urlscan.io logo urlscan.io
SecurityTrails logo

www.staradvertiser.com Open in urlscan Pro
34.68.132.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://staradvertiser.com/
Effective URL: https://www.staradvertiser.com/
Submission: On April 29 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 131 IPs in 9 countries across 91 domains to perform 848 HTTP transactions. The main IP is 34.68.132.100, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.staradvertiser.com. The Cisco Umbrella rank of the primary domain is 120362.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 29th 2022. Valid for: a year.
This is the only time www.staradvertiser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 80 34.68.132.100 396982 (GOOGLE-CL...)
19 2600:9000:215... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
8 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 23.35.237.64 16625 (AKAMAI-AS)
1 2a04:4e42::282 54113 (FASTLY)
15 2a00:1450:400... 15169 (GOOGLE)
1 54.221.248.213 14618 (AMAZON-AES)
6 52.216.147.3 16509 (AMAZON-02)
13 34.96.77.232 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
3 143.204.98.116 16509 (AMAZON-02)
2 35.184.218.133 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
2 8 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
20 2606:4700:303... 13335 (CLOUDFLAR...)
4 23.35.236.201 16625 (AKAMAI-AS)
20 143.204.95.188 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 143.204.214.81 16509 (AMAZON-02)
1 3 13.32.121.72 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
11 2a00:1450:400... 15169 (GOOGLE)
10 2a04:4e42::626 54113 (FASTLY)
5 6 2600:9000:215... 16509 (AMAZON-02)
1 2a04:4e42::714 54113 (FASTLY)
4 3.213.231.202 14618 (AMAZON-AES)
9 2a00:1450:400... 15169 (GOOGLE)
1 2 107.178.250.234 15169 (GOOGLE)
1 143.204.201.103 16509 (AMAZON-02)
14 143.204.98.71 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
61 142.250.184.226 15169 (GOOGLE)
3 6 2a02:2638:1::13 44788 (ASN-CRITE...)
6 178.250.2.146 44788 (ASN-CRITE...)
15 2a00:1450:400... 15169 (GOOGLE)
1 52.160.40.218 8075 (MICROSOFT...)
1 52.206.107.56 14618 (AMAZON-AES)
2 35.244.184.131 15169 (GOOGLE)
2 2a04:4e42:200... 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:214... 16509 (AMAZON-02)
13 52.3.110.18 14618 (AMAZON-AES)
7 2600:9000:206... 16509 (AMAZON-02)
1 52.88.84.193 16509 (AMAZON-02)
1 15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 89.187.169.3 60068 (CDN77 ^_^)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.70 15169 (GOOGLE)
1 23.35.237.86 16625 (AKAMAI-AS)
1 143.204.98.54 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
2 34.196.36.29 14618 (AMAZON-AES)
3 2a03:2880:f12... 32934 (FACEBOOK)
2 185.64.189.112 62713 (AS-PUBMATIC)
5 52.204.11.137 14618 (AMAZON-AES)
1 52.203.237.243 14618 (AMAZON-AES)
3 2600:9000:215... 16509 (AMAZON-02)
12 151.101.193.194 54113 (FASTLY)
3 143.204.98.127 16509 (AMAZON-02)
3 54.78.253.158 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
3 23.206.210.112 16625 (AKAMAI-AS)
3 46.105.202.126 16276 (OVH)
1 143.204.98.122 16509 (AMAZON-02)
1 143.204.98.101 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
4 2a04:4e42:1b:... 54113 (FASTLY)
4 54.36.109.46 16276 (OVH)
1 52.213.127.205 16509 (AMAZON-02)
3 3.33.220.150 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
2 35.244.159.8 15169 (GOOGLE)
2 23.32.59.34 16625 (AKAMAI-AS)
1 178.250.2.131 44788 (ASN-CRITE...)
2 72.251.249.14 29791 (VOXEL-DOT...)
1 5 37.252.172.36 29990 (ASN-APPNEX)
1 18.196.16.227 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
1 213.19.147.42 26120 (RHYTHMONE)
20 20.60.81.107 8075 (MICROSOFT...)
4 2600:9000:215... 16509 (AMAZON-02)
67 2a00:1450:400... 15169 (GOOGLE)
2 3.20.170.211 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.255.62.202 36483 (GOSSAMERT...)
47 2a00:1450:400... 15169 (GOOGLE)
3 3.123.114.98 16509 (AMAZON-02)
2 3 185.64.190.79 62713 (AS-PUBMATIC)
8 22 142.250.186.130 15169 (GOOGLE)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
4 2a02:2638:1::2 44788 (ASN-CRITE...)
4 2a02:2638:1::4 44788 (ASN-CRITE...)
26 2a00:1450:400... 15169 (GOOGLE)
10 216.58.212.130 15169 (GOOGLE)
2 4 23.35.236.247 16625 (AKAMAI-AS)
27 2a02:2638:1::3 44788 (ASN-CRITE...)
4 178.250.2.148 44788 (ASN-CRITE...)
1 34.120.58.62 15169 (GOOGLE)
7 178.250.2.150 44788 (ASN-CRITE...)
1 178.250.2.135 44788 (ASN-CRITE...)
2 3 2620:116:800d... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.122.14.34 36351 (SOFTLAYER)
1 66.155.71.150 13768 (COGECO-PEER1)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 37.157.5.142 198622 (ADFORM)
2 2 52.49.221.146 16509 (AMAZON-02)
1 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
3 4 185.94.180.126 35220 (SPOTX-AMS)
4 4 52.57.149.120 16509 (AMAZON-02)
3 4 18.156.0.31 16509 (AMAZON-02)
2 4 2606:4700:440... 13335 (CLOUDFLAR...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 52.28.203.152 16509 (AMAZON-02)
1 178.162.133.150 60781 (LEASEWEB-...)
1 1 52.46.132.238 16509 (AMAZON-02)
1 52.94.230.46 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
2 52.94.233.131 ()
1 99.83.181.31 16509 (AMAZON-02)
848 131
80    34.68.132.100 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 100.132.68.34.bc.googleusercontent.com
staradvertiser.com
www.staradvertiser.com
19    2600:9000:2156:a800:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2a02:26f0:3500:7::17d8:4dd1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
8    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:2156:3600:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2600:9000:2156:7600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
1    23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com
s.ntv.io
1    2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
15    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    54.221.248.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-248-213.compute-1.amazonaws.com
staradvertiser-hi.newsmemory.com
6    52.216.147.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
sa-media.s3.amazonaws.com
recruitology-static.s3.amazonaws.com
13    34.96.77.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.77.96.34.bc.googleusercontent.com
origami.secure.ownlocal.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
3    143.204.98.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-116.fra50.r.cloudfront.net
widgets.recruitology.com
2    35.184.218.133 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 133.218.184.35.bc.googleusercontent.com
dining.staradvertiser.com
hawaiirenovation.staradvertiser.com
23    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
9    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
20    2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
20    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
1    2a02:26f0:3500:7::17d8:4dc7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2156:4200:14:c3e7:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aamcftag.aamsitecertifier.com
1    143.204.214.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-81.fra53.r.cloudfront.net
d2na2p72vtqyok.cloudfront.net
3    13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
11    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
10    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
prd.jwpltx.com
6    2600:9000:2156:6c00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
4    3.213.231.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-231-202.compute-1.amazonaws.com
jadserve.postrelease.com
9    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    143.204.201.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-103.fra53.r.cloudfront.net
ecdn.analysis.fi
14    143.204.98.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net
ecdn.firstimpression.io
ats.rlcdn.com
cdn.firstimpression.io
3    2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
61    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
6    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
15    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.cityspark.com
1    52.206.107.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-107-56.compute-1.amazonaws.com
ping.chartbeat.net
2    35.244.184.131 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 131.184.244.35.bc.googleusercontent.com
snowplow.ownlocal.com
2    2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
4    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
5    2600:9000:214f:7800:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
13    52.3.110.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-110-18.compute-1.amazonaws.com
geoip.instiengage.com
eua.instiengage.com
cms.instiengage.com
event.instiengage.com
7    2600:9000:206f:3400:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
product.instiengage.com
1    52.88.84.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-84-193.us-west-2.compute.amazonaws.com
aamcf.aamsitecertifier.com
15    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
2    89.187.169.3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-3.cdn77.com
cdn.materialdesignicons.com
4    2606:4700:3037::6815:8fa (United States)

ASN13335 (CLOUDFLARENET, US)
rsms.me
2    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
1    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    143.204.98.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-54.fra50.r.cloudfront.net
geo.privacymanager.io
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
2    2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
2    34.196.36.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-36-29.compute-1.amazonaws.com
www.i.matheranalytics.com
3    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    52.204.11.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-11-137.compute-1.amazonaws.com
geoip.insticator.com
event.insticator.com
1    52.203.237.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-237-243.compute-1.amazonaws.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com
3    2600:9000:2156:5200:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
12    151.101.193.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
3    143.204.98.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-127.fra50.r.cloudfront.net
get.s-onetag.com
3    54.78.253.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
tag.escalated.io
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
15    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
1    2a02:26f0:1700:d::1737:6ea4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csp.azureedge.net
3    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
3    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    143.204.98.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-122.fra50.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-101.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
2    2a00:1450:4001:827::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
3    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-kube-ownlocal.cloudfunctions.net
4    2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)
images.unsplash.com
4    54.36.109.46 (France)

ASN16276 (OVH, FR)
PTR: p01.id5-sync.com
id5-sync.com
1    52.213.127.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
3    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
firstimpression-d.openx.net
us-u.openx.net
2    23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
5    37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    18.196.16.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-16-227.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    213.19.147.42 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
20    20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
citysparkstorage.blob.core.windows.net
4    2600:9000:2156:4e00:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.instiengage.com
67    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    3.20.170.211 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-170-211.us-east-2.compute.amazonaws.com
dhukrzx4tb.execute-api.us-east-2.amazonaws.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.255.62.202 (London, United Kingdom)

ASN36483 (GOSSAMERTHREADS, CA)
tradehouse.advertserve.com
47    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    3.123.114.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-114-98.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
22    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
4    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
4    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
26    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
googleads4.g.doubleclick.net
4    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
27    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    34.120.58.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.58.120.34.bc.googleusercontent.com
americanhometownmedia.com
7    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
3    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    52.49.221.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-221-146.eu-west-1.compute.amazonaws.com
match.360yield.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
4    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    52.57.149.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-149-120.eu-central-1.compute.amazonaws.com
pixel.advertising.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    2a05:d018:d29:3602:79ce:4a08:37f6:a715 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
1    52.46.132.238 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
rcm-na.amazon-adsystem.com
1    52.94.230.46 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
ws-na.assoc-amazon.com
1    2600:9000:206f:f200:1d:d7f6:39d0:c781 (United States)

ASN16509 (AMAZON-02, US)
images-na.ssl-images-amazon.com
2    52.94.233.131 (None, )

