC6yMgY91V2xcd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU7bWVThbYqnMEomp3wPDuLfgB8me0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMKAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSTAk_QHjpgfoOeKC4M6Jcv_d2Qkk8JTwHJhTgl-9Hh7HTDy2rxxHoCvP7FSW2gNBIwKBlIoivKYbDidSWzaGN9aqfYzBKB33Djhly5DKBWmaXDaU_RwhzLMl6VlK1UOvlBjjO03tglVI3GzWI3q4YPSnRKE1YcMP1vzi42xy7QomcgMAqmxrO_4SeqnwZULCtGIKFCgTkN4FWN4b36nm9oUrS9GBmm7oC0iVci_IWVf3Aw2u1pADi3jnkX3xBTZHDyZyghzEsGYMRlPvgCrmsUZv9K0HK0KmyXMvbAQJ6DB2DH5dt41dsAfQoNwTZObPTzqBoSv4c_OBiO-EbtvABeKTCbu2CCL79XXJZ5VGyRIkybzCCR4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAHyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FBSL1c3MIkDgnoNf8gbrxg2AJTg%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:45 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 11 Apr 2023 21:42:45 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame E37D 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4VQAEpikKd9SJAA3cQ6YNnVeZpMCZ_0D2sA&u=%7CSH9tkSzF%2F%2Bi%2BP7aKofN8H4mvSbqHEc8D61aeJEwsvfQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnYW2pWqilYekY4q6Pi1HBDcq5QXVpOJ6KftnF0qKAJ_CVQnz_G_xpspeiYTYf4ySGcGZfE3tAUaMAC8j6kwqVMQdDxlrOPm7fYBtUMIXk2H5gzueNNhSo5ytGuv9OJapd1W1aNr1Gl7a7YvmEMjHiDJGVk59XDvrq3DK63_lSavkDFWlm7_hUporCg3zUeRn468-4YiW-n6U6TzTK9U4qLD0jf8DRqobmf6wesqyNCYFdI2bG-RHwGhWkqqQlT6DG2wrwSYMIhEGIdjnCnLA7TyvGBoz-9HyGIjgljF60Jq4daMmsgKUEC6NV23IK16Ssjm1tpZvAxLPLmr4esRH4M36GITzD4tNAzDk1uJxynG2vxPaEYGKa5u0E_3UuoQC6yMgY91V2xcd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU7bWVThbYqnMEomp3wPDuLfgB8me0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMKAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSTAk_QHjpgfoOeKC4M6Jcv_d2Qkk8JTwHJhTgl-9Hh7HTDy2rxxHoCvP7FSW2gNBIwKBlIoivKYbDidSWzaGN9aqfYzBKB33Djhly5DKBWmaXDaU_RwhzLMl6VlK1UOvlBjjO03tglVI3GzWI3q4YPSnRKE1YcMP1vzi42xy7QomcgMAqmxrO_4SeqnwZULCtGIKFCgTkN4FWN4b36nm9oUrS9GBmm7oC0iVci_IWVf3Aw2u1pADi3jnkX3xBTZHDyZyghzEsGYMRlPvgCrmsUZv9K0HK0KmyXMvbAQJ6DB2DH5dt41dsAfQoNwTZObPTzqBoSv4c_OBiO-EbtvABeKTCbu2CCL79XXJZ5VGyRIkybzCCR4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAHyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FBSL1c3MIkDgnoNf8gbrxg2AJTg%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:45 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Tue, 11 Apr 2023 21:42:45 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame E37D 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=5sBOEUbIe4DMPFxdzKgn4-7vqfk4vHLzIT_STbIHMAyUhGZRFq08VCFGb020jt6wQcLfBlkgMvsYxte0-eUZiyK1I_XdQPw_VP0LH65MvsoKAmXXk1FqzwGlElD_c0MxmvVb9-bLg5tdgUklIiunD9E4OyqHBq44N1Jm_oC-tS5brMiD8095JFcbwIob68pfesE-zL2OoJozZDr-A-NtBuI6kHSl5Ie189L2PX9AIhwaFZrrsuo_kjD53fxd9OwSmMqLyFws0cAVZ3Xosj-DsaLjDiplYHLK_DlFtfNAA6qobPFaJ6fteqoBtTYwCza8qB_VMXW14DvI0__rs2ksxUg5RsCj5jaXP4c-5URWuVDpbDnjVLSlybGTUzyCfgbcfHDRPBS8gFuAW60JG_f1i0Hni5Quhgx_ls4_tczRREKu6U7_zbiMuobHEBsfTsJ57_9hvw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4VQAEpikKd9SJAA3cQ6YNnVeZpMCZ_0D2sA&u=%7CSH9tkSzF%2F%2Bi%2BP7aKofN8H4mvSbqHEc8D61aeJEwsvfQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnYW2pWqilYekY4q6Pi1HBDcq5QXVpOJ6KftnF0qKAJ_CVQnz_G_xpspeiYTYf4ySGcGZfE3tAUaMAC8j6kwqVMQdDxlrOPm7fYBtUMIXk2H5gzueNNhSo5ytGuv9OJapd1W1aNr1Gl7a7YvmEMjHiDJGVk59XDvrq3DK63_lSavkDFWlm7_hUporCg3zUeRn468-4YiW-n6U6TzTK9U4qLD0jf8DRqobmf6wesqyNCYFdI2bG-RHwGhWkqqQlT6DG2wrwSYMIhEGIdjnCnLA7TyvGBoz-9HyGIjgljF60Jq4daMmsgKUEC6NV23IK16Ssjm1tpZvAxLPLmr4esRH4M36GITzD4tNAzDk1uJxynG2vxPaEYGKa5u0E_3UuoQC6yMgY91V2xcd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU7bWVThbYqnMEomp3wPDuLfgB8me0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMKAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSTAk_QHjpgfoOeKC4M6Jcv_d2Qkk8JTwHJhTgl-9Hh7HTDy2rxxHoCvP7FSW2gNBIwKBlIoivKYbDidSWzaGN9aqfYzBKB33Djhly5DKBWmaXDaU_RwhzLMl6VlK1UOvlBjjO03tglVI3GzWI3q4YPSnRKE1YcMP1vzi42xy7QomcgMAqmxrO_4SeqnwZULCtGIKFCgTkN4FWN4b36nm9oUrS9GBmm7oC0iVci_IWVf3Aw2u1pADi3jnkX3xBTZHDyZyghzEsGYMRlPvgCrmsUZv9K0HK0KmyXMvbAQJ6DB2DH5dt41dsAfQoNwTZObPTzqBoSv4c_OBiO-EbtvABeKTCbu2CCL79XXJZ5VGyRIkybzCCR4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAHyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FBSL1c3MIkDgnoNf8gbrxg2AJTg%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Apr 2022 21:42:44 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2933907
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
fc91354f0ebf4923b829904e1af0a332_image_ad_300x250.gif
static.criteo.net/design/dt/70777/220127/ Frame E37D 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/70777/220127/fc91354f0ebf4923b829904e1af0a332_image_ad_300x250.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4VQAEpikKd9SJAA3cQ6YNnVeZpMCZ_0D2sA&u=%7CSH9tkSzF%2F%2Bi%2BP7aKofN8H4mvSbqHEc8D61aeJEwsvfQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnYW2pWqilYekY4q6Pi1HBDcq5QXVpOJ6KftnF0qKAJ_CVQnz_G_xpspeiYTYf4ySGcGZfE3tAUaMAC8j6kwqVMQdDxlrOPm7fYBtUMIXk2H5gzueNNhSo5ytGuv9OJapd1W1aNr1Gl7a7YvmEMjHiDJGVk59XDvrq3DK63_lSavkDFWlm7_hUporCg3zUeRn468-4YiW-n6U6TzTK9U4qLD0jf8DRqobmf6wesqyNCYFdI2bG-RHwGhWkqqQlT6DG2wrwSYMIhEGIdjnCnLA7TyvGBoz-9HyGIjgljF60Jq4daMmsgKUEC6NV23IK16Ssjm1tpZvAxLPLmr4esRH4M36GITzD4tNAzDk1uJxynG2vxPaEYGKa5u0E_3UuoQC6yMgY91V2xcd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU7bWVThbYqnMEomp3wPDuLfgB8me0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMKAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSTAk_QHjpgfoOeKC4M6Jcv_d2Qkk8JTwHJhTgl-9Hh7HTDy2rxxHoCvP7FSW2gNBIwKBlIoivKYbDidSWzaGN9aqfYzBKB33Djhly5DKBWmaXDaU_RwhzLMl6VlK1UOvlBjjO03tglVI3GzWI3q4YPSnRKE1YcMP1vzi42xy7QomcgMAqmxrO_4SeqnwZULCtGIKFCgTkN4FWN4b36nm9oUrS9GBmm7oC0iVci_IWVf3Aw2u1pADi3jnkX3xBTZHDyZyghzEsGYMRlPvgCrmsUZv9K0HK0KmyXMvbAQJ6DB2DH5dt41dsAfQoNwTZObPTzqBoSv4c_OBiO-EbtvABeKTCbu2CCL79XXJZ5VGyRIkybzCCR4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAHyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FBSL1c3MIkDgnoNf8gbrxg2AJTg%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4ddb98bef9732a8caf32acb37b5799bd27556ca0f2a26b9b6e17b6d0d77b66b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:45 GMT