ASN- ()
fls-na.amazon-adsystem.com
1    99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
Apex Domain
Subdomains		 Transfer
129 googlesyndication.com
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 123
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
742 KB
88 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 166
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
static.doubleclick.net — Cisco Umbrella Rank: 318
stats.g.doubleclick.net — Cisco Umbrella Rank: 71
ad.doubleclick.net — Cisco Umbrella Rank: 185
cm.g.doubleclick.net — Cisco Umbrella Rank: 191
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 277
740 KB
82 staradvertiser.com
staradvertiser.com — Cisco Umbrella Rank: 106722
www.staradvertiser.com — Cisco Umbrella Rank: 120362
dining.staradvertiser.com — Cisco Umbrella Rank: 416907
hawaiirenovation.staradvertiser.com — Cisco Umbrella Rank: 432837
949 KB
35 criteo.net
static.criteo.net — Cisco Umbrella Rank: 622 Failed
csm.eu.criteo.net — Cisco Umbrella Rank: 8392
pix.eu.criteo.net — Cisco Umbrella Rank: 8361
146 KB
28 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 61
39 KB
28 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
892 KB
26 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 247
3 MB
25 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 370
mug.criteo.com — Cisco Umbrella Rank: 2985
bidder.criteo.com — Cisco Umbrella Rank: 741
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11977
ads.eu.criteo.com — Cisco Umbrella Rank: 8350
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10493
90 KB
24 instiengage.com
geoip.instiengage.com — Cisco Umbrella Rank: 20218
auth.instiengage.com — Cisco Umbrella Rank: 17056
eua.instiengage.com — Cisco Umbrella Rank: 20623
product.instiengage.com — Cisco Umbrella Rank: 20747
static.instiengage.com — Cisco Umbrella Rank: 24755
cms.instiengage.com — Cisco Umbrella Rank: 28790
event.instiengage.com — Cisco Umbrella Rank: 25875
3 MB
24 gstatic.com
www.gstatic.com
fonts.gstatic.com
763 KB
23 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 279
rcm-na.amazon-adsystem.com — Cisco Umbrella Rank: 20020
fls-na.amazon-adsystem.com
242 KB
22 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 158
786 KB
22 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 270
fonts.googleapis.com — Cisco Umbrella Rank: 39
jnn-pa.googleapis.com — Cisco Umbrella Rank: 260
storage.googleapis.com — Cisco Umbrella Rank: 485
161 KB
20 windows.net
citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 27760
698 KB
20 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 8583
10 KB
15 ownlocal.com
origami.secure.ownlocal.com — Cisco Umbrella Rank: 62706
snowplow.ownlocal.com — Cisco Umbrella Rank: 98025
564 KB
12 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1500
462 KB
11 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
745 KB
10 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 427
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 432
image8.pubmatic.com — Cisco Umbrella Rank: 577
image2.pubmatic.com — Cisco Umbrella Rank: 796
250 KB
9 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 203
75 KB
9 amazonaws.com
sa-media.s3.amazonaws.com — Cisco Umbrella Rank: 270942
recruitology-static.s3.amazonaws.com — Cisco Umbrella Rank: 168560
h99w9l39sa.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 22212
dhukrzx4tb.execute-api.us-east-2.amazonaws.com — Cisco Umbrella Rank: 14412
324 KB
8 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1248
api.rlcdn.com — Cisco Umbrella Rank: 758
264 KB
8 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 419
610 KB
8 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 804
221 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 281
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 388
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 793
3 KB
7 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1455
id5-sync.com — Cisco Umbrella Rank: 635
36 KB
7 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3402
adservice.google.co.uk — Cisco Umbrella Rank: 5284
2 KB
7 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 18752
cdn.firstimpression.io — Cisco Umbrella Rank: 19589
332 KB
6 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 438
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 503
4 KB
6 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3217
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 3754
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 3679
connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 2795
30 KB
6 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3116
108 KB
6 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2366
4 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 217
10 KB
5 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 18091
event.insticator.com — Cisco Umbrella Rank: 15106
1 KB
5 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2567
241 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 447
p.typekit.net — Cisco Umbrella Rank: 549
38 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 725
s.tribalfusion.com — Cisco Umbrella Rank: 2270
2 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 394
1 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 501
2 KB
4 unsplash.com
images.unsplash.com — Cisco Umbrella Rank: 3739
170 KB
4 rsms.me
rsms.me — Cisco Umbrella Rank: 14191
448 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 823
70 KB
4 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 11689
www.i.matheranalytics.com — Cisco Umbrella Rank: 11653
42 KB
4 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1016
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
40 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 962
1 KB
3 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1753
1 KB
3 openx.net
firstimpression-d.openx.net — Cisco Umbrella Rank: 50354
us-u.openx.net — Cisco Umbrella Rank: 350
576 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 325
2 KB
3 cloudfunctions.net
us-central1-kube-ownlocal.cloudfunctions.net — Cisco Umbrella Rank: 98856
545 B
3 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1469
51 KB
3 escalated.io
tag.escalated.io — Cisco Umbrella Rank: 20182
49 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
640 B
3 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 106
58 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 127
2 KB
3 recruitology.com
widgets.recruitology.com — Cisco Umbrella Rank: 137331
12 KB
3 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1256
cdn.polyfill.io — Cisco Umbrella Rank: 2012
1 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1184
mab.chartbeat.com — Cisco Umbrella Rank: 2175
24 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 629
66 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 899
344 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3793
784 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 536
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 545
1 KB
2 materialdesignicons.com
cdn.materialdesignicons.com — Cisco Umbrella Rank: 22093
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 131
114 KB
2 aamsitecertifier.com
aamcftag.aamsitecertifier.com — Cisco Umbrella Rank: 49772
aamcf.aamsitecertifier.com — Cisco Umbrella Rank: 31416
26 KB
2 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 31794
p.cityspark.com — Cisco Umbrella Rank: 21601
26 KB
1 ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 816
74 KB
1 assoc-amazon.com
ws-na.assoc-amazon.com — Cisco Umbrella Rank: 19401
44 KB
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1461
734 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 39779
513 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 554
191 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 729
713 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2546
104 B
1 americanhometownmedia.com
americanhometownmedia.com — Cisco Umbrella Rank: 46146
104 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2804
82 B
1 advertserve.com
tradehouse.advertserve.com — Cisco Umbrella Rank: 83645
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
39 KB
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1210
178 B
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 440
1 KB
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1955
164 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1499
342 B
1 azureedge.net
csp.azureedge.net — Cisco Umbrella Rank: 30763
61 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1316
593 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1327
3 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 216
6 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1166
201 B
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 23465
5 KB
1 newsmemory.com
staradvertiser-hi.newsmemory.com — Cisco Umbrella Rank: 321432
39 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3202
115 KB
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 3067
44 KB
848 91
Domain Requested by
79 www.staradvertiser.com 1 redirects www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
67 tpc.googlesyndication.com www.staradvertiser.com
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
47 pagead2.googlesyndication.com c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
www.googletagservices.com
www.staradvertiser.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
40 securepubads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
www.googletagservices.com
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
d3lcz8vpax4lo2.cloudfront.net
securepubads.g.doubleclick.net
27 static.criteo.net ecdn.firstimpression.io
ads.eu.criteo.com
26 s0.2mdn.net c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
www.staradvertiser.com
s0.2mdn.net
23 www.google.com www.staradvertiser.com
www.youtube.com
d3plfjw9uod7ab.cloudfront.net
www.google.com
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
tpc.googlesyndication.com
13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
22 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
www.staradvertiser.com
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
22 www.googletagservices.com www.staradvertiser.com
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
d3plfjw9uod7ab.cloudfront.net
13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
20 citysparkstorage.blob.core.windows.net www.staradvertiser.com
20 c.amazon-adsystem.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
srcdoc
c.amazon-adsystem.com
ecdn.firstimpression.io
20 analyticssystems.net www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
19 d3plfjw9uod7ab.cloudfront.net www.staradvertiser.com
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
15 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
www.google.com
15 fonts.googleapis.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
origami.secure.ownlocal.com
client
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
s0.2mdn.net
13 origami.secure.ownlocal.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
cdnjs.cloudflare.com
12 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
www.staradvertiser.com
11 c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com securepubads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
11 googleads.g.doubleclick.net 1 redirects www.youtube.com
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
www.staradvertiser.com
13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
11 www.youtube.com www.staradvertiser.com
www.youtube.com
10 googleads4.g.doubleclick.net c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.staradvertiser.com
9 www.gstatic.com www.google.com
www.youtube.com
www.gstatic.com
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
s0.2mdn.net
9 cdnjs.cloudflare.com www.staradvertiser.com
origami.secure.ownlocal.com
d3plfjw9uod7ab.cloudfront.net
cdn.cityspark.com
8 cdn.jsdelivr.net 2 redirects www.staradvertiser.com
origami.secure.ownlocal.com
d3plfjw9uod7ab.cloudfront.net
cdn.jsdelivr.net
8 use.fontawesome.com www.staradvertiser.com
use.fontawesome.com
d3plfjw9uod7ab.cloudfront.net
client
7 csm.eu.criteo.net ads.eu.criteo.com
7 ats.rlcdn.com d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
ads.pubmatic.com
6 eua.instiengage.com auth.instiengage.com
6 assets-jpcust.jwpsrv.com www.staradvertiser.com
6 auth.instiengage.com d3plfjw9uod7ab.cloudfront.net
auth.instiengage.com
d3lcz8vpax4lo2.cloudfront.net
6 mug.criteo.com www.staradvertiser.com
6 gum.criteo.com 3 redirects
6 cdn.jwplayer.com 5 redirects d3plfjw9uod7ab.cloudfront.net
5 ib.adnxs.com 1 redirects ecdn.firstimpression.io
googleads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
5 adservice.google.com d3plfjw9uod7ab.cloudfront.net
securepubads.g.doubleclick.net
5 adservice.google.co.uk d3plfjw9uod7ab.cloudfront.net
securepubads.g.doubleclick.net
5 d3lcz8vpax4lo2.cloudfront.net d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
d3lcz8vpax4lo2.cloudfront.net
5 ssl.p.jwpcdn.com content.jwplatform.com
d3plfjw9uod7ab.cloudfront.net
4 ups.analytics.yahoo.com 3 redirects googleads.g.doubleclick.net
4 pixel.advertising.com 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 cat.nl.eu.criteo.com ads.eu.criteo.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 ads.eu.criteo.com c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
4 rtb.nl.eu.criteo.com c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
www.staradvertiser.com
4 event.instiengage.com product.instiengage.com
4 static.instiengage.com www.staradvertiser.com
4 id5-sync.com d3plfjw9uod7ab.cloudfront.net
cdn.id5-sync.com
ads.pubmatic.com
4 images.unsplash.com www.staradvertiser.com
4 jnn-pa.googleapis.com www.youtube.com
4 rsms.me origami.secure.ownlocal.com
rsms.me
4 unpkg.com origami.secure.ownlocal.com
4 ecdn.firstimpression.io d3plfjw9uod7ab.cloudfront.net
ecdn.firstimpression.io
4 jadserve.postrelease.com d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
4 www.google-analytics.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
4 ads.pubmatic.com www.staradvertiser.com
d3lcz8vpax4lo2.cloudfront.net
4 use.typekit.net www.staradvertiser.com
use.typekit.net
d3plfjw9uod7ab.cloudfront.net
3 cms.quantserve.com 2 redirects c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
3 image8.pubmatic.com 2 redirects www.staradvertiser.com
3 protected-by.clarium.io c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
3 match.adsrvr.org d3plfjw9uod7ab.cloudfront.net
ads.pubmatic.com
3 us-central1-kube-ownlocal.cloudfunctions.net www.staradvertiser.com
3 cdn.id5-sync.com www.staradvertiser.com
3 secure.cdn.fastclick.net www.staradvertiser.com
3 tag.escalated.io d3plfjw9uod7ab.cloudfront.net
tag.escalated.io
3 get.s-onetag.com d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
3 cdn.firstimpression.io d3plfjw9uod7ab.cloudfront.net
ecdn.firstimpression.io
3 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
3 geoip.insticator.com d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
3 www.facebook.com www.staradvertiser.com
3 i.ytimg.com www.staradvertiser.com
www.youtube.com
3 recruitology-static.s3.amazonaws.com www.staradvertiser.com
3 sb.scorecardresearch.com 1 redirects www.staradvertiser.com
3 widgets.recruitology.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
3 sa-media.s3.amazonaws.com www.staradvertiser.com
3 maxcdn.bootstrapcdn.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
2 fls-na.amazon-adsystem.com ws-na.assoc-amazon.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 s.tribalfusion.com
2 a.tribalfusion.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
2 13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
2 match.360yield.com 2 redirects
2 c1.adform.net 2 redirects
2 dhukrzx4tb.execute-api.us-east-2.amazonaws.com d3plfjw9uod7ab.cloudfront.net
2 ap.lijit.com ecdn.firstimpression.io
d3plfjw9uod7ab.cloudfront.net
2 htlb.casalemedia.com ecdn.firstimpression.io
d3plfjw9uod7ab.cloudfront.net
2 storage.googleapis.com www.staradvertiser.com
2 event.insticator.com d3plfjw9uod7ab.cloudfront.net
2 hbopenbid.pubmatic.com d3plfjw9uod7ab.cloudfront.net
ecdn.firstimpression.io
2 www.i.matheranalytics.com www.staradvertiser.com
2 www.google.co.uk www.staradvertiser.com
2 ad.doubleclick.net www.staradvertiser.com
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
2 stats.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
2 cdn.materialdesignicons.com 2 redirects
2 geoip.instiengage.com d3plfjw9uod7ab.cloudfront.net
product.instiengage.com
2 cdn.polyfill.io origami.secure.ownlocal.com
2 snowplow.ownlocal.com www.staradvertiser.com
2 js.matheranalytics.com 1 redirects www.staradvertiser.com
2 connect.facebook.net www.staradvertiser.com
connect.facebook.net
2 static.chartbeat.com www.staradvertiser.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 images-na.ssl-images-amazon.com ws-na.assoc-amazon.com
1 ws-na.assoc-amazon.com c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
1 rcm-na.amazon-adsystem.com 1 redirects
1 apex.go.sonobi.com d3plfjw9uod7ab.cloudfront.net
1 c2shb.ssp.yahoo.com d3plfjw9uod7ab.cloudfront.net
1 gcm.ctnsnet.com 1 redirects
1 pixel-sync.sitescout.com c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 dclk-match.dotomi.com c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
1 pix.eu.criteo.net ads.eu.criteo.com
1 americanhometownmedia.com www.googletagmanager.com
1 prd.jwpltx.com www.staradvertiser.com
1 image2.pubmatic.com 1 redirects
1 tradehouse.advertserve.com www.staradvertiser.com
1 www.googletagmanager.com www.staradvertiser.com
1 cms.instiengage.com product.instiengage.com
1 tag.1rx.io ecdn.firstimpression.io
1 fastlane.rubiconproject.com ecdn.firstimpression.io
1 hb.emxdgt.com ecdn.firstimpression.io
1 bidder.criteo.com ecdn.firstimpression.io
1 firstimpression-d.openx.net ecdn.firstimpression.io
1 api.rlcdn.com d3plfjw9uod7ab.cloudfront.net
1 id.crwdcntrl.net d3plfjw9uod7ab.cloudfront.net
1 signal-beacon.s-onetag.com d3plfjw9uod7ab.cloudfront.net
1 onetag-geo.s-onetag.com d3plfjw9uod7ab.cloudfront.net
1 product.instiengage.com d2na2p72vtqyok.cloudfront.net
1 csp.azureedge.net d3plfjw9uod7ab.cloudfront.net
1 h99w9l39sa.execute-api.us-east-1.amazonaws.com d3plfjw9uod7ab.cloudfront.net
1 geo.privacymanager.io d3plfjw9uod7ab.cloudfront.net
1 widgets.outbrain.com www.staradvertiser.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 aamcf.aamsitecertifier.com www.staradvertiser.com
1 ping.chartbeat.net www.staradvertiser.com
1 p.cityspark.com d3plfjw9uod7ab.cloudfront.net
1 ecdn.analysis.fi d3plfjw9uod7ab.cloudfront.net
1 mab.chartbeat.com d3plfjw9uod7ab.cloudfront.net
1 d2na2p72vtqyok.cloudfront.net www.staradvertiser.com
1 aamcftag.aamsitecertifier.com www.staradvertiser.com
1 p.typekit.net use.typekit.net
1 hawaiirenovation.staradvertiser.com www.staradvertiser.com
1 dining.staradvertiser.com www.staradvertiser.com
1 cdn.cityspark.com www.staradvertiser.com
1 staradvertiser-hi.newsmemory.com www.staradvertiser.com
1 polyfill.io www.staradvertiser.com
1 s.ntv.io www.staradvertiser.com
1 content.jwplatform.com www.staradvertiser.com
1 ajax.googleapis.com www.staradvertiser.com
1 staradvertiser.com 1 redirects
848 153
Subject Issuer Validity Valid
*.staradvertiser.com
Go Daddy Secure Certificate Authority - G2		 2022-01-29 -
2023-03-02		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-31		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
widget.secure.ownlocal.com
GTS CA 1D4		 2022-03-07 -
2022-06-05		 3 months crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-23 -
2022-10-24		 a year crt.sh
*.recruitology.com
Amazon		 2021-06-13 -
2022-07-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.analyticssystems.net
E1		 2022-04-05 -
2022-07-04		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.aamsitecertifier.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-05 -
2022-05-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-22 -
2023-03-26		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.cityspark.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-08 -
2023-03-11		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
snowplow.ownlocal.com
GTS CA 1D4		 2022-04-16 -
2022-07-15		 3 months crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2021-05-28 -
2022-05-28		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
www.google.co.uk
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.i.matheranalytics.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon		 2021-07-22 -
2022-08-20		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.escalated.io
Go Daddy Secure Certificate Authority - G2		 2022-01-03 -
2023-02-04		 a year crt.sh
*.google.co.uk
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.azureedge.net
Microsoft RSA TLS CA 01		 2021-10-28 -
2022-10-28		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.camp-fire.jp
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-20 -
2022-06-21		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-03-21 -
2023-03-21		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.execute-api.us-east-2.amazonaws.com
Amazon		 2021-07-31 -
2022-08-29		 a year crt.sh
*.advertserve.com
Go Daddy Secure Certificate Authority - G2		 2022-03-03 -
2023-04-04		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2022-04-10 -
2023-04-26		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-15 -
2022-06-13		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2020-05-10 -
2022-07-09		 2 years crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-10 -
2022-07-04		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
ws-na.assoc-amazon.com
Amazon		 2022-01-17 -
2023-01-16		 a year crt.sh
Images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2022-02-01 -
2023-01-02		 a year crt.sh
fls-na.amazon-adsystem.com
Amazon		 2021-10-07 -
2022-09-20		 a year crt.sh

This page contains 66 frames:

Primary Page: https://www.staradvertiser.com/
Frame ID: BBF70880DC10A00389EF49B522A427B9
Requests: 274 HTTP requests in this frame

Frame: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Frame ID: 2564F89F182A1E8188277437C7C7C9E5
Requests: 22 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Frame ID: DC06A72375C4BC350D5CFC604CB65039
Requests: 20 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Frame ID: EA9EBE73223AB8D077FB82F3959917AB
Requests: 18 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: BAF0CAA7AA833DCD09136D16F61E7047
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=lnlhi0z5nksq
Frame ID: E9C2678095F5B0C0063105BAB657F320
Requests: 7 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 34A2F6E93492DBA6223E6258A27AE5B3
Requests: 10 HTTP requests in this frame

Frame: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 281DD1F6E449487FA4B26FB36B721395
Requests: 1 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 8BF1139EB841C936A518A80CC6D1805E
Requests: 18 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8DF338E95CA81D299ADC4BDDE6C3B378
Requests: 1 HTTP requests in this frame

Frame: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Frame ID: E7A41E9828F21C5B451DBD94F58295A5
Requests: 15 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: B9D0C9E4318C1742F07A8C694DDF300B
Requests: 11 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 1E52207D7D9C1610448D4F1FC1A1E2AE
Requests: 11 HTTP requests in this frame

Frame: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3108158AE5626BA04922C56E7FE9B7F0
Requests: 18 HTTP requests in this frame

Frame: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 01DB6AEB12A9F854011C3905CA53E89C
Requests: 20 HTTP requests in this frame

Frame: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2FE2F77FCF1875E6734C9F3A98B4EE87
Requests: 20 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 6A5DD05BA665B266B827A4A32938A773
Requests: 12 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 5E3B35728F0753CE526FBF1DCB2EEF10
Requests: 27 HTTP requests in this frame

Frame: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AEBE1797D172EBBE13ADD0CFDE6A0469
Requests: 12 HTTP requests in this frame

Frame: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D162C5DE577987CF8E2FB5E5E5DD4C2A
Requests: 12 HTTP requests in this frame

Frame: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1EEE1B5CDBE0BF7FCE0892F13BAB95A5
Requests: 12 HTTP requests in this frame

Frame: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 38C94EF4BA1D77ECF3F1891523763F9C
Requests: 4 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: CDE31215B86E329E0AE22FB6959D0F99
Requests: 8 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 66E68D11C641A0A1524174CC5ADEEE89
Requests: 11 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 3222940FDD7C7D4139CC77E8E0738A27
Requests: 27 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 8C9720A0CE41BAA864BAF9589F5BA28F
Requests: 12 HTTP requests in this frame

Frame: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 87C24AF6447F6B00092E010CAE737CA6
Requests: 15 HTTP requests in this frame

Frame: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 37C0468B145FE5A5651FFB6E0CA32C6D
Requests: 16 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 7EBC2A576D35B129097E5E479E00BF94
Requests: 3 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 48CE4CA97307413581E7662D41BFB1DE
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEMDLzegCGODkscQBMAE&v=APEucNUkFK6K7dLzC7L_5tjcM0ZOwJtIKMyxQVl2AkivBRDOd6ghWudRFqsd_Xof3elu8cV_0C_s6ZDAWt4k1yG5FWmsmhKv0RiqgjmMcIf9GNkyWAmNHjNbHUWmkfLhkM6tgdrhCpprkSBpIhhIEq9QI4S0JO2-1duykfmzmg6AIHVqrRyptuc
Frame ID: 6510149D3DDFE75BCAF8AC673A10F759
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlYIu_1TAA_mI_Fu2FqZZLwwtzlDXA&u=%7CzTp3kVNQobA7KSPq5JJ0BNpvENGD5z%2BzvSpEconUcIg%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdk6CJzhjh6Fnec1oKLdeDn3nEXPbRtT1xc9UdPgszQ9h2REdlZQ3Itm62cG7dhjthD3at5zAUtw1upsCRYKAnhpUkmb_HqYnTKsI5Be1Ei2a3S3Mzh2Ovy5Wf9Z7yv4UaEJWLP-cM29TVDFlRD2xNeYdIwql2CkkeWkaAFKenXzbLEV7bSBi_2_zNUloOk2cpAos3H3NGg6XW3U9IeoAq1_eAt0a8sBYc6GkZJHvUMg2x9K536smOkNkb1GFloUIX4TO6mj65rh17FnOV6BzBhYLH5nDkN5Dg5p9moeGxWDN_EFhHQyeRQ3eCfyarK0wk7NItlbSDzPuhsejIyh3iwKUWJlqISW5YyYILjek6QVOzLdS_Cer5I6NHRSVfwjo5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp3suTrFrYtbMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9D77uA2nkm8JiJ7am-OqWbe7YOdFPepYsFPqM2bM-JBpLZpJ799C7ZN5LNPsP6GIVMcjZ7ydrSc3p5PNyKPwm2hSzug-n1ewiM1Xv23mB-s0kxboLQAfnfD_zpnzFEV_luK4UagwI8bZ7x-X2dniXbGCtpWXJ6w3fTXXHraNtzKXvPdULMx8zceEACjDIXrgIYY9dNwLbSUaX1njE2xvZjgm48Np7lNOyYT6kgl60-V3RmMz8u8ZJKWWZHeQZRdE1tLwdRES10-YpxHCParq72K-XpXAhtUCwtYFtFm-tFbWZEJimh2pFP7RS5WjDR6grPE-FSxU_r7llF_Evx2KZCLoWhD5zWo8QjgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QAoEBFiwHTwTw3Njis6IhGyY9lw%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: D063591C7E56C490BCE592494B1F2882
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww&u=%7CzTp3kVNQobBeWaVJs7DeNUC6NI0BQ0R5ZFeuKtp5Rnw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdmjbN-pVanZKpeyPCW9n_GeNVO1CFH1rDBmh2JqM1spQT5uTde_7LxAQAaYWgJ_M7GY-UvH_dN0RPnTjcmM_nYfNCNd9DHiP3pAUInCaNwOrfxUMfdox3EoF63tiEpMEGviXZdgBsMdQmi3CnoDrNaPdGCc_4v3xMLuEkFWGjZanjGi1ktqIcz7GrXIz92fLb3N5OxAthUp_l42DM2JeobfQbfVN8n7p14u7N4O-u4pw_1pJOtWYItcmEO44SMJC1rM7CKPLJ-ENOEBqq3ecFFDNwmS6eyJI8WBk-ay59AWOHyKbPQliAW_O3gZTee2NlKaMp9K8al92UCBpjBzLQnkPbH9F6RI5EunTymXXQjuHr4Cq_kXRqtLA_Ia2xoykXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHOQ_TrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv67-4Lj4wd-aDEv2asaVi8Arx_SsK0pSAOtFINTB21xQIcWKXU8arW7fDgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Lc_rIBiAirvBeievzCHp7qCxMkg%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: 1429AA54EE19B6C5FA51D1EEA9A0E5A6
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlgIu_1TAA_mI7qrN9Y_ukA8rot-rQ&u=%7CzTp3kVNQobBzwbEtTGqAp4dMG7XgnQLhiBe0jVjwCpw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdgbhHCq5nd1Ut8AA593fWnMo4JbnJ3iLElszPy-7Yvw82zKbzagfikWFik4hib1LDXJ3CcA3Dk5gq1c3yqehXemzZPTs1jAX3Vq3Fowu_6g_ld1ATw33oNUgBqQfGH4RUN_xElwWGSygTeMDQW3R98b672C8xgyPZTpsFjjqJm4JgzHw6rCRx0xui0mgF_b39b_T6Yh9MJK-GB8HlBEnVepCMkWC5W916UBgwpDgyM9uSJK9svrzy18u5Q-w65QXXWip56CqgcvBldOC9roC3-82Oeh-258J6SZgZY5rFpGHopGEwJqO4Xe7zL8sCeKly8YQR6r1R6W9KoowoLhAZBDfAjU-gP6oeX7o1cbiBj_P7_khSVj4wPxvp6A8fvKOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__y0TrFrYtjMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9APjnZUphhybTMx4ctvcGwr2S2q8KB87i6IkaBnunCE3NtajwkGokv0FsgL9hxGZgR5PTRFjtgtdlthDvd9eLKJsguOWml4FP7E40LP71BOtrRqSTbvDMcZ4Fyuqh86d2D6p10loMWWAyElr0KtBJoJnGuWTtGjshTUbOcc--TAjgWh9d-Il4eeNGP_MjG3qWIJT2PtyH4Zu0SmlS2hYnPMiyM_g_VRA-3RKA8Ij7PjugOf5mSniK2-DkW7Ol55bB9JTfCS8OznP3BdBF6I377NgM9AfR-wuFPFThcu0jBQ7k3-bmG21sbwg98LzvuZqTnIIVmPpsATNwzerNzLGM7lZ-WmPHbmDc7gBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1xhA_HoOjn_B0pfGRLtRDR4cfKEg%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: 1D7110B85B62143D72B3C087BBCCE0EF
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJVOLTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIsCT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLSyKFpejytV6-sTZ7a3limYV6JJgdqDfoKAInfU5yV_cRTMR_-q14AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzIzODU1NTIxODU4ODQzORixsww&sigh=_YmCbH9VTfo&uach_m=[UACH]&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE
Frame ID: 65A27670A903B4BBE46934C170BB5C50
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: 4E9429336FBB1BB4820ED5A480682560
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECEPPg0pcDGLjPssgBMAE&v=APEucNXl2X7PLz_dcHue4VPhkcHs_Ohmp0AxeOfuo2HvU4FRF-xJwy2cFeC440HXitF7xo-o7S8bz47A3jU6EngGLUIT9UvIzg
Frame ID: B3639DB829E70B1501E529FB0CCE93D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvTChCF7YyRAxj6xuzDATAB&v=APEucNWprOgsVFeJBcA79n10ra5s3pGCZrerx_suQpDiTmOYRZn4BOclgSn2I_ASzjBC28FyyyLWoqpnVpgyI-oJAoBnmLtovg
Frame ID: 6CE25067E67C978584B17A42F4E72A63
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: A6019B5476CFB123B12A83D2FB158787
Requests: 9 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 1B9CCF4AA21CBBDFFF8B7B822EA59294
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7FDEDBD358389840350680CB259AFABB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Frame ID: 2EAC84F824641A3247D127EE7CDB613D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F949C88F0AB1B1C799FAFC01A92CCB8A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Frame ID: 271E636ED5D95F02E68EC1E0B351E15E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 18013A4A26B16F9E8BC7FEB9BACF15E4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7149ADDCE16CCB3A1EC72E1E9274A1E0
Requests: 3 HTTP requests in this frame