last-modified
Thu, 27 Jan 2022 15:42:08 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"61f2bd50-cc4b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
52299
expires
Tue, 11 Apr 2023 21:42:45 GMT
all
csm.eu.criteo.net/ Frame E37D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=bCEuh3Dw8wNanMxe6kTwIJbhTFJmtnU06UPLJMTwUR4hfpJFluTJFB010WvQqjsJBYqayZ5Prn2_Dyw2rgQUs89HeAkT7HHMAvCFGOgUipqvVRvrN53ZfgWkSwucHmWmFJP1m1DWa1nS_KKrDGK9lPm6HF5-g-uZjLSEuOmodUSnMvoyFGL_GJ31VGvbehCVukpmqi4sy_9JT_pxoTukN2g_Pr_DuVjA3dbA7u9O4uklkKNjGt3-boCXXyeFwBxvbRpm3A&sds=2&rev=81123&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4VQAEpikKd9SJAA3cQ6YNnVeZpMCZ_0D2sA&u=%7CSH9tkSzF%2F%2Bi%2BP7aKofN8H4mvSbqHEc8D61aeJEwsvfQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnYW2pWqilYekY4q6Pi1HBDcq5QXVpOJ6KftnF0qKAJ_CVQnz_G_xpspeiYTYf4ySGcGZfE3tAUaMAC8j6kwqVMQdDxlrOPm7fYBtUMIXk2H5gzueNNhSo5ytGuv9OJapd1W1aNr1Gl7a7YvmEMjHiDJGVk59XDvrq3DK63_lSavkDFWlm7_hUporCg3zUeRn468-4YiW-n6U6TzTK9U4qLD0jf8DRqobmf6wesqyNCYFdI2bG-RHwGhWkqqQlT6DG2wrwSYMIhEGIdjnCnLA7TyvGBoz-9HyGIjgljF60Jq4daMmsgKUEC6NV23IK16Ssjm1tpZvAxLPLmr4esRH4M36GITzD4tNAzDk1uJxynG2vxPaEYGKa5u0E_3UuoQC6yMgY91V2xcd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU7bWVThbYqnMEomp3wPDuLfgB8me0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMKAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSTAk_QHjpgfoOeKC4M6Jcv_d2Qkk8JTwHJhTgl-9Hh7HTDy2rxxHoCvP7FSW2gNBIwKBlIoivKYbDidSWzaGN9aqfYzBKB33Djhly5DKBWmaXDaU_RwhzLMl6VlK1UOvlBjjO03tglVI3GzWI3q4YPSnRKE1YcMP1vzi42xy7QomcgMAqmxrO_4SeqnwZULCtGIKFCgTkN4FWN4b36nm9oUrS9GBmm7oC0iVci_IWVf3Aw2u1pADi3jnkX3xBTZHDyZyghzEsGYMRlPvgCrmsUZv9K0HK0KmyXMvbAQJ6DB2DH5dt41dsAfQoNwTZObPTzqBoSv4c_OBiO-EbtvABeKTCbu2CCL79XXJZ5VGyRIkybzCCR4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAHyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FBSL1c3MIkDgnoNf8gbrxg2AJTg%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 16 Apr 2022 21:42:44 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E37D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4VQAEpikKd9SJAA3cQ6YNnVeZpMCZ_0D2sA&u=%7CSH9tkSzF%2F%2Bi%2BP7aKofN8H4mvSbqHEc8D61aeJEwsvfQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnYW2pWqilYekY4q6Pi1HBDcq5QXVpOJ6KftnF0qKAJ_CVQnz_G_xpspeiYTYf4ySGcGZfE3tAUaMAC8j6kwqVMQdDxlrOPm7fYBtUMIXk2H5gzueNNhSo5ytGuv9OJapd1W1aNr1Gl7a7YvmEMjHiDJGVk59XDvrq3DK63_lSavkDFWlm7_hUporCg3zUeRn468-4YiW-n6U6TzTK9U4qLD0jf8DRqobmf6wesqyNCYFdI2bG-RHwGhWkqqQlT6DG2wrwSYMIhEGIdjnCnLA7TyvGBoz-9HyGIjgljF60Jq4daMmsgKUEC6NV23IK16Ssjm1tpZvAxLPLmr4esRH4M36GITzD4tNAzDk1uJxynG2vxPaEYGKa5u0E_3UuoQC6yMgY91V2xcd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU7bWVThbYqnMEomp3wPDuLfgB8me0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMKAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSTAk_QHjpgfoOeKC4M6Jcv_d2Qkk8JTwHJhTgl-9Hh7HTDy2rxxHoCvP7FSW2gNBIwKBlIoivKYbDidSWzaGN9aqfYzBKB33Djhly5DKBWmaXDaU_RwhzLMl6VlK1UOvlBjjO03tglVI3GzWI3q4YPSnRKE1YcMP1vzi42xy7QomcgMAqmxrO_4SeqnwZULCtGIKFCgTkN4FWN4b36nm9oUrS9GBmm7oC0iVci_IWVf3Aw2u1pADi3jnkX3xBTZHDyZyghzEsGYMRlPvgCrmsUZv9K0HK0KmyXMvbAQJ6DB2DH5dt41dsAfQoNwTZObPTzqBoSv4c_OBiO-EbtvABeKTCbu2CCL79XXJZ5VGyRIkybzCCR4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAHyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FBSL1c3MIkDgnoNf8gbrxg2AJTg%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:45 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:45 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E37D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yls4VQAEpikKd9SJAA3cQ6YNnVeZpMCZ_0D2sA&u=%7CSH9tkSzF%2F%2Bi%2BP7aKofN8H4mvSbqHEc8D61aeJEwsvfQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6UlrM2Sm-wdnYW2pWqilYekY4q6Pi1HBDcq5QXVpOJ6KftnF0qKAJ_CVQnz_G_xpspeiYTYf4ySGcGZfE3tAUaMAC8j6kwqVMQdDxlrOPm7fYBtUMIXk2H5gzueNNhSo5ytGuv9OJapd1W1aNr1Gl7a7YvmEMjHiDJGVk59XDvrq3DK63_lSavkDFWlm7_hUporCg3zUeRn468-4YiW-n6U6TzTK9U4qLD0jf8DRqobmf6wesqyNCYFdI2bG-RHwGhWkqqQlT6DG2wrwSYMIhEGIdjnCnLA7TyvGBoz-9HyGIjgljF60Jq4daMmsgKUEC6NV23IK16Ssjm1tpZvAxLPLmr4esRH4M36GITzD4tNAzDk1uJxynG2vxPaEYGKa5u0E_3UuoQC6yMgY91V2xcd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU7bWVThbYqnMEomp3wPDuLfgB8me0rFc1Z2R93DAjbcBEAEgAGCV4rCCuAeCARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMKAB1bbS6gPIAQmpAl_9NSf3JLI-4AIAqAMBqgSTAk_QHjpgfoOeKC4M6Jcv_d2Qkk8JTwHJhTgl-9Hh7HTDy2rxxHoCvP7FSW2gNBIwKBlIoivKYbDidSWzaGN9aqfYzBKB33Djhly5DKBWmaXDaU_RwhzLMl6VlK1UOvlBjjO03tglVI3GzWI3q4YPSnRKE1YcMP1vzi42xy7QomcgMAqmxrO_4SeqnwZULCtGIKFCgTkN4FWN4b36nm9oUrS9GBmm7oC0iVci_IWVf3Aw2u1pADi3jnkX3xBTZHDyZyghzEsGYMRlPvgCrmsUZv9K0HK0KmyXMvbAQJ6DB2DH5dt41dsAfQoNwTZObPTzqBoSv4c_OBiO-EbtvABeKTCbu2CCL79XXJZ5VGyRIkybzCCR4AQBgAaouKLmi5jsnPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAHyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FBSL1c3MIkDgnoNf8gbrxg2AJTg%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 21:42:45 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Apr 2023 21:42:45 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=1&f_privb=0&tid=660ec5b1-51de-462e-9515-909f8cb2d0fd&pid=cd9bc544-5d84-46ed-831e-e6bb2a5ee54d&dtm=1650145368322&qnm=_matherq&visible=1&tabid=391f2f40-a0a7-4877-8c89-504dfd0bf16c&url=https%3A%2F%2Fwww.staradvertiser.com%2F&vp=1600x1200&ds=1600x11501&tofa=1650145358&vid=1&lvidt=1650145358&duid=777a22e8172a14b1&fp=2521163034&cid=ma15446&mrk=988352900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY1MDE0NTM1NTI0NiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNi4xbWIiLCJoZWFwVCI6IjIwLjVtYiIsImZzdFBhaW50IjoiMTM2NyIsImZldGNoUyI6IjIzMCIsImRvbWFpblMiOiIyMzIiLCJkb21haW5FIjoiMjMzIiwiY29ublMiOiIyMzMiLCJjb25uRSI6IjU2NSIsInNzbFMiOiIzNDMiLCJyZXF1UyI6IjU2NiIsInJlc3BTIjoiNzIwIiwicmVzcEUiOiI4NjYiLCJkb21Mb2FkIjoiNzI2IiwiZG9tSW50ZXIiOiIxOTU0IiwiZG9tTG9hZFMiOiIxOTU0IiwiZG9tTG9hZEUiOiIxOTg1IiwiZG9tQ21wbHQiOiI4NzcwIiwibG9hZFMiOiI4NzcwIiwibG9hZEUiOiI4Nzc0In19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.36.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-36-29.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 16 Apr 2022 21:42:46 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57
Domain
widgets.recruitology.com
URL
https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Domain
widgets.recruitology.com
URL
https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESENRZM8LQQpwdghkp_6bBEl0&google_cver=1&google_push=AYg5qPKlDrKfOPzdyWHCASSL_VIQkPCIIKshL4YTHPCYpJf_n825REjhrOGoRnp34P3A-oVGbd_eXq8P983iNWzbTwG5kXXl6yxT

Verdicts & Comments Add Verdict or Comment

261 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| x00_0x1aa1 function| x00_0x1b93 function| x00_0x412c function| x00_0x409d object| _Scanner function| pbjsSetConfig function| getGTagAdSizes function| getGTagAdSizesWithLimit function| executeParallelAuctionAlongsidePrebid object| PublisherCommonId object| PWT object| pbjs object| googletag boolean| gptRan object| prebid_bidders number| PREBID_TIMEOUT object| bidSlots object| outOfPageSlots function| loadPrebidAndGPT object| apstag object| slot1 object| slot2 object| slot3 object| slot4 object| slot5 object| slot6 object| slot7 object| slot8 object| slot9 object| slot10 object| slot11 object| slot12 object| slot13 object| slot14 object| slot15 object| slot16 object| slot17 object| slot18 function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| GlobalAamNamespace function| aamsitecertifier object| _sf_async_config number| _sf_startpt object| jwDefaults object| webpackChunkjwplayer function| jwplayer function| createJWPlayer function| loadJSON function| shufflePlaylist function| updateJWPlayerThumbnail function| removeVideosOlderThan function| createModal function| openModal function| closeModal function| createJWPlayerVideoGallery function| populateGallery function| createJWPlayerAdbox function| createJWPlayerVideoGallery_homepage function| populateGallery_homepage function| createJWPlayerVideoGallery_dynamic function| populateGallery_dynamic object| Insticator object| _comscore function| fbq function| _fbq function| __handleUspapiMessage function| __uspapi object| str1 object| HSA_OBSERVE function| lozad object| _wpemojiSettings object| _cb_shared undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus string| player1_element string| playlist1 object| player1 function| labnolThumbDBN function| labnolIframeDBN boolean| apstagLOADED function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError object| Rollbar function| rollbar object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| labnolThumb_2 function| labnolIframe_2 function| udm_ object| ns_p object| COMSCORE object| _cbm object| Snowplow object| cswidgetoverR object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| joinNewsletter object| ggeac object| google_js_reporting_queue function| pbjsChunk function| isToSPPAccepted function| setToSPPCookie function| getTOSPPCookie function| createTOSPPCookie object| AdRefreshControl function| setHSACookie function| getHSACookie function| _ object| wp function| Popper object| bootstrap object| StyleFix object| PrefixFree object| _cbq object| apd_options object| atsScript object| twemoji number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized function| recruitologyAutoComplete function| InvalidInputHelper object| pSUPERFLY_mab object| pSUPERFLY boolean| headerTagInjected number| insticator_tg object| InsticatorXmess object| recaptcha object| closure_lm_929578 undefined| google_measure_js_timing object| outOfPageSlot11 object| outOfPageSlot12 object| outOfPageSlot7 object| outOfPageSlot8 object| outOfPageSlot9 object| outOfPageSlot10 object| outOfPageSlot1 object| outOfPageSlot2 object| outOfPageSlot3 object| outOfPageSlot4 object| outOfPageSlot5 object| outOfPageSlot6 boolean| fifabAlready function| fi_fab undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| ats object| _mather object| _matherq object| tid object| csWidget string| gaName object| gAservice function| csWGa object| $jscomp object| InsticatorApp string| insticatorHeaderCodeVersion object| instBid object| ads_list object| embeds_list boolean| isPageviewSent object| federatedObj boolean| insticatorIframeLoaded object| confiant object| fiUtils object| $FIslowSelectors object| $waitOn string| ahm_cs_gtm boolean| ahm_cs_loaded function| instBidChunk object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| __connect function| confiantDfpWrap object| ampInaboxIframes object| ampInaboxPendingMessages object| dataLayer object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| postscribe object| google_tag_manager_external object| google_tag_manager object| ahm_config function| ahmpbChunk object| ahmpb object| mnet number| x object| ahm_adParent object| ahm_friendDiv object| pubgroup_config object| GoogleGcLKhOms object| _clrm object| google_image_requests

67 Cookies

Domain/Path Name / Value
www.staradvertiser.com/ Name: _cb_ls
Value: 1
www.staradvertiser.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.staradvertiser.com/ Name: _ga
Value: GA1.2.2089291300.1650145357
.staradvertiser.com/ Name: _gid
Value: GA1.2.865691768.1650145357
.staradvertiser.com/ Name: _gat
Value: 1
.scorecardresearch.com/ Name: UID
Value: 14Ff7937e8c827cf0c76dc31650145355
.youtube.com/ Name: YSC
Value: tFXzjI3-fTQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: uBm1jbmzbwg
www.staradvertiser.com/ Name: _gada_ses.6fbe
Value: *
www.staradvertiser.com/ Name: _gada_id.6fbe
Value: aa87004a-e197-4ea0-b644-2ce79374ce52.1650145357.1.1650145357.1650145357.843c8dfb-cc13-4755-a25b-06e542483e50
www.staradvertiser.com/ Name: privAu
Value: 0
.postrelease.com/ Name: opt_out
Value: 1
.staradvertiser.com/ Name: _fbp
Value: fb.1.1650145357409.930323907
.facebook.com/ Name: fr
Value: 0I6EPPKCJR3HVuGiN..BiWzhL...1.0.BiWzhL.