Frame: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 558A0706DAC01A104B9BD1676F636D7E
Requests: 1 HTTP requests in this frame

Frame: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 092DC83353704E4A78ACDE3EA78A222D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9851F40C207679ED880ECA523763D679
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EAD8371EC072EC50B981ADC43762700B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD6E58F1D561EAD99783CCEED27FB661
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 950CF702E5AAD67E85795DFB9660FDD7
Requests: 2 HTTP requests in this frame

Frame: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2EBEFE002097EB080A2A1B3AED43FC5D
Requests: 15 HTTP requests in this frame

Frame: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 609D9D9A6AEC4BEE2946685F80B43ED8
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C29A1A4E5541B991A1BE6DE8A3F0FC7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0774D667DEEBE7FDCFD9D0D8917164E4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARic-P3EATAB&v=APEucNXKXsQ-IVZra42wTuXtRirrx4OMswOdQNGAO07cB2v6SEHMndf2qsrDHa7mHjemxSSW9s3kQ1LJGSnRMLKVQp1Lq7dhnB290aEfKy7zeiRfjWKyfvmPX-hZ_4J4dAM_RSWj84evFlqZ_hE1gGtci95-cewm3761THAXI15ay_Ac1OqFpks
Frame ID: 36C9863D638558453190F3BDEDE90D27
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMS1lwEQo7u_ARiL3v25ATAB&v=APEucNWi2wcZ4m9G9Zzh25TCs1OPLw1NdYTEDGd5Wu8qTFYzgSSV6YIzjeqXaE7owx47gkqIB4zer-5z6iED8H1POP06BKA7GcKFE_xeyRJnFy1oekD8UFTHXqvKp60N6xky-UsG-yPEkP6BVGI1CzRiL3UVSHgbDQv2r00Ww91EgB3v-zNsAWo
Frame ID: 59E9FD16A1DCB456A278DBF6ED7165D5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 637AC490DCE0D259DBAA9234CCAE48A9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DF4484E1C482CD383DAD04AB2FDC926C
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
Frame ID: 6395BCF39DB9839E9A216089433C92C1
Requests: 17 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=0ovBnmyrEN&t=1&renderingType=2
Frame ID: 3CA29431D1D0C02982E1CE5A55AD5880
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2EBE9C73A1FD1AE92BF031249619D78B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D3CE0C0A847FE1DFA9ECDEDA2A9D1E45
Requests: 3 HTTP requests in this frame

Frame: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 94E5A2CE99DAF93EA4CFA51EE9731049
Requests: 9 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
Frame ID: 3FDFDD08251BEB08CC75521C028CF07F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hawaii News | Honolulu Star-Advertiser

Page URL History Show full URLs

  1. http://staradvertiser.com/ HTTP 301
    http://www.staradvertiser.com/ HTTP 301
    https://www.staradvertiser.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