www.staradvertiser.com/ Name: _cb
Value: BMqucr19yW6Cqnniv
www.staradvertiser.com/ Name: _chartbeat2
Value: .1650145357549.1650145357549.1.B84gnIx0mX9QqmemB7f4veCd0jw9.1
www.staradvertiser.com/ Name: _cb_svref
Value: null
www.staradvertiser.com/ Name: ntvSession
Value: {"id":3200552,"placementID":1102376,"lastInteraction":1650145357946,"sessionStart":1650145357946,"sessionEndDate":1650153600000,"trackUserSessionTime":true,"experiment":""}
.staradvertiser.com/ Name: _ml_ses
Value: *
.staradvertiser.com/ Name: InstiSession
Value: eyJpZCI6IjU3YWIxYzgxLWQyZTctNDMyZi04NDFlLWU1MmJjNDhkZjhkMiIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
cdn.firstimpression.io/ Name: OAID
Value: GDPR
www.staradvertiser.com/ Name: _lr_geo_location
Value: DE
www.staradvertiser.com/ Name: _ga
Value: GA1.1.2089291300.1650145357
www.staradvertiser.com/ Name: _gid
Value: GA1.1.865691768.1650145357
www.staradvertiser.com/ Name: emailhashes
Value: []
www.staradvertiser.com/ Name: heCooldown
Value: 1
www.staradvertiser.com/ Name: _gat_csWidget
Value: 1
www.staradvertiser.com/ Name: _lr_retry_request
Value: true
www.staradvertiser.com/ Name: _lr_env_src_ats
Value: false
.adsrvr.org/ Name: TDID
Value: 28b8e28a-0a8a-42a6-ac97-fab13381247b
.staradvertiser.com/ Name: panoramaId_expiry
Value: 1650231757582
.rubiconproject.com/ Name: khaos
Value: L22DXV6O-1I-5ZOT
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpqk+xs4sTSUGWQ0NNjmqbPd94gXYLevqKsAHTXr+Vc7rmSonPnOWzjp+DLfj4MxeV95czRGi5AxQdqCkcJ2brUifSQQ4ZUv80ZLwUt9PGpAg==
.doubleclick.net/ Name: IDE
Value: AHWqTUnNXGDOd4FgVu_RV0q-O8zkL1_SyExaZiRGyVYi40yYOXCCyeuAZunxj4wHf80
www.staradvertiser.com/ Name: _sp_ses.6fbe
Value: *
www.staradvertiser.com/ Name: _sp_id.6fbe
Value: 7b5a167f-7ba1-4e5a-bff1-2a7288fdc416.1650145360.1.1650145360.1650145360.469e6768-6262-47dc-b544-8a2b67db884c
.unsplash.com/ Name: ugid
Value: 633126e89f64509f7236995eae2d2cc75500484
.staradvertiser.com/ Name: __gads
Value: ID=93812bf541706c75:T=1650145357:S=ALNI_MaOvyKbSukggtOb6fpZwRMq1FKr6A
tradehouse.advertserve.com/ Name: AVPUID
Value: 21213d3dea4ff2384b2b9489f7c2b495
.doubleclick.net/ Name: DSID
Value: NO_DATA
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1651276800%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 08E1500B-5C1B-46AA-9FD1-4C2AB8C525C2
.staradvertiser.com/ Name: _pubcid
Value: 034b8ce2-6280-433d-8e92-e9d2f99fc5b7
www.staradvertiser.com/ Name: cto_bidid
Value: m8k5oV9RWTdaR01BalR0cVdUU3E0Sk84YUVGJTJCQWRIaldzT1dBNng1RGtJWnJmJTJGWjI3T2NTa1I4eXRtMyUyRnIlMkI4VGhheHZTZUFaT09WclNjRmdLMlBxS2ZWSEZRJTNEJTNE
www.staradvertiser.com/ Name: cto_bundle
Value: r-i7OV9EYTJGZndZdVo2VklTcldhR3VwbkVWWU01NyUyRmhWanM2b3VCNUhFWE84S0wlMkJ6d2tPNko1d1htWDNreVVWRmJSd3B1N21YZDJKJTJGN2dPakFtd3VrQ0RpWm0yMVprMHBsV2xUcW5PMjhKekVjcGtQN1l6MnlzVXRhdmtUWUJyJTJCbjlT
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: pi
Value: 160074:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22D7098B49-4C66-4CD9-BF53-4A195CF1923E%22%7D
.de17a.com/ Name: guid2
Value: 1.7293699345942016029
.360yield.com/ Name: tuuid
Value: 08705670-f410-44b9-87a5-2a4253f591a2
.360yield.com/ Name: tuuid_lu
Value: 1650145362
.turn.com/ Name: uid
Value: 4563442548489683917
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yls4UgAI9Z0-wwA-
.mathtag.com/ Name: uuid
Value: e9b0625b-3853-4300-87bc-ca3627e30fa9
.mathtag.com/ Name: mt_mop
Value: 4:1650145363
.tribalfusion.com/ Name: ANON_ID
Value: aensIHu4YUcmqcn63g8VWdGEjGUghaZbjeb7OJVT5wQlT1mUTHs0Ve8BMwIsBAhPd3Za8SXuPqaFyrntvVvOgrGoFi
.go.sonobi.com/ Name: HAPLB5A
Value: s5610|Yls4V
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY1MDE0NTM2M3ZsZWExZGUyMDIyMDQxNjIzNDI0MzY3MjIyMTk3Njc5WDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZDNiZ0ZwZjE0VUI2UUM3SHJIQXRFdDk5N2Y4VFdUUmVhZG9uZWlkX19hc3VpZGRRaWEtMkY2SmFZNFdpOENXazltSlc4NkZoNzN2c3N3YXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzY3OQ
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022041623424367222197679X117679V1226132702MSoneid3bgFpf14UB6QC7HrHAtEt997f8TWTReadoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY1MDE0NTM2M3ZsZWExZGUyMDIyMDQxNjIzNDI0MzY3MjIyMTk3Njc5WDExNzY3OVYxMjI2MTMyNzAyT
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY1MDE0NTM2M3ZsZWExZGUyMDIyMDQxNjIzNDI0MzY3MjIyMTk3NjczWDExNzY2M1YxMjI1MTMxMTA2TVNvbmVpZHo0cEZSZkVZYXE4cFlTcEhCSE10cXR6enBhSlR3VHJrU1dvbmVpZF9fYXN1aWRkUWlhLTJGNkphWTRXaThDV2s5bUpXODZGaDczdnNzd2FzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g0M19Ub3BSb3RhTW9udGgxMTc2NjM
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022041623424367222197673X117663V1225131106MSoneidz4pFRfEYaq8pYSpHBHMtqtzzpaJTwTrkSWoneid__asuiddQia-2F6JaY4Wi8CWk9mJW86Fh73vsswasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
www.staradvertiser.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2228b8e28a-0a8a-42a6-ac97-fab13381247b%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-03-16T21%3A42%3A43%22%7D
.staradvertiser.com/ Name: _ml_id
Value: 777a22e8172a14b1.1650145358.1.1650145368.1650145358

11 Console Messages

Source Level URL
Text
javascript error URL: https://www.staradvertiser.com/(Line 4678)
Message:
Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57' from origin 'https://www.staradvertiser.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.staradvertiser.com/
Message:
Access to XMLHttpRequest at 'https://widgets.recruitology.com/lib/search-bar-autocomplete.css' from origin 'https://www.staradvertiser.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.staradvertiser.com/
Message:
Access to XMLHttpRequest at 'https://widgets.recruitology.com/lib/search-bar-autocomplete.css' from origin 'https://www.staradvertiser.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1273
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=382&friendly=friendly_21970536&pid=0&fr=400&frlm=1&random=21970536&encode=1&origin=https%3A%2F%2Fwww.staradvertiser.com&referrer=https://www.staradvertiser.com/&cturl=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssGVsMmJxNQf-EOyWajvoCOPUwX_T096jhe1FbEFi8cyyU4fyD2U62SJEgu0nO1sR1E9oNpA1-FxK6doL0hFXWWnbR58-aOltFU1WLCqq8x2w9td57G6okHGkr3_qY8p1lwXiqKjXJofYngVa7-3PisoKnQG_hXrGZOT8ycXEEnYx0QzMtOq176HcCC0Jh3iK_MPzlP50NWSTLywuSnUaDdzt6zm9qukoyhIQNwBKFQyUz1_K8DK0XOQTeP59J69uXkj_Stgtye00jXG-0W1sNXeW--MP_vf8nBYn7BEN8TOWeJJXUcfDWjIVtLE1sR8iFiKQ&sai=AMfl-YQSyOAT_3dm5_USLRgSC6vNDfPqSHP7rQbV348PquFkLBmDAiQ-VAkqRgnUsCE35hmGjFUUdX_qohNVuOuVVWSNF8c5tJGvuIN5BVLgXA&sig=Cg0ArKJSzPr1uQdbI1xgEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKVhXZxQg44H8V0OdDWhxSqoH_YOGfpEfWg9QnnTW-klZ0Bo74ueBgfqgcaGhxPRgVwuEa54fnIL6zm3ikB3p1iccubiVs
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CHBWcPQQRLmHpSpCU_WRog&google_push=AYg5qPLzyLNSDP2Z40dtY0N9EflCt5A_o9AlFNlH7jz2GOj0Fj9k_vPY9GK4l-_jQ5EVEYnsungAPgrcH0VPg01Zc3CuTgeYacE
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3d9b9521d1c417f4fc6e253f5995dbbc.safeframe.googlesyndication.com
73a9f1a8ff892cf71a0dc27b03637304.safeframe.googlesyndication.com
7eee850b4317c8ff8f0c4613a408048d.safeframe.googlesyndication.com
a.tribalfusion.com
aamcf.aamsitecertifier.com
aamcftag.aamsitecertifier.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
americanhometownmedia.com
analytics.webgains.io
analyticssystems.net
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
api.webgains.io
as.ad4m.at
assets-jpcust.jwpsrv.com
assets.ad4m.at
ats.rlcdn.com
auth.instiengage.com
b2c.insticator.com
bidder.criteo.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.cityspark.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.materialdesignicons.com
cdn.polyfill.io
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
content.jwplatform.com
cs.media.net
csm.eu.criteo.net
csp.azureedge.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d3plfjw9uod7ab.cloudfront.net
d5p.de17a.com
df80k0z3fi8zg.cloudfront.net
dining.staradvertiser.com
ecdn.analysis.fi
ecdn.firstimpression.io
event.insticator.com
fastlane.rubiconproject.com
firstimpression-d.openx.net
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
google2waycm.netmng.com
googleads.g.doubleclick.net
gum.criteo.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com
hawaiirenovation.staradvertiser.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.unsplash.com
jadserve.postrelease.com
jnn-pa.googleapis.com
js.matheranalytics.com
mab.chartbeat.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
onetag-geo.s-onetag.com
origami.secure.ownlocal.com
p.cityspark.com
p.typekit.net
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
ping.chartbeat.net
pix.eu.criteo.net
polyfill.io
prd.jwpltx.com
prod-rtb.ad4mat.net
protected-by.clarium.io
r.turn.com
recruitology-static.s3.amazonaws.com
rsms.me
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
sa-media.s3.amazonaws.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
snowplow.ownlocal.com
ssl.p.jwpcdn.com
staradvertiser-hi.newsmemory.com
static-de.ad4mat.net
static.chartbeat.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.mathtag.com
tag.1rx.io
tpc.googlesyndication.com
track.webgains.com
tradehouse.advertserve.com
unpkg.com
us-central1-kube-ownlocal.cloudfunctions.net
use.fontawesome.com
use.typekit.net
widgets.outbrain.com
widgets.recruitology.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.lead-alliance.net
www.staradvertiser.com
www.telefonica-partner.de
www.youtube.com
yt3.ggpht.com
c.amazon-adsystem.com
cm.g.doubleclick.net
google2waycm.netmng.com
static.criteo.net
widgets.recruitology.com
104.89.31.187
107.178.250.234
108.157.4.74
108.157.4.91
13.226.132.97
13.32.99.23
142.250.185.194
142.250.185.98
143.204.202.116
143.204.202.12
143.204.98.65
151.101.65.194
151.101.66.49
172.255.62.202
178.162.133.150
178.250.0.139
178.250.2.129
178.250.2.131
178.250.2.146
178.250.2.148
178.250.2.150
18.207.20.6
18.66.242.20
18.66.248.111
185.33.220.100
185.59.220.193
185.64.190.78
185.64.190.79
185.64.190.80
20.60.81.107
2001:4860:4802:36::36
2001:678:cb4:bbbb::11
204.237.133.116
213.155.156.168
213.19.147.42
216.200.232.253
216.52.2.39
216.58.212.134
23.32.59.34
23.35.228.23
23.35.236.201
23.35.237.64
23.35.237.86
2600:1901:0:76b9::
2600:9000:2057:f200:10:3422:3f00:21
2600:9000:2156:8c00:1:a3fa:7cc0:93a1
2600:9000:2156:8e00:18:1fcd:34f:cdc1
2600:9000:224a:5000:14:c3e7:6780:93a1
2600:9000:224a:f400:13:a391:88c0:21
2600:9000:2260:e200:1:a3fa:7cc0:93a1
2600:9000:2315:6800:9:78a:e540:93a1
2600:9000:2491:3600:1c:386f:ec80:21
2602:803:c003:200::21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700:3030::6815:251b
2606:4700:3037::6815:8fa
2606:4700:4400::6812:230b
2606:4700::6810:5714
2606:4700::6810:7eaf
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:800::2004
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:808::2010
2a00:1450:4001:809::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:828::2006
2a00:1450:4001:828::2008
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2016
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a00:1450:401b:800::2002
2a02:2638:1::4
2a02:2638::1c
2a02:2638::2
2a02:2638::3
2a02:26f0:3500:7::17d8:4dca
2a02:26f0:64::210:6bc1
2a02:26f0:f7::5c7b:e01c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::626
2a04:4e42:3::720
2a04:4e42:400::282
2a04:4e42:600::626
2a04:4e42:600::714
2a04:4e42:e00::282
2a06:98c1:3120::7
3.121.204.40
3.123.114.98
34.120.133.55
34.120.58.62
34.196.36.29
34.68.132.100
34.96.77.232
34.98.64.218
35.184.218.133
35.186.253.211
35.190.0.66
35.244.184.131
35.71.131.137
46.105.202.126
46.236.13.147
50.16.121.35
51.89.21.5
52.1.176.199
52.160.40.218
52.204.11.137
52.217.87.156
52.28.203.152
52.88.84.193
54.154.13.151
54.183.116.163
54.210.75.204
54.214.32.184
54.76.212.160
65.9.66.173
78.46.85.162
84.200.5.215
99.86.7.126
99.86.7.88
0159831273549544cb9ff04cb7f31edfa5797d9aa4bf1666636bdca542479b76
018a6ba81f499f8c19ed8bf09b3f6fbe80ba35248a1fa3b1f92328d4533fb6bf
0194dc312854a0f4ddc77818b38a1f0f7b430f6ad82bad206d980c1b30029d90
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0345ed2ecfc4d7ee8220036ae308b161cfe20c0d7b54a259019fffd93a9c75c8
039e0dd4ee526801e912794e3ed8cb70dc2539b3d567fae2f059a69ea226eefe
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
04747005bea66573295b4f30b3ac94c148a18a65e077122a43f2ae70b325e270
05488f9b88e6509afa4c9438d1352309aee2b020a508c76d66f5691f03824ff1
05a7ed107baa434bf854403602197874b7ea5c72052c23bae91be43c350396e7
061983029ccfda624e44d49a0cddb5b83ce086e181f87a9047d26c43aa7450cc
0697912270d4ad04615851261fa60a3db4bc88e3c0316d1c97fdd3a5a7c68931
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d2a3dbfcefdb9d4a7b9bc3db0dc8114ea3466bb9ba8b77376b44704b358494
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08bd677e497cbe3fc879bc6d37e2b73424890d338beb07e0f4bcdd85f1907342