848
Requests

93 %
HTTPS

45 %
IPv6

91
Domains

153
Subdomains

131
IPs

9
Countries

18131 kB
Transfer

37155 kB
Size

74
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://staradvertiser.com/ HTTP 301
    http://www.staradvertiser.com/ HTTP 301
    https://www.staradvertiser.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 111
  • https://js.matheranalytics.com/s/ma15446/988352900/ml.js?cb=1593 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma15446/988352900/1/ml.br.js
Request Chain 162
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Hgd6IHxQYjJETXY3ejFoMm52NENFQWpDb3lSajJMNnlyR0t4QnFjWUh2Q3NZNUErR25VUXgxY1dybUdJcUxJMVpqMUZPQjZocW1hTTJCUlJtSHhDS1pMcWZ2UHJWYmVxZnk4VDQrelpXZlN4THR1UEtNRnBnOUpEV0xCOGtQWDdOQW9COXZMRDJRN3BiaUloMWlFOVg2NDZKeGpSaUdNQVplMlAzT1E3MSs2OUJQOURSc1pLdmJmcWFWOHlHYUFlL1JJQktoSVBjRGNsNEh6bmdERjNJOWdGQVBFb2tnTTh4T1JKM044T3pkanhtdXkxampvYXNiMXRNWVFiU3VhQ3hYckdOfA&cppv=2
Request Chain 184
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035032&ns__t=1651224909302&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&ns__t=1651224909302&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
Request Chain 191
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 193
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 196
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 218
  • https://cdn.jwplayer.com/strips/UPf3oGCX-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/UPf3oGCX-120.vtt
Request Chain 220
  • https://cdn.jwplayer.com/v2/media/UPf3oGCX/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/xmgyjcop-720.jpg
Request Chain 221
  • https://cdn.jwplayer.com/v2/media/5fywZp8i/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/7r3esz8x-720.jpg
Request Chain 222
  • https://cdn.jwplayer.com/strips/5fywZp8i-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/5fywZp8i-120.vtt
Request Chain 277
  • https://cdn.jwplayer.com/v2/media/UPf3oGCX/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/xmgyjcop-120.jpg
Request Chain 526
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160074 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160074&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDk5MkQxRTgtMkM3Ni00NjIxLUIyRDMtMUNBMUZFN0FCMTYw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 584
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONC_AvqVDQEDibuRT-AZ5M&google_cver=1
Request Chain 585
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmuxUs.OnojhGGWNUnpngwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONC_AvqVDQEDibuRT-AZ5M&google_cver=1&google_hm=2
Request Chain 586
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKp8dvY5AnTc7TXP4l78R_Q&google_cver=1
Request Chain 587
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMzUyNjUwMDEwODY5NjA4OQ%3D%3D
Request Chain 664
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=7O7MSF8zcVUlMkJzblElMkIxMUclMkJua3BOWDZtd29JUURUVDBxbTlNcmFVNE1yV1hub3VuVEpJaFVoYVhReDNPN0NMMnRRQk1xQjN4ZXFhVzc2a3I4JTJGdEdjcVZMTkVGVjJjQW00ZG0zR3IxbkQxVFZCZGxOSklneExLMFdvT0dLMVZQSW56ZFlx&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=0l-Sx3x0OEQzc1M3ZStmYUpFOEl0SklmUkdwUVA0N0Y5TVdkaVlkcEJFQUhZRVRLUFdpclZyaGZCdVBGWDFLdGQ4S3dGVk5pbXZVeWlzR1JHQndTVG9JM2ZrUSt3UkdLRXJHS0tQaFBJSW9BcFlObzFpT1BMY0drekpHOUpjZjhhU1lVbVRmbitCMDcvUEhSSUM4VEovVGNnTithYVlmZWZZb1pjSnJONU5UOFROZFhOUUl1czgydlpHMTI3QnJ4MUZSbmtoWW5XMXlVZlp2bGVTVThYRHdtUEZJSUcveng3bTZvVWxhT3hMNXNuVHI4LzdwMHh6TTFKMjN2U3lJd1JNNElafA&cppv=2
Request Chain 667
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=7O7MSF8zcVUlMkJzblElMkIxMUclMkJua3BOWDZtd29JUURUVDBxbTlNcmFVNE1yV1hub3VuVEpJaFVoYVhReDNPN0NMMnRRQk1xQjN4ZXFhVzc2a3I4JTJGdEdjcVZMTkVGVjJjQW00ZG0zR3IxbkQxVFZCZGxOSklneExLMFdvT0dLMVZQSW56ZFlx&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ES0Bc3xUTWM3RWIwT0NTb1NYUHIvR2FSanMvZzVkN1FwTGhMWkpjM1o0WXhhMjllTzNoOVBSNWt5RjZVck9MQ3VuM3craUZrdkV0Zm94alR4aFFVMDNDM29kK2YvcnJmQ3dxTUtSOHdtTkdaRFdRMWlrTVVSdnlpMlppcTNxUk9WUGV2K05IbmNPTkV0dUNjRmI3bTh5MFV3NnFwZHJ1ZkVBZG5aRHNuRk1KTG5QeURPRjJXQjR1cW1hd2pJd0IxRUFKU0R5V2pSSGdwZlY2Y1JUcWlzT3J6T2dHam1WWWhrbWkxUmMzTzBKd25uUWFaejFTSVM1dWwyNDd0NlIyYUJnbkNqfA&cppv=2
Request Chain 694
  • https://um.simpli.fi/gp_match?google_gid=CAESECF3ipNEgl0r4pySGm5UTEI&google_cver=1&google_push=AYg5qPITeG_LZtjO4eXfXuIidXx3c5FzdXNk8MXvxyxAUaxjI_W5fDtUII0e6t4DNJgw8x7Rq3KcHl_GIFVu4QaBVEI8cD0kEqNh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7FC55686B2FF4B83A59903DAAD9C4A27&google_push=AYg5qPITeG_LZtjO4eXfXuIidXx3c5FzdXNk8MXvxyxAUaxjI_W5fDtUII0e6t4DNJgw8x7Rq3KcHl_GIFVu4QaBVEI8cD0kEqNh
Request Chain 696
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGAMVZLCpqS6NGW7ZrUPKos&google_cver=1&google_push=AYg5qPIADzzYLWcXaOjyfsOT8bLPAkUMWnE83vE6w7HlLqJfvBQ0MCZbnkS1eJT96ImEBBgFOGnJwCtS9NewszuxJUsZRt0IkKav HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIADzzYLWcXaOjyfsOT8bLPAkUMWnE83vE6w7HlLqJfvBQ0MCZbnkS1eJT96ImEBBgFOGnJwCtS9NewszuxJUsZRt0IkKav&google_hm=Ud6iYvleRo63xcGUm9Tjj2Y
Request Chain 697
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHJzhA9XuDYreBNUGpxnhGo&google_cver=1&google_push=AYg5qPJt92I9BEg6wJw3KWEglaHT0NFjPzKJYZ3ZgG2l78vpXeoxmd0nFt4O2AkxcUsjcPJbMxf_fjNzg7EsZzLjPoApsw9XdU0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHJzhA9XuDYreBNUGpxnhGo&google_cver=1&google_push=AYg5qPJt92I9BEg6wJw3KWEglaHT0NFjPzKJYZ3ZgG2l78vpXeoxmd0nFt4O2AkxcUsjcPJbMxf_fjNzg7EsZzLjPoApsw9XdU0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjMxMDkzOTk3MDI4OTAxNjUzMg&google_push=AYg5qPJt92I9BEg6wJw3KWEglaHT0NFjPzKJYZ3ZgG2l78vpXeoxmd0nFt4O2AkxcUsjcPJbMxf_fjNzg7EsZzLjPoApsw9XdU0
Request Chain 698
  • https://match.360yield.com/match/ebda?google_gid=CAESELoDIXSFRg29Akl9KBF2VCA&google_cver=1&google_push=AYg5qPJxZqG76Niy-axb7DhcqLXLyL2kH21SNyqFWnoid20q4fqfgbM1Q4eLglFYeAcPYleGYNHyllJfctVN-M2a_yadr5uUHnc HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELoDIXSFRg29Akl9KBF2VCA&google_cver=1&google_push=AYg5qPJxZqG76Niy-axb7DhcqLXLyL2kH21SNyqFWnoid20q4fqfgbM1Q4eLglFYeAcPYleGYNHyllJfctVN-M2a_yadr5uUHnc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1ofP53E0RuWZ2Jvq5k0kHw&google_push=AYg5qPJxZqG76Niy-axb7DhcqLXLyL2kH21SNyqFWnoid20q4fqfgbM1Q4eLglFYeAcPYleGYNHyllJfctVN-M2a_yadr5uUHnc
Request Chain 760
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHgMZKdy2ugXnNfqU6e927A&google_cver=1
Request Chain 762
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEJWutVfNDX3JB5xYfU1n-mM&google_cver=1
Request Chain 768
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBwmVIiYX6n4UhMoIbrXsYM&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBwmVIiYX6n4UhMoIbrXsYM&google_cver=1&__user_check__=1&sync_id=adfa1ee3-c79f-11ec-9086-1189f5600306
Request Chain 769
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=adf2e5a9-c79f-11ec-91ed-14604df00206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YWRmYTFlOTYtYzc5Zi0xMWVjLTkwODYtMTE4OWY1NjAwMzA2
Request Chain 770
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEJ-5QrkDzAb2nMWGjfPAuNg&_origin=1&google_cver=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEJ-5QrkDzAb2nMWGjfPAuNg&_origin=1&google_cver=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJ-5QrkDzAb2nMWGjfPAuNg&_origin=1&google_cver=1&apid=UPadf3666f-c79f-11ec-bd34-02087eb080fc HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJ-5QrkDzAb2nMWGjfPAuNg&_origin=1&google_cver=1&apid=UPadf3666f-c79f-11ec-bd34-02087eb080fc&verify=true
Request Chain 771
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPadf3666f-c79f-11ec-bd34-02087eb080fc HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPadf3666f-c79f-11ec-bd34-02087eb080fc&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBhZGYzNjY2Zi1jNzlmLTExZWMtYmQzNC0wMjA4N2ViMDgwZmM%3D
Request Chain 793
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAuZjO45wni3XHNGpSTPjm4&google_cver=1&google_push=AYg5qPI_0ILtJziLSWxdgu7hg1H4njX-qXsF3ofR38knrIPihZluLRnA14ra8cBnWnGGSx1fzsZnryxggC5EVaSzZFcssRcE3His HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI_0ILtJziLSWxdgu7hg1H4njX-qXsF3ofR38knrIPihZluLRnA14ra8cBnWnGGSx1fzsZnryxggC5EVaSzZFcssRcE3His&google_hm=ZtCa7GXjbWo_LWeKUHDvSQ
Request Chain 794
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOIOdkr6Pl9m8liy8ALVkGU&google_cver=1&google_push=AYg5qPKSOXiszA4iyeVf-04JX4w8MsSNYZ1AMBSH4aEaOhl47vs3vdcymQ9NEDHvCITmFxjdqpK3QVkXjtXiGYSJgCGPUAxlMhHf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKSOXiszA4iyeVf-04JX4w8MsSNYZ1AMBSH4aEaOhl47vs3vdcymQ9NEDHvCITmFxjdqpK3QVkXjtXiGYSJgCGPUAxlMhHf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOIOdkr6Pl9m8liy8ALVkGU&google_cver=1&google_push=AYg5qPKSOXiszA4iyeVf-04JX4w8MsSNYZ1AMBSH4aEaOhl47vs3vdcymQ9NEDHvCITmFxjdqpK3QVkXjtXiGYSJgCGPUAxlMhHf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKSOXiszA4iyeVf-04JX4w8MsSNYZ1AMBSH4aEaOhl47vs3vdcymQ9NEDHvCITmFxjdqpK3QVkXjtXiGYSJgCGPUAxlMhHf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 795
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEESQD_Ue6d1qa7ewn6nYQ7A&google_cver=1&google_push=AYg5qPL1eNUGGAdK_l6ClwJDJ38vrz1JjEshpqod_bEFlWDIg4p_caqml6D-2RLXnQkRLrpv1mqJFrvQLEDARyJbeFWpyfvc9aKG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL1eNUGGAdK_l6ClwJDJ38vrz1JjEshpqod_bEFlWDIg4p_caqml6D-2RLXnQkRLrpv1mqJFrvQLEDARyJbeFWpyfvc9aKG&google_hm=MzU3ODUwNDk0NDg3NzYzODk5OA%3D%3D
Request Chain 797
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAuZjO45wni3XHNGpSTPjm4&google_cver=1&google_push=AYg5qPI7kqOU1xpyfTKB31Jx-sbWyiNrqS8NkiuSGxK8NYcY2JZ8_03SUt2GzME-VILta1YQW6Pp6zu_WDlqk45YkTP2QXqikhathw HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI7kqOU1xpyfTKB31Jx-sbWyiNrqS8NkiuSGxK8NYcY2JZ8_03SUt2GzME-VILta1YQW6Pp6zu_WDlqk45YkTP2QXqikhathw&google_hm=ZtCa7GXjbWo_LWeKUHDvSQ
Request Chain 798
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOIOdkr6Pl9m8liy8ALVkGU&google_cver=1&google_push=AYg5qPI9xdjaykFN6DHTQGNiMgNSwEv2CHHAC5ZHVEOok1-44yRP-ile7LxM9r0djgwH8bvhWELtaLx7Lp8bU9eDuQuWqBhG7oavmQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI9xdjaykFN6DHTQGNiMgNSwEv2CHHAC5ZHVEOok1-44yRP-ile7LxM9r0djgwH8bvhWELtaLx7Lp8bU9eDuQuWqBhG7oavmQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOIOdkr6Pl9m8liy8ALVkGU&google_cver=1&google_push=AYg5qPI9xdjaykFN6DHTQGNiMgNSwEv2CHHAC5ZHVEOok1-44yRP-ile7LxM9r0djgwH8bvhWELtaLx7Lp8bU9eDuQuWqBhG7oavmQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI9xdjaykFN6DHTQGNiMgNSwEv2CHHAC5ZHVEOok1-44yRP-ile7LxM9r0djgwH8bvhWELtaLx7Lp8bU9eDuQuWqBhG7oavmQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 799
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEESQD_Ue6d1qa7ewn6nYQ7A&google_cver=1&google_push=AYg5qPLjqBLBF-Bex7AsWVnX-MXj-MPjB_yS9M1QMW3uqjQv_KKXce7Au0EGv58aKOwfB-ws_kybxEDe514LdTuNAgK7WxQO2R2pgA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLjqBLBF-Bex7AsWVnX-MXj-MPjB_yS9M1QMW3uqjQv_KKXce7Au0EGv58aKOwfB-ws_kybxEDe514LdTuNAgK7WxQO2R2pgA&google_hm=MTI0NjgzMTcxMjgxNDgwNjY5NQ%3D%3D
Request Chain 853
  • https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20 HTTP 302
  • https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20

848 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.staradvertiser.com/
Redirect Chain
  • http://staradvertiser.com/
  • http://www.staradvertiser.com/
  • https://www.staradvertiser.com/
365 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
8225f32dcf67aff11c3e51d3d4c3b53a3ef0330b9ba446375cdd357dbfdbb003

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Apr 2022 09:35:07 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.staradvertiser.com/wp-api/>; rel="https://api.w.org/" <https://www.staradvertiser.com/wp-json>; rel="https://github.com/WP-API/WP-API"
pragma
no-cache
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 125
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Fri, 29 Apr 2022 09:35:07 GMT
Keep-Alive
timeout=20
Location
https://www.staradvertiser.com/
Server
nginx
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ 		243 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b5763181df3509efbc1e0c2b6625586e64429c6761644390a256dd20aa11444

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
PHWAuUu3JGxnzZfGw0a6uN2SUsAIAyiy
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
3213
etag
W/"8f621d97304e084e568f63521887db3c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
date
Fri, 29 Apr 2022 08:45:50 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
6uxrTu1CBK4vApRBOeZAhlqHBJRNjsS6dn0fjhdvULR1tWbUSRwGaQ==
pubcid.min.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Fri, 13 Nov 2020 19:41:56 GMT
server
nginx
etag
W/"5faee184-e358"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
529839
cdn-cachedat
2021-04-23 07:18:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3dc67c43f5f695f65a3234d8a4ac94d0
cf-ray
70370bbabf8901f0-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		67 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
W/"60c805fa-10c45"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 29 Apr 2022 09:35:08 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18639950
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B36X1BCHCQ732ADZ
x-amz-id-2
20uffz1kDj+aqh3fOgw+IcBHEkwif8F90uXiEgrQdOM9jvm/W6jTyG/26uvoUregVDavczVZqQc=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nsSz4YnPLNFfAh7pYCHl7F%2BXu6RHCAfi%2BPwWxShHP61iMTdDsWKxGH7WQrQyC3DLeR22GI1Ra6jJFPQyQEiEfRcU3T8JYwsc%2BNGCWmmVz0ww1ki9f3B5xZFT%2F0LvwV%2FfFL2GPEBCM8bLbi8PNl1fz%2BB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
70370bbaceb483a8-MXP
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 13:16:35 GMT
x-content-type-options
nosniff
age
245912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 13:16:35 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3600:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4be319fc7e78bf1beb5b73bb76e33e445bf3170ebcd66fd72639743115287a2a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 08:46:52 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 00:18:19 GMT
server
nginx
age
2896
etag
W/"625616cb-595b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0Z2TvB1aIbh7rUsS0RM94aShYAkGLa37TZ-AOsd0GKzYPzz_VsibjA==
expires
Fri, 29 Apr 2022 10:46:52 GMT
ZoPFXSjg.js
content.jwplatform.com/libraries/ 		127 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/ZoPFXSjg.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
f6714bb27f26b0d8aebe31f5a856ccd59f3f07636f2f23a9c0ad28307090fce2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
content-length
44478
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
x-amz-cf-id
HG4gmkgJHqB29chWYBtBJTQx6ma99B6ENx_jJQe68PUKITQW5UHx_Q==
expires
Fri, 29 Apr 2022 09:34:46 GMT
hsa-jwplayer.cmd-hsa-minified.1601588720.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/hsa-jwplayer.cmd-hsa-minified.1601588720.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0159831273549544cb9ff04cb7f31edfa5797d9aa4bf1666636bdca542479b76

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Thu, 01 Oct 2020 21:45:24 GMT
server
nginx
etag
W/"5f764df4-2eb2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sa-jwplayer.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		2 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
load.js
s.ntv.io/serve/ 		394 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2be8a335f1c123656c3becf260436dc05941f744ab714686d70df5574a198ec9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:08 GMT
Content-Encoding
gzip
x-amz-request-id
G495TQZDCYZ9WCW5
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
/SQZMFurhYoaPirdIQXGsJ0NJ4oEcWybuqgkl0uRD63haQ+bTpCHeSg0KVKZyEOW/yA2AahzY20=
Last-Modified
Thu, 28 Apr 2022 22:29:19 GMT
Server
AmazonS3
ETag
"d6ae33b53b9bbabfdb872df380b09c5a"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
usprivacy-string.js
www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		1 KB
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/usprivacy-string.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e5d3f7cad9534723e28aed704f7f5bcbb7f6a2323b2c29f01aa09bc3a46c930d

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
nginx
etag
W/"5e2b4233-4e0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
uspapi.js
www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/uspapi.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d8921a0fcfd2507826836106dcc06e0612c413bf3797cab39402171724b32df0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
nginx
etag
W/"5e2b4233-1158"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
uspapi_call.js
www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/uspapi_call.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
87228b5246ece9b12bac05b438794791bb67239aab563dafb7e43eb4ddfc8fa9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
nginx
etag
W/"5e2b4233-899"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
polyfill.min.js
polyfill.io/v2/ 		222 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Tue, 05 Apr 2022 12:43:12 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/101.0.0
server-timing
cache-mxp6939, PASS, fastly;desc="Edge time";dur=12
accept-ranges
bytes
content-length
126
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ 		502 B
460 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22d2dbc568d9b2b5842846a10a2f884a2612cc721ebff2864a8d710bb7151991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 08:02:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:07 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ 		0
188 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
www.staradvertiser.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
www.staradvertiser.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.js
www.staradvertiser.com/wp-content/plugins/hsa-polls/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/js/common.cmd-hsa-minified.1569273721.js?ver=5.8.4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:07 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-100a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sa-logo-white-small.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/sa-logo-white-small.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cadc72dc81a8e767b3da7e015267c1ed4eb439249277937a2e83f7d29876350e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-19dc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6620
longs-drugs-logo-v2.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/longs-drugs-logo-v2.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e0f9afd978bd46213b0bf16a6ddd54ef257e84dde88e9b428c373b501a2b0b74

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
"60c805fa-914"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2324
sa-logo-large.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/sa-logo-large.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0a2176bad5be68ea7fe742d9ea76084443f8891101898e212361a057b291ca62

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-4056"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16470
mostly_cloudy.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/small-icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/small-icons/mostly_cloudy.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8a9c802ab8e5a4b047640d7274355d39aedc2d353f5762552fcf5a77a374b573

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-4cc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1228
getprima.php
staradvertiser-hi.newsmemory.com/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser-hi.newsmemory.com/getprima.php
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-248-213.compute-1.amazonaws.com
Software
Apache /
Resource Hash
647498a8efc5cf57506021c903344f7e4b78c2570926238744518c38a21e1230

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:08 GMT
Cache-Control
max-age=900,s-maxage=900
Expires
Fri, 29 Apr 2022 09:50:08 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
image/png
big-q-logo.png
www.staradvertiser.com/wp-content/plugins/cmd-hsa-big-q/class/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-big-q/class/images/big-q-logo.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
42197f868c8a022a8f36574a2ce910d007c7254e7282742500154471ca82408d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-2806"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10246
SA-LocalBusinessGuide-982x300.gif
sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/SA-LocalBusinessGuide-982x300.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.147.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
09dc0765a9dd7efe2c16814e023c0509771ef4cf8dd880a306c59b765942d983

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:09 GMT
Last-Modified
Thu, 16 Jul 2020 21:43:25 GMT
Server
AmazonS3
x-amz-request-id
2KSNJDVYNYWHKWY6
ETag
"1b3f2c17628b6f0face0aba72b58a731"
Content-Type
image/gif
x-amz-version-id
N.oxyDEQv3OEdP44ADgABZ71w4.UpJZ_
Accept-Ranges
bytes
Content-Length
275925
x-amz-id-2
ej+78GgiteAuSrno6hTSTCcZ3tec/xqHCOXw4A10oR7mZ6lGmOsRDeOMWkwRN5zMq0fiNEOUaWI=
fv-play-btn-1.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/fv-play-btn-1.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dca48f3a946bbfa6545510ed71076aa805c1b8a84bba5ecc79fa39ccfcd088f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-d24"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3364
loader-sa.gif
sa-media.s3.amazonaws.com/images/redesign/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/images/redesign/loader-sa.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.147.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0697912270d4ad04615851261fa60a3db4bc88e3c0316d1c97fdd3a5a7c68931

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:09 GMT
Last-Modified
Thu, 09 Jan 2020 19:44:41 GMT
Server
AmazonS3
x-amz-request-id
2KSZXYK6EXBAPZRH
ETag
"5482571331280690fa02f6d418610e2f"
x-amz-version-id
GPY34XsOEB_u0Uf8iwc7gZbkwoeYJPhF
Cache-Control
31556952
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
16428
x-amz-id-2
DLI8QkJ8IF3XHrhBkI0hwfcilNg0ZYRZvlWGhbb2oHdVmmODsxUZ+iQF6HeyVztrYDdkdR/GZP8=
origami-widget.js
origami.secure.ownlocal.com/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami-widget.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 22:23:27 GMT
age
40301
x-guploader-uploadid
ADPycdu25KJ8FPgKOfoU5uGWIawgMrijKAy5g1LZLVqgUlK27MPaLk6PeCfy9gx3fcPsEv6BLyMIOBUUonZ7EqtnROZu4G60lM6t
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13289
last-modified
Mon, 19 Oct 2020 18:40:43 GMT
server
UploadServer
etag
"f5183a07384a657e61aaaeba0fc72448"
x-goog-hash
crc32c=FHVKdg==, md5=9Rg6BzhKZX5hqq66D8ckSA==
x-goog-generation
1603132843078573
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
13289
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 29 Apr 2022 22:23:27 GMT
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BB8) /
Resource Hash
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
gzip
content-md5
DgH26NwpVpUJ7mY3mCxUbA==
age
225087
x-cache
HIT
content-length
919
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 14:25:32 GMT
server
ECAcc (mil/6BB8)
etag
"0x8D7F2927FD84964+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
cc53e7ec-901e-0066-05a0-59b72d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
gD12H3oM9Iqch4Y2IgeBpEqQnAvfOv.js
widgets.recruitology.com/scripts/ 		42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/scripts/gD12H3oM9Iqch4Y2IgeBpEqQnAvfOv.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-116.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa6638fd6b14135367c46826b3dfea605fa7da5cca33ad8c2429456508826bc9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 02:31:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"8ce79a3beb278ff74c068a562ca479e7"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control
max-age=60, public
x-amz-cf-id
9tlYl6FCbJXBc6D5ctNv_rwuctDQhGL08FOS4QnGM7iJWbNZFFceGQ==
expires
Fri, 29 Apr 2022 09:34:23 GMT
DO-Cover-042322PESCA1-TGrillo-180x180.jpg
dining.staradvertiser.com/wp-content/uploads/2022/04/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dining.staradvertiser.com/wp-content/uploads/2022/04/DO-Cover-042322PESCA1-TGrillo-180x180.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.184.218.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.218.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
296f930cd2b76e267d23f736bacb316afa96ca56a6407ce919fb01c818cc1e07

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 25 Apr 2022 20:35:32 GMT
server
nginx
etag
"62670614-29e6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10726
HR-042422-Pacific-American-Lumber-LT007-150x150.jpg
hawaiirenovation.staradvertiser.com/wp-content/uploads/2022/04/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hawaiirenovation.staradvertiser.com/wp-content/uploads/2022/04/HR-042422-Pacific-American-Lumber-LT007-150x150.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.184.218.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.218.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fd5313c41144897d6218a4c351b580087909c85578a445e7028442a2206eb963

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 25 Apr 2022 21:52:53 GMT
server
nginx
etag
"62671835-314a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12618
YoungatHeart-032522-300x244.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/YoungatHeart-032522-300x244.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
419e764f9ea4545af6ff436304d2b73f965e7d5883cade5ee3519d0e8d64fc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 04 Apr 2022 18:18:03 GMT
server
nginx
etag
"624b365b-524f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
21071
2022-HHRS-242x250.jpg
www.staradvertiser.com/wp-content/uploads/2022/03/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/03/2022-HHRS-242x250.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3a20b0a28acbaafc252c351568cea2945799c82eda5e954787a5b39d7dbdd4aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Tue, 29 Mar 2022 01:48:05 GMT
server
nginx
etag
"62426555-4be0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
19424
SA-LocalBusinessGuide-RightRail.gif
sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/SA-LocalBusinessGuide-RightRail.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.147.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b9992e87acdce0b56ae06a416a40ba5b4771a9cd7701d97e9487044dbf1b65e0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:09 GMT
Last-Modified
Fri, 17 Jul 2020 01:10:19 GMT
Server
AmazonS3
x-amz-request-id
2KSNHAKTVTZ82XYX
ETag
"4de67d2a7b83c7aa57c53c16e04f45fe"
Content-Type
image/gif
x-amz-version-id
6IbaSWxCO7LzRPA4INzeWwcVLvh1Iht9
Accept-Ranges
bytes
Content-Length
33694
x-amz-id-2
NZzE1Zf2FY+5Vo6GglSe9boD5TZiQJcA01L4e6wqmbdaCb8CpaK6DkRCEcUSDFMxFv6+meF/3RM=
20220428_WEB_-HSB-May-8-1999.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/20220428_WEB_-HSB-May-8-1999.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d1b8c7fbb3b8804b4cfa4e5debed42582a3b193603a1dabd155fb814c7e93fbe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Fri, 29 Apr 2022 00:52:15 GMT
server
nginx
etag
"626b36bf-1b287"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
111239
api.js
www.google.com/recaptcha/ 		884 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
81551509564a472b80706cbbb8ad91d0eac7bc0ffa81eb920c6dfaec47838939
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Fri, 29 Apr 2022 09:35:08 GMT
newsletter-signup.js
www.staradvertiser.com/resources/newsletter/ 		2 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/resources/newsletter/newsletter-signup.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Sat, 12 Oct 2019 01:57:07 GMT
server
nginx
etag
W/"5da132f3-7ed"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
frontend.js
www.staradvertiser.com/wp-content/plugins/ad-refresh-control/dist/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/ad-refresh-control/dist/js/frontend.js?ver=1.0.5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Fri, 23 Jul 2021 07:01:13 GMT
server
nginx
etag
W/"60fa6939-3583"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
functions.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/functions.js?ver=20200320
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Tue, 24 Mar 2020 19:28:26 GMT
server
nginx
etag
W/"5e7a5f5a-10af"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
underscore.min.js
www.staradvertiser.com/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 19:33:19 GMT
server
nginx
etag
W/"60aff3ff-4a84"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
facets.min.js
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/js/ 		399 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/js/facets.min.js?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-18f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js
www.staradvertiser.com/wp-includes/js/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/wp-embed.min.js?ver=5.8.4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
etag
W/"5ff5d754-592"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
slick.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		87 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3370381
x-jsd-version
1.8.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19145-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"15b7b-XpZQCGXagm+FCTNPA0QivnZitG0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PG9uYbkhv3pvp1T7SYciNXLnsbDDi7dK%2B%2FJY%2BsEX9oZ4b8RpdpHktMw8HB9Z1vwbThV8xigR%2BpgMINznSSwj%2BzgmZh1BQEBm5E8769RXamPxw4twBlZMVPzTc6jjfHC0tiig6Hf%2B2FLwK5BFpY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
70370bbdf91acc36-ZRH
popper.min.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/popper.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-4af4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4367205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11522
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-bf30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4wRN4sjXp22cTrFcP0X5Y4BH6vqwySlwd%2B01VVYCV2M%2FELlkj8HfsAsY7nxwNdaxQjx8gZwu1louqxWT8Y7o%2BqxIahC7%2Fno4SgJ0XmHmWn7BYR3uX2mlCC4c4xUFVX7tlj5tEvfzvcnm6NLh3VfRsj2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70370bbdeff6233d-ZRH
expires
Wed, 19 Apr 2023 09:35:08 GMT
prefixfree.min.js
cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8511562
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2135
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-16f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7qNnFNGDcG4QIslGTRvyZdJ49a3WqjpS%2FpZwmCJEkkIVx8%2BNl%2FB1P27YykmXRrw5UQ2ND4hhY2tagMM1ttxDeMIt6INHAdyqqN3jaqOyy4Ost%2BxhE3tgwgl%2BTM51imkrlTNWr6ZMrieon9atbAve7o7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70370bbdeff8233d-ZRH
expires
Wed, 19 Apr 2023 09:35:08 GMT
hawaiian-text.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		915 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/hawaiian-text.js?v3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
27a248eda1fdeed115a09b6721edd068770883206d013e5b493a12aab50a7c41