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09dc0765a9dd7efe2c16814e023c0509771ef4cf8dd880a306c59b765942d983
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34
0a2176bad5be68ea7fe742d9ea76084443f8891101898e212361a057b291ca62
0af1997a20e09d2f7e5e31e60ec1e45db7a9108cd0cb334e709b594ef980bc6c
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c269a4b6f25843c02270e1f1661fe75b85ddeb2f84c4b85b0e16dae174acc05
0d7833196894b879b5e83c479db940de5f0633ec37b73e6bc075773ecdd3d3d9
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c
0e6522c88098efaa5e6fb72f191724df307f8c73bb66bdf7be0cabcd585c1dd9
0f4ea85fb3bfb6f7b1f3e703ebd4dc4a5205ec59f2dadda76cc70d3e2729736c
10302c90ed3abe1d93f18992147e65e2b314d8382f3ce014d8722a7ec8c036fb
107e43171fa586f75487c945e508a60a851cba9528990a11c9c4174009b83ac8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3
12617a86d84e318f81b68310fb64c66b79059877e1b550d2e7a43472e0c417f2
144af7bafe02560b9d2ef48a35c13844873b533d84db56b03b0f19263cb7437f
15d8c620c462a0ca4ebed3dd15aad7d65aefb6f69e026d4751e777552eed042f
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bdd3e645e5be204ed300083ad58af70cd5eb69e6b4235bc5b6f7e98170951f0
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1dcf3ac62434f23cfcec4f963a3c3c75f7f8b2ff6f061dfac19c8822e2d2ad25
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e71f36640e275fc5241971fbd6db225d5fc81f60bdac11335335f7385173b67
20fca50a002cfb4fdf32fc356fc590474a5913ed14353a9cccb0358d45ba61b5
2134c475d6915ec706aa8aec9b78d83297cfaefbf42c70ed818766168f7c73dd
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
2144f492651e42e0a4622e154074689b77e41d8508a185c17b2d180183a8aa7d
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480
21ae863e166094b37618bb195db2b44719d89ea2f7748b02ef140c6ed03f0370
25b385300a48db362249ddfe5235c5336b88a0f8181089c46c71f08bc631806c
26e859295e244acf647c63cc31a0eed7527f062a3cda5b1973e5e275d1f71dfe
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
27a248eda1fdeed115a09b6721edd068770883206d013e5b493a12aab50a7c41
285ba0faf37195c99cf20e24e587c3fb58d083e80df6870cd0903df85e48b495
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107
2b174c2de49f6aa7f8b72125c63c163012b9ff34afdbdaea39b4c499e1d16df8
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2c629f3b623d16fb8a2a2b8867293e50798faf2032da7c75d3570eb684dcb9cf
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f5b172a35ae6a4ec4d980b99ebdf699c4b9f00fece2b0473f7b81e6cc05d98d
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
3158f95b2c7af6dbf14bb10285c9c1049eeba6cb37a50340a185c4cbd1204385
320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8
321419526dac7fa679d32db98b8a838479556325f5e2abb10707f065ca3081d4
335153e47a75d27f91a735b8e0ac38cbe09ed489483801b50a78f0a3beecabed
338be05f56a3a16bc3d0f3027460cbcccbe587b4d054a2c78fe080d3c8c13a58
33c002e144d2f01a2b5ed89a40dca710f0ac4d04fe7e3ca0ccfedf93e4adbb63
357ddd40fc3953bcbacdd5c891db4724daaf159e9a0d57b63e140cc6fc920160
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36ee31f962e951741ba0010cd12e156c417c8b53f9506ae63afb5e93d13744bc
37b3b241e9da8db2774684542b00708c1ce381dacf56a3b41ff150c76b98497a
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3a20b0a28acbaafc252c351568cea2945799c82eda5e954787a5b39d7dbdd4aa
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c0d71a3d0613b64d56e7d4a14fc86a75aa85308a82122ea80bda1fa29022be2
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac
3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e51ee69dd9c30198ed79a8b728c45a6a964c1e6f57fe515afc58e295b878390
3eabdad7e320bac8a77e4e7cdeeb55a9f20ffe39197f3f7362f26dbcff168f89
3fbf983539e9ad5c26bb42d802b6a582eec8af6498a6e85dfd8e9c4ebe113176
405b064828676a3169ad7b2477629478e200849f1d0e5663ffc4f183a6d6001c
41169f49898863a390828b2c3d121568952aac2bf27bf12af27012538ef13f45
4142472f067309c66c13203d1c9f47d60a7d91753f58c38c92fb5f082ee24fa2
419e764f9ea4545af6ff436304d2b73f965e7d5883cade5ee3519d0e8d64fc25
42197f868c8a022a8f36574a2ce910d007c7254e7282742500154471ca82408d
4382d43b9490d117e0dc239d2c97c80f0a58a68cefc107281d10cfea4c967b72
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34
460c11c62d12a25d5a0c6d967bb71d2177cff4a9a8024540db39a1782b1fb829
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49413cc48f78b34219e4dc39751ee2ca656a37c02cd4772a52a7d3bb1df4e81f
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20
49873f65401798fbd7a889c24036467ccd8669c32ff1eb5ac40458277de622b6
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a1e461db7b0618f2e0cd269c9b24e10c0f8637f08039741e1855628ce1bee56
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4be319fc7e78bf1beb5b73bb76e33e445bf3170ebcd66fd72639743115287a2a
4bf18e1ebd8c67514bc2be935fd634c3d51a2ac8aeb63bebca1511840c1ecd43
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925
4dab582b3815ee8db6e755ce2664564977a02b443401c36de65033c6779808ff
4ddb98bef9732a8caf32acb37b5799bd27556ca0f2a26b9b6e17b6d0d77b66b3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e433559fd43eb30dbc17d639eb7686547d3e7f19b78b349ad8c5fb31fe5b53d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5022fcf9de86b31fb30f480f4aa29fe96298d33242f5455a778da9f3079550b9
503fd176219571ce3065115441d7eda150638a70ccf4a510c64588a207ee2279
504a6d83076b4ab86e5b24c472ebec946c46ea1f4b5575a314d7b46d404f0af3
51ee895958f8cdaf9c972b1cbaa12dfd82c718d1d49ff0d67aa33b16a9b1d252
524cdd44fe975bed617fc400745293b1d4fb0b39350fbbcc1a5e6ec5dfe10dc5
528b92d15890f91b9c9a71c7721881bd47cfaac3656447005ef3f012507cbd08
52992adaeb6b6780d8b514544418661d12d97d58c62127608de7f431c10aee19
53a2c7f03de874b71be1114f550160dd82f1579bf41d351c7539ff81ddaaf3f9
53d9315ad819dbec6c644cdc7198c5e19bf01e8a5a5e90be0796cfc3b0ee57ca
541cc61733a38965defcc7ebc4255b9523685535b9986c9342de55fb7754025b
54f8524170a062a6c2bbab43bef02e5ec57496a97ee83efdaa44fab2990ba7eb
556ce1343a0e27d3aa7cffc8b7c8ba6112a462866ef9ae94a93eca803676717d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f060786cba3bdedd138710eae2c771b44924e62cdedd9f79d65af8fa5049e7
574f915470372a47ebafae1ffe05a57f125a575ad589b5bc2f9a282ffd03de26
58424e2c63e228d3358ea0dc784018d626d9854366a9e89c292fda33ad15b237
58673cd08a66c704c471054d9eafe0f32288dfd8baa0f3b0ca968aed77b0f016
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c31cd4ce31ecb87cb9c7d59a5c65985870ec36446b9b433dd8b1c1ee4efd9b6
5d725677bd5195e0d548c51683dc017e117c4c396f6cecd329c079d80a8734d3
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5e48ed642d90136a7944773eeb5f62fef67e2874f87376d380a3d91d35a9b4ca