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-393"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
custom-author.cmd-hsa-minified.1642203097.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/custom-author.cmd-hsa-minified.1642203097.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
33c002e144d2f01a2b5ed89a40dca710f0ac4d04fe7e3ca0ccfedf93e4adbb63

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Fri, 14 Jan 2022 23:31:42 GMT
server
nginx
etag
W/"61e207de-29cf"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/client/impression/ 		0
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/client/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=799048&referer=https://www.staradvertiser.com/
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AhnmlgS0EuCpgAzaFs0OB09%2BQajQ2zq0o7ngJGv3PSFOhULekfYNt0M%2FhsA2r0E0DpYv19ScqEnQMfBEA5Ev2VemR4pUkaqdVNNBimev4Z4slbP9mYffcQoN50%2F0lyij0uUdcHKRzySpuck3TV6ql10kg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bbf59593751-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUTlWVCuyW_tkAOKKC
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160074/3146// 		169 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160074/3146//pwt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5022fcf9de86b31fb30f480f4aa29fe96298d33242f5455a778da9f3079550b9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:22:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"11c1a63-2a268-5cd3b5de565d2"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=148307
accept-ranges
bytes
content-type
text/javascript
content-length
55348
expires
Sun, 01 May 2022 02:46:55 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:25:19 GMT
content-encoding
gzip
age
588
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
095K6T3NB79CGQG4Z6RK
etag
4abd427e43cd6822329a2c05539e321f
vary
Accept-Encoding
x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6rwgYePAEKCTFvnF9WIl7_JPikU3fRLyIsoCF-UUaf5ligm2JEEfdg==
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wsl8gsu&ht=tk&f=139.140.175.176.28494.28496.28497.28498&a=84346937&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dc7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gpt.js
www.googletagservices.com/tag/js/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72c47cf501e7ec69da0a142c9c696f0b9c9d8f90a4d3d86bb72f6226f2bd7386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28748
x-xss-protection
0
server
sffe
etag
"1199 / 512 of 1000 / last-modified: 1651183671"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Apr 2022 09:35:08 GMT
prebid4.15.0.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		196 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/prebid4.15.0.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d2be56cea1a4dcdfe58a21865c56188678e70e0cb288a965f649829ad71d467d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Tue, 16 Feb 2021 02:08:00 GMT
server
nginx
etag
W/"602b2900-3117a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4677
date
Fri, 29 Apr 2022 08:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 29 Apr 2022 10:17:11 GMT
aam.js
aamcftag.aamsitecertifier.com/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aamcftag.aamsitecertifier.com/aam.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4200:14:c3e7:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a476b3442043756f97fc98c480c06c65c74207e12ae6ba150eee21d7eed067

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 06:32:58 GMT
content-encoding
gzip
last-modified
Mon, 01 Feb 2021 19:46:45 GMT
server
AmazonS3
age
11361
etag
"d01602293dda6546ca8f8ededd0e44e8"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
25648
x-amz-cf-id
_yfD-HhAqRbS62XxOiKR5oj4bhsGENUfSCoK1qUZQjZwNMMzM-kJeQ==
x-amz-meta-s3b-last-modified
20210201T194158Z
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d2na2p72vtqyok.cloudfront.net/client-embed/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-81.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b078a887633e489bea3993a5932c0b2d4d4041adcfb43a0d0465e1d38c456c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
0zLVNzRwH8kS7t0tRoWm6vNZ4sIbrPUp
Content-Encoding
br
ETag
W/"74ae308b1903b82a57cbe469cd6941bc"
Age
16
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 27 Apr 2022 16:53:20 GMT
Server
AmazonS3
Date
Fri, 29 Apr 2022 09:35:08 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
Rl7u71u5CjzSwZU9lwLMk3RwKMHnd_NCTQALD3w5Jm7qQw2H1NPtPg==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 04:58:19 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
23666
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
zOvec462ZgNF44lykWBPZwgsXkRPBjHvrxnFPQ6OJDh76XO4f5JQOA==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
oYml3umm8fWMAUK+HFY2frUo8T0PXSpvA9gugFbW13z2PnEJIS/EMqpTN1mLCdlAbFJDHSK+bwG5rRbciCGpAw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 29 Apr 2022 09:35:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
wp-emoji-release.min.js
www.staradvertiser.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
nginx
etag
W/"60bfebf0-4705"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bg-ad-black.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/bg-ad-black.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c6d36a345aad21002e4db0c4578eba8e9979a61c22f112f55ac95c166cabdaf9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-40b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1035
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
512978
cf-ray
70370bbd9e0a83a8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44068
x-amz-id-2
X5BtRJwm80DM5m9v0wvp491dutVPKMpPDzmTh0VGWjhu06MTJGkQJxKmeB74rLntorcRRPzZ/y4=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"84f351b3972185aed620f78489e48b2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAOzQ9Jyia4R3bU%2FvJtGbeQpMQas22xc4fHb%2BQnRwcNaCFy9chBsofuFk6OdOeS%2Fe0FrVo4TMtKty7YojvX5BFNDUff8vCVMPx6gz9VrxORiFpBMCK%2BKLhhfyk4U2cTKD%2BCMVqoaFTTiUMjG3QpvmgM8"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
MKN2M25X5SQ15P5M
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
bg-ad.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/bg-ad.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
05488f9b88e6509afa4c9438d1352309aee2b020a508c76d66f5691f03824ff1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-3ac5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15045
l
use.typekit.net/af/65a133/00000000000000003b9adc1a/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/65a133/00000000000000003b9adc1a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
acc3c4b04f19bc9067921dc3e4ce4f734521bb13b9d0c9943e8fa9585797114f

Request headers

Referer
https://use.typekit.net/wsl8gsu.css
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
server
nginx
etag
"d1273710b7f550512dbb2ff62d904ba6dde81f28"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34860
fa-regular-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12721463
cf-ray
70370bbdcebe83a8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12216
x-amz-id-2
sYRWODIhhHl0ZXqtAD+7kXl/BbJU4CR/Q8T5Gygt5SDrolFvT23qtGpNx0KNIJ2fXu3j1tUYh7A=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"12717b4a013de862452c4ffcf4e1c264"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bplRxPDLCqNhnntXeGOEe8KJ6sw%2F%2BmgESo%2FswHnQ1VJp18bDnSSjFApuTwK4OdpZLAKe6C9yVWVGdkqTxpiNOVir1LffA1MzkLfStZg36%2FarxFTeQQ7BG%2BnhqdGpEU58yLCLCCcfXQgh1MjebRoSy7bh"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
Z9HMGHCVK8K9SZWF
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
web1_AP22118720846867.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_AP22118720846867.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c6a06df3cfb74c5f9607fb80a851fff26753ae79393aaa559b99c8a795494271

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Fri, 29 Apr 2022 00:47:55 GMT
server
nginx
etag
"626b35bb-ea89"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
60041
web1_20170218-0286-CTY-HPD-HQ-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20170218-0286-CTY-HPD-HQ-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8201af9bbcf421c490ef9dece80620c235a5bb690b2e752f0ba88cde14e158eb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Thu, 28 Apr 2022 08:44:05 GMT
server
nginx
etag
"626a53d5-3f6c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16236
web1_050422-WEB-David-Ige-300x177.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_050422-WEB-David-Ige-300x177.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
be636d017ee1646b335cb4a9736126947e96ff6f9475a97dfb679bbb893c3951

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Thu, 28 Apr 2022 17:14:35 GMT
server
nginx
etag
"626acb7b-2487"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
9351
web1_CTY-WAIKIKI-BEACH-2-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_CTY-WAIKIKI-BEACH-2-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
554db807a6ac5cfda44cb03bf03e80f1177f53d03d8890b4a917cc2b0686d986

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Thu, 28 Apr 2022 19:40:24 GMT
server
nginx
etag
"626aeda8-47eb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18411
web1_CTY-kuhio-hwy-3-300x225.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_CTY-kuhio-hwy-3-300x225.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
24e983068ad09803fd40dd74557824b5a066d61ab84aa78ea95a573bf682f0d0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Thu, 28 Apr 2022 08:03:27 GMT
server
nginx
etag
"626a4a4f-4c95"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
19605
web1_20220105-web-Keith-Hayashi-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20220105-web-Keith-Hayashi-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
97b1c6b79ed5a2fe7ae0ff6b31741885246be1b9c3153ca4a4e894952b1e490d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Thu, 28 Apr 2022 08:42:04 GMT
server
nginx
etag
"626a535c-3534"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13620
web1_CTY-moanalua-grads-31554-300x194.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_CTY-moanalua-grads-31554-300x194.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
778752f58d9fe2db0f680e2a03285576852619e61bd5105963446362413d65c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Thu, 28 Apr 2022 08:04:57 GMT
server
nginx
etag
"626a4aa9-3c65"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15461
web1_Maui-School---Tesla-Stacked-300x243.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_Maui-School---Tesla-Stacked-300x243.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
192cea5d17040b5b355a4c9a2c904e6b723d893dcd4dea182d2ffb0530c171e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Thu, 28 Apr 2022 11:14:32 GMT
server
nginx
etag
"626a7718-3d5b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15707
web1_SPT-UH-BASEBALL--51-300x225.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_SPT-UH-BASEBALL--51-300x225.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
658605a82a854756212c91c1eab58a552e0dce672f602118adfa2483f89f35dd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Thu, 28 Apr 2022 08:25:42 GMT
server
nginx
etag
"626a4f86-26aa"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
9898
web1_20220428-web-palama-test-300x198.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20220428-web-palama-test-300x198.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
95e4656633c756c6d7b3883eb9e7c2ffdaa4ff077c0fa27a30893aadb5535948

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Fri, 29 Apr 2022 00:14:27 GMT
server
nginx
etag
"626b2de3-242e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
9262
web1_web1_20220423-Waimanalo-300x225.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_web1_20220423-Waimanalo-300x225.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
98c3c4d6c6d27a0744f2cdb46e68440adee89b70eb6be5a7f0235b5764ba053b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Fri, 29 Apr 2022 02:38:47 GMT
server
nginx
etag
"626b4fb7-2aa8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10920
web1_20220428-fire-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20220428-fire-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b5aa93e2ff11c0eb628a748208ca8ffa2bd6f5ab57417a4bdde556b6249b97fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Fri, 29 Apr 2022 03:27:26 GMT
server
nginx
etag
"626b5b1e-2d78"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11640
web1_hpd_HPD_honolulu_police_20200115-300x169.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_hpd_HPD_honolulu_police_20200115-300x169.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ce2b63243da727c9f82dba8f6baa73c0114c4665179ed0c777348c0906736b50