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f947955bcf86317234aa605c441e78749019b4c1d7c9ae402a81381462fcaae
607621318571f4c48784c196784133fb7ea6db9c1ad3fb28deac95d17d91883f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
653d4cf53d4120f3778cbb4f58011c7c7d0dc54985a0fd7dc1b9f06c2417f69d
6794713d596111269c8f8fe73a576727472a68a4db0fdee82db66e8af995a96d
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
695653c47c039eca0959a93f7bfac47d11452af6f95e4a850dec8b1863a18f17
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
69fac801b387ed7cacf011fd6b5bcf210a8179bbf4abbce1553d127ef4249861
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
6aa4aec3bf9cf0b1c0b6ac8db92c9c0126c3642e0ceb730601a0d2db7083cac3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cfcd364b527a8c6adbdca911f3499783a6db73e10c5b7c44d414add1b889289
6e04445baceefe3f6bac0d4b371255540a174c1f4d81211e17c90d322df96b02
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8
6f2c6bbb2c6ab4b0501c65ac2118b8de1d5ba43d3fdfdcbeeed99e6a5a12f780
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
70cb3941a36929cbffbacadc6a313051fc65474cc7bc1ccc91156c5e6ae185c4
72ebdf933f58e4d763ca91b8b9e05c09745f7a86ec52f7af46cc42498e0311fc
72fc76a489952ea8ad70eb417fc0803fbea5ce5af036ac979d45dcb3ef3dd849
73cddacb83514c983884c3ee8ac4e43390449e1d0c3d8044983556bdccd658fc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
759ab653bc62aa00074c5006eee8b3f9f5bbb16183822c1ead4888c0265c82b3
777a9a14ed6810e65a978e54dffce150d41237cb42b645580fd45d324194c39c
77f378bc163a45dc3f65af85346244c0d0030d7532722ee4e7818a8ba7c422c6
79550b2162568ec7a582e6aeefac1cc28f04d1745ba220c265680ebd1e1e67a2
796d881d16a8d12aa32e951fd668a3a38eee975907d801a9c0fac75cf1febc10
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a530176df4dcd814157997ed1a82d6e645043a4dab571034cf5600b4ddccdd4
7b99156a25ed2ba93d8fe9c37cb499b2b44b6f2ac57be2c3bd3add651b995e50
7c7ef0a2aecd032ddaf97323b10bd1b4ba42c6d367ab1be26a0287354d445e49
7cb4b91714c9ed8f644ab9e033a9516c9423ff5ce44f5727780c5e5b5de2dd1c
7e53cbfa412f326c0996e6044f8b531c81d71f4ffc5b136ae162bafda1290709
7f7a2eff204787d41e37ca51909b80cbab14e7de622a15dae5b0c568b84d6335
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6
8487d41ca17d8093c38d0a4adab49502135b06bc26968ce786b5a1f59ee7cbd6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852c18a952e82ecf45bc9dcf2e595982ce80fe09641518f2a1e574835279bfd8
8667745a535706a55615dc0710779cd8eeb157cd5bae8f8d470b589409c032ec
86e1c71210a431c4da26faf351b0bf924895d627aebaa68da0e096ba6df2fbb4
87228b5246ece9b12bac05b438794791bb67239aab563dafb7e43eb4ddfc8fa9
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87594a84d607a02144146537733bf9e21c512577b04c18294901e43ef7e77b42
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
895d3bc146a7f651363468ea05d05f5b9a8ef2149601cbb5f8145e4072bc07cf
8994b54cee931abc74f31e59173d788f51288f68cd197864d9ba90d02da311f6
8a67d8b1be1469e2cb3009f299cffc29ab1aca247cfa9d4ecb57402c82091175
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8af995fb113b245281b143a1a8522e22decd26f394b2e6688825e057cb3f47fa
8c1d45253ad5a881d43a70abc42d9937084c0ed13ba962ed63da4b255c78e316
8ceb1389b4b75a583ec1c2d47b1dfacfb2e45ee4f3c87c450be33c26b89d4c81
8cf368d3fbf5245e5a8f771e7df972c0e076a0a55cb52ebaa2deeb4c852ee559
8d0123b56b3c7c0139f606b7a0a893e2fd8507b01f599b4b35c5b25815028141
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ec9ef970365aa411100cb557249ba0e53b19467584a913ad5dd4818d08b96d4
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
922f3471c635c696de732da18714c1f54e6def0d1c6c8179adb3c5993e3f8695
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
95172f8b627381eb371cfe383c7d06a5613a7800e121144b991b6f59fd324191
9634c0f74e9ae93ba8902d8c43d251b628dc6577b86ff6b9e265cedd3517f28c
969c577b1459c03ad78597e6c1f13a836dc74a439e9c17b0094bedf4d312e57a
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
97ac8fa78bfe04aeaddccc6de559b0d914f1d79600a262b2c0a80e82265b8b5f
982fd78f58ce2a94e199e5b624969a8e7261b31955160fce4d1ea98bb36bafb0
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
9877f1bcdef2a8242574907bf67bdb73dcc74b537ed54ee439a89efcce63534e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba86aff81024b35b285cc52b66be13441a0ed20cdec37f2c7d3af507681a6a2
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776
9d524ecad3a98026261988a75e14236839cecd1f1cb56453bcfce0668676fe92
9dd71fde8b68b24a62896f4b71ba69657a248ce16383482f23f3640abfcad8bb
a008d5a4fea7f3a1e7dddd233a652e98807c595faf41fd60958b3151188ab060
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b374cb5be30cf745d18c8403fcf6d68c68720a8b72f6205960a38231056bc3
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3d2e1e7066775143da6681809d6f2c359736315cbc6457e1faacf8647f3e4b9
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a479479c821792cb373e425a42071bca2119fcb108a8bdc23718b24a4ebb6f4c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5040fd5605d96f706a060ed1ef3fd7646b4d0f358aedb2266b11f79dfdbadf5
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a539dd9b2a5bf0164ca4af0ff06491912edfd76c3c41681fc61da6c45283c5c0
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a6863f6f2714b072421d8d4561d6bc4698b295983bb69cbe450412946a183f46
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a99ec5984ec0d266d89c0325a074ebe5c5a141dc5be84e85f22a853dd9c1f32a
aa22f02b904df277a53b83bc1966728c9857fb417d4d8bba3e5efcd3b8a84006
aa6638fd6b14135367c46826b3dfea605fa7da5cca33ad8c2429456508826bc9
abe3da6e2f2f933ca7b608f0148186cc49d7ef35a7a9319d316af489b98fd0f0
ac03139c9a76863f84e67d3ec0b8bf2379d66ec51230c6726cb9510d077bae32
acc3c4b04f19bc9067921dc3e4ce4f734521bb13b9d0c9943e8fa9585797114f
acf081d72afefbf443516e182ee644e04662e17c9381123ccaf60ef8db66f425
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
ae560147811e1c76b5061cffd724cb6a148e633f4e23c601a98949f4b28dc770
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afbb0b0469da4b0016476de18cad1eec612610fe81d12d7f5704e9c7c3a0cb7c
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586
b24c7666c615c18b50d90003a99ea5f295ba8f4c13af27f24a8bc105c7a99105
b26cc68208ad64a9f0ab116e2114198f21611c3d70b164a03a2a8ce00fcd8c38
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
b3d53486bf39167c16013662da7df8f9f1a0b10b4d6238cf611f5f44f676254c
b4a8ee5d885e23ad8dadb3703e5ca5be5c893fa06507b7d2a3ccca007af070d3
b6a1cb7af8a626339a45d22b7a0bdc6e5e6570aff1e8313680e49fcdc21dd574
b6ae3f006999b1d146337f1c75859d0a40399f09eda1c260f7d47930c3b4dc04
b818c83cb699a992c6ed8b6946c577dd312fcadf5f5533a0e19c77c17932d04b
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b9992e87acdce0b56ae06a416a40ba5b4771a9cd7701d97e9487044dbf1b65e0
ba1bfdef6fd715d9b9c3d6f09f1d1c46ae3e1abf8344750c22af4e57d1f7ee31
bba2c26504fb78a647b11f2899658f903be695b28af45512c2d0a8ee205d86be
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
bcb8040a38eb5f6cfc9b625c2b0f2045e4636b5c1f8ba39ffdb4f0f2ebed6046
bce1043a90649b2b48f68d0480d338349f9c5548ae5cee6f110abf10acff945f
bcf659710071e7b9fc2e9687ccac9e53a69c63068acbce0013c9ffe351a05026
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
c1a476b3442043756f97fc98c480c06c65c74207e12ae6ba150eee21d7eed067
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c3d49a531d16798ac46a461df7bb96259d846bdca131321b68866af9152c9e75
c5c7080e57de1a64510b3df64dc038d8a969431f5e72710e532d0fdd748b8c64
c6d36a345aad21002e4db0c4578eba8e9979a61c22f112f55ac95c166cabdaf9
c7499cc0a4079d0d9aa9910c5f8fbedcb21abbc4688bd104ad91894ffddda16a
c788f90bf0689090c6c21afdb9ed6b79c26ac4b0de79ed4f1daf2df727981538
c7d3b06695597052a85cd5b46e5e6ec38831dbb1ce9d6eb42a9858513321606b
c8bb36b8b214b54eecb5688cacd28254c8d1fbed289333c0f7e76002aa2c17a6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cabbba11d9e2450476d8e56e0edb454bb764feebb402d5376df72859ab8a9a43
cadc72dc81a8e767b3da7e015267c1ed4eb439249277937a2e83f7d29876350e
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cb1650360441fa7498a4a668b992636eeacb97b83be18fa20ec2b1ae27871f6b
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5
cc3e93836a22a8cf809b29928623d540c5847381492a58727f0cb863889cf0c3
cca9f6b040a38d600fa5515876e9cc2185da96ba16e2a7d15ce7eaa59b16cce4
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
ce295ecb7bec5b1f5ff5095f5d37cea6f2cd1bf5cf2c579b9f48faae6a840e35
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
cf28d4f0589f80181977ac327a3e616abfcf74aaaa560e5bd39d818c344d6a99
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa7a03558006522a62cff68598a23b5df942a302f5d562ea8a1757465314e40
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0
d239ff9aecb533ad3f50e56353e376b3c2b1df23708726365292282bfebec2c7
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2be56cea1a4dcdfe58a21865c56188678e70e0cb288a965f649829ad71d467d
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19
d55df5fc0e03548dff792836d8efebc013f67a664991951bf7a6d45b28036786
d5afb2be052d86924359204e0150dbb7f26392deda50851a104608ad667865ce
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d71e8cbdb53102b681f51bb059059ea3eb93148b75426a076f6c9206620b1008
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8039f12fcbafa84db3de9a264922b585f5edf1280e958cdf5f0f227657aa482
d85e7a9efc0ca2e08b8c657bdf56d98ae41a63bf5d7bc786bfdf773ad1541850
d8921a0fcfd2507826836106dcc06e0612c413bf3797cab39402171724b32df0
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d9186bc00b3e3fa7bfadc0d7332d62f8243ca9fbc60fcc868f64e0a345bc779c
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da8be1026d06a35f9fc60abef3e6e951d436aefbfc6e94487a1fc86337c30e42
dca48f3a946bbfa6545510ed71076aa805c1b8a84bba5ecc79fa39ccfcd088f5
deb4323f079912a5283042639953033bb16d509a0c6aeac9d8e5ada00e8d15df
deeba1f14bea343d707fd5725a9dbcd7a9fe2d310f6361a95e24a90bb4d7665a
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfeeb5cf9c0221af7dd87c0a6396e8645f3a73679c47aef976a735c429a0d8f2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0f9afd978bd46213b0bf16a6ddd54ef257e84dde88e9b428c373b501a2b0b74
e137c4d36b26b9ddc8867f69979c60f1b854318c0cd21ac9ad1361410997440f
e1492d5e8bde0eb89be6de49b447802fa96fb5b253b63a8c3900b85b0528e62b
e2460d1c659188d930048130b5f4801a3502602ce91ec005a44514a6cc4b5f12
e3a9cf322cb19945de4c50329a80acd3a1b06dce6ab8bc822d01de0dc76584ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e330b75bce30e11721b1a4d4afc02a6ec19bd2b9c9e5cf8106ad097e402b8c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d3f7cad9534723e28aed704f7f5bcbb7f6a2323b2c29f01aa09bc3a46c930d
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
e9e466cca00436a8a6243c7c991fa4bf1522345b51e477b76a2146ccbe6aceb4
ea61548e9d5031954bac5839724821f0aa82d3a6ad15440cd592c551f21fa3b9
ea7c517a779bac4568cd357ffa1237072d8a58020446b627c9daaf2db4791a42
ed3a0b2b95507edaf7bfa6652d0e441c1ad5e9625836fd897f13c3c439525839
edf77ee39ae244062a1940991c0782b8d61798908ceb9baeedd81419e63416da
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee748afbc8c3c439eccc4592e71ec54c04594fd50a3ed67316b509ab631b6f00
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef337d2e2e8fc907c4186a1c6a25aeb62d78a59060bdfb7638b5ea07f5c4b4fd
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97
f021ff3fde1c3d423b9c5c13ede530bfad5ce884a4e27684df50942fc28132b5
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
f101acf539b2a1972b876080ed8642b8f57bf9f83fca48e6621474df1a7374f5
f1271a86d6ea47ee59ce088a27e45eba9fe5ebac4fa2cc0fe5217aa36d82229b
f2aba27accf7f080e7ae4cd31a180c51ca7b3937d1db6096f7c640ca2dc94d57
f2eeb0239e68e7302025b6809245ea71b113f928706809579ad4ccf2dc75a2a8
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f56f9a5f89b86e6c6630e625175b4baddacde8bc050edee50cea4e4a234debfd
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f66465da73bd50e9ead702e0fc63ef50f5e0e665214d2b196ea50b8f077718e5
f69b20025bce19118dc32040133cbdfaaa31b4ec09d91ca885e8fc46d9f4b36d
f6c85119d3e1dce2ed1e03b27631e7aefba4c13731ef709833582051e1780238
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7008fb6ed25a1eedb24388fa3f2024f7be118b310d492699dcb6b3ccf06cead
f78e3422084b9a403f0d1fe0657cc8464a8b9ed4535a374608974e70539422a3
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
f94c0cf4ee6b520a79f91ad3deca4efe2c83ec5f82bcc40f4d53179ff9d7e0eb
f9f19f8b1e59b8950e55cce8fe48d445d6220c1282467d6cf12c2e644833fa65
f9f282849d1cf8f3649ab2b38ee674050c4516b9cafe0c8eb5be6f7f5ce6a529
f9fbeaf40d2ffc26488be92110e35c3714a07273c7bc4d79f54c22017254991a
fa16bceeeef3f7826655058b508207aa91e3211c598e39a4127cad70c5b39c9e
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
fb5c5f99f61d82d72699f9c6585bdd11d608376529f2b7eb24bc8e8a77121b3e
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fcfb4692c426d014569ccc2ce2fa4b0be34ae4b3f4e2fe387ddf70b4accc8710
fe1a5473e791b4aaed27438fa858042b0b36559825eed55d71a201dceb4dafec