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Fri, 29 Apr 2022 02:00:05 GMT
server
nginx
etag
"626b46a5-2a6b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10859
web1_20220428_brk_kap01-300x190.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20220428_brk_kap01-300x190.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
593c4cdb966c73a543a9e7ff408a359db5de6103398124601e6b3e63f96c0d2d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Thu, 28 Apr 2022 20:03:39 GMT
server
nginx
etag
"626af31b-3fad"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16301
web1_20220428-web-test-kit-300x189.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_20220428-web-test-kit-300x189.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bea23a31da5384114deb6f497f82cbd2558a6d713e852ce56431d9516c42ca41

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Fri, 29 Apr 2022 00:39:58 GMT
server
nginx
etag
"626b33de-305a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12378
web1_12482615-e4ffa576ab87494aab82a0d9a31fab7a-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_12482615-e4ffa576ab87494aab82a0d9a31fab7a-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9868daa89922df83ad98b8f727e0fea3b4589ec98b361c1ed25020f592f31739

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Fri, 29 Apr 2022 02:22:27 GMT
server
nginx
etag
"626b4be3-2962"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10594
web1_starbucks-breaking-300x200.jpeg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_starbucks-breaking-300x200.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
580316dd690d32cf07c2f08370edab8f8d1d36165720a370ea9aafd5fb4ff1b2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Thu, 28 Apr 2022 21:40:46 GMT
server
nginx
etag
"626b09de-389c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
14492
web1_12483372-9b0d8596a0254ff9a17e099ac000f8ac-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_12483372-9b0d8596a0254ff9a17e099ac000f8ac-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
45d8b6d4d7493eedb686e9ddd77cb882e960d4fd91a9409ba6073ac21e1fb0e5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Fri, 29 Apr 2022 03:56:36 GMT
server
nginx
etag
"626b61f4-3178"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12664
web1_12482690-c7051f8e02034f33b3f8920628eab446-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/04/web1_12482690-c7051f8e02034f33b3f8920628eab446-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0dd9b4265c1eaff6f2f4a0f6a5e03d163f9a831328afb2ca882e08fd5ce74e24

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Fri, 29 Apr 2022 02:31:03 GMT
server
nginx
etag
"626b4de7-2ff0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12272
loader-sa.jpg
www.staradvertiser.com/wp-content/plugins/cmd-hsa-lazy-load/assets/img/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-lazy-load/assets/img/loader-sa.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
969c577b1459c03ad78597e6c1f13a836dc74a439e9c17b0094bedf4d312e57a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-6cb8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27832
videoseries
www.youtube.com/embed/ Frame 2564 		212 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f0145778138cb497a62cabf12b7c85089df6bb1e86e14f866be1f3ad9225695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Fri, 29 Apr 2022 09:35:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.25.1/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.25.1/jwpsrv.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/ZoPFXSjg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfa7a03558006522a62cff68598a23b5df942a302f5d562ea8a1757465314e40

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
gzip
age
206
x-cache
HIT
content-length
18774
via
1.1 varnish
x-served-by
cache-mxp6967-MXP
last-modified
Mon, 25 Apr 2022 19:35:02 GMT
server
AmazonS3
x-timer
S1651224909.057141,VS0,VE0
etag
"b1a6104dbbfab0c05f4ced56046c3bd9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
295
gapro.js
ssl.p.jwpcdn.com/player/v/8.25.1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.25.1/gapro.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/ZoPFXSjg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9fbeaf40d2ffc26488be92110e35c3714a07273c7bc4d79f54c22017254991a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
gzip
age
224896
x-cache
HIT
content-length
958
via
1.1 varnish
x-served-by
cache-mxp6967-MXP
last-modified
Mon, 25 Apr 2022 19:34:55 GMT
server
AmazonS3
x-timer
S1651224909.057122,VS0,VE0
etag
"35531725579fe3b0c3fb3ad5114de74b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
20245
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.25.1/ 		308 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.25.1/jwplayer.core.controls.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8abb083a257283bbd88d9996d0dc557487a4866ea05591343e48885148f7ddfb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
gzip
age
225219
x-cache
HIT
content-length
81932
via
1.1 varnish
x-served-by
cache-mxp6967-MXP
last-modified
Mon, 25 Apr 2022 19:34:50 GMT
server
AmazonS3
x-timer
S1651224909.057214,VS0,VE0
etag
"4efa6b080b4ca101f5054178fbb88e04"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
66220
025uSCQm
cdn.jwplayer.com/v2/playlists/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/025uSCQm
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
d69d3dd781c3317bd5708cc89592950d6ecfec4581bf56f60d75870bfa9352cf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
content-length
1596
via
1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-id
VJWvBcj6N5Zy2we5Ifxil9BwEiMTssJwvciahab9DoqLzeLoTYp2yQ==
expires
Fri, 29 Apr 2022 09:38:08
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		167 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=staradvertiser.com&domain=staradvertiser.com&path=%2F
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1bdd3e645e5be204ed300083ad58af70cd5eb69e6b4235bc5b6f7e98170951f0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
128
x-served-by
cache-mxp6928-MXP
access-control-allow-origin
*
x-timer
S1651224909.759421,VS0,VE110
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Wed, 27 Apr 2022 09:35:08 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4962564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17086
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-f4a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUDWTXFDMfl%2FkMHu2ZH%2B%2FUFI3TQhdOfi%2BY9HtrtUWgGo%2F8sYhHLRSWheSoD3Vxj7s2b%2F6E9GZEiB3PWH1KF%2FVa%2BRoCB7fVIhpBgJfgt1rGOMjjRnGLFzsYJFdMP4QfEJncaOKMLbs7eMoSKjcwpm5okn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70370bbf2c31cc62-ZRH
expires
Wed, 19 Apr 2023 09:35:08 GMT
t
jadserve.postrelease.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.staradvertiser.com%2F&ntv_mvi
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.231.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-231-202.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
172f0803f0a8cd8bd5146ddb0d2dab2c3a9b94a6724ab75ce550ce1a4cc51b57

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
1071
expires
Mon, 1 Jan 1990 12:00:00 GMT
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23119601
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqV%2FHnHQ0pLcpuQ9XnXHDU2Foy02zeqsaI0BzK2C02ySlMMRei2CX%2FqCcXwoy53yGVDSpdGrpAcdacFutbc%2F5wq3TwplOSZcm0grBrFXNbKBpCkoC652ENlpSw9WTSz7%2BZeXSRcLeU%2FG1WGkAHtNTAIt"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70370bc01b080211-ZRH
expires
Wed, 19 Apr 2023 09:35:08 GMT
css
fonts.googleapis.com/ 		8 KB
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9f282849d1cf8f3649ab2b38ee674050c4516b9cafe0c8eb5be6f7f5ce6a529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 07:51:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:08 GMT
search-bar-autocomplete.css
widgets.recruitology.com/lib/ 		809 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-116.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f78e3422084b9a403f0d1fe0657cc8464a8b9ed4535a374608974e70539422a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2017 21:04:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"94c4aff69d9031d7ac28ab2f706d8ff0"
vary
Origin
x-cache
RefreshHit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
809
x-amz-cf-id
lIbZPaOMxPYfMTaBHUuhL-NGqyYqicHrLlAWSRE6iBJv21B_mLXdDw==
auto-complete.min.js
widgets.recruitology.com/lib/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/lib/auto-complete.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-116.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba1bfdef6fd715d9b9c3d6f09f1d1c46ae3e1abf8344750c22af4e57d1f7ee31

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
last-modified
Mon, 24 Apr 2017 21:04:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"0731475e6a55c38b7ff6cd23c98c121f"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-id
wor-GQxusBrpePKXmbX3WyEKj0t6x8wPrc2cvmL7zzzkKhIWS1rqOQ==
fa-briefcase.png
recruitology-static.s3.amazonaws.com/static/images/ 		835 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recruitology-static.s3.amazonaws.com/static/images/fa-briefcase.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.147.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
982fd78f58ce2a94e199e5b624969a8e7261b31955160fce4d1ea98bb36bafb0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:10 GMT
Last-Modified
Fri, 23 Jul 2021 13:24:54 GMT
Server
AmazonS3
x-amz-request-id
3ME6VAWHDPW7YQW3
ETag
"6b0ea0515ba755249bf5d4a22b41805e"
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
835
x-amz-id-2
bqUY+wyLXjI/h8POaRsPc8txXpiVpLATUu+hjRss5my1C69ZdrINID/OG752jwGHgGZeTsVjhWM=
fa-location-arrow.png
recruitology-static.s3.amazonaws.com/static/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recruitology-static.s3.amazonaws.com/static/images/fa-location-arrow.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.147.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a3d2e1e7066775143da6681809d6f2c359736315cbc6457e1faacf8647f3e4b9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:10 GMT
Last-Modified
Fri, 23 Jul 2021 13:24:54 GMT
Server
AmazonS3
x-amz-request-id
3MEE6N44JDVAAQD3
ETag
"afb85cfd6600a866bb3ab634a12b73ca"
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
1152
x-amz-id-2
9/SbbQ8uRlGdDxgP4TB0x7Hokhy3qXKcrVoAI+2ivPVD3UxZizpJFM1F+9XgYyRcWlostdCsopo=
fa-search.png
recruitology-static.s3.amazonaws.com/static/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recruitology-static.s3.amazonaws.com/static/images/fa-search.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.147.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f7008fb6ed25a1eedb24388fa3f2024f7be118b310d492699dcb6b3ccf06cead

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:10 GMT
Last-Modified
Fri, 23 Jul 2021 13:24:53 GMT
Server
AmazonS3
x-amz-request-id
3ME02FY5ENZVDY87
ETag
"1a48a4475bcc37e8866403c27000c83d"
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
1212
x-amz-id-2
7gofGsXaIrd999paSjzDlx7aAFqZiI1vpdnKRTp2cnfK5bnckXBr1f1VxdMrqAbOOeBx5LlSFiY=
email-signup-bg2.gif
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/email-signup-bg2.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
21ae863e166094b37618bb195db2b44719d89ea2f7748b02ef140c6ed03f0370

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Sat, 12 Oct 2019 02:20:59 GMT
server
nginx
etag
"5da1388b-4158"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16728
recaptcha__en.js
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ 		360 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1ac660767f0b902644fec786e9321a1fc2f2d50fac439eaaca062fb60d88124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 08:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145349
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 04:02:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 08:12:52 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma15446/988352900/1/
Redirect Chain
  • https://js.matheranalytics.com/s/ma15446/988352900/ml.js?cb=1593
  • https://js.matheranalytics.com/static/ltm/ma15446/988352900/1/ml.br.js
142 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma15446/988352900/1/ml.br.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
3e51ee69dd9c30198ed79a8b728c45a6a964c1e6f57fe515afc58e295b878390

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 01:37:32 GMT
via
1.1 google
last-modified
Tue, 01 Mar 2022 04:25:58 GMT
server
nginx
age
28657
etag
"9694bea72a8364646b1ceb32b06dd951"
vary
Accept-Encoding
x-cache
HIT Tue, 08 Mar 2022 00:31:00 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42335

Redirect headers

date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma15446/988352900/1/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
4-gc-euw1-10920
chartbeat.js
static.chartbeat.com/js/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3600:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 08:12:31 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 00:08:30 GMT
server
nginx
age
4957
etag
W/"625f4efe-8bf5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
vHDEMtR4GNyaBvROu99D2sJRcITXyMY0kNEZ65pfm-i8IOaZ4PUqjQ==
expires
Fri, 29 Apr 2022 10:12:31 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-103.fra53.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:25 GMT
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
164
etag
"61b8b8ab-1090"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
4240
x-amz-cf-id
MOT0W5ZDwLPS-ENsDKGN3QvwMPu8O3LrqzDlo9mfwNaq9GBx7HzUaw==
expires
Fri, 29 Apr 2022 10:32:25 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
c8f97f7bb6c6b29efc8b489b50e2cc611365d8ad152ee6ea7c13e8a013a27acd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:33:30 GMT
content-encoding
br
etag
W/"54417a806a5e34fb9f1b6f530c3acd59"
last-modified
Fri, 29 Apr 2022 09:33:30 UTC
server
nginx/1.20.0
age
99
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
gZAXKP7POkzPByCNMLBYtEltAA0-5USlq2whvw5U9jBPC7V28ycm9g==
x-xss-protection
0
ats.js
ats.rlcdn.com/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
17695
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Fri, 29 Apr 2022 04:47:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
7M8x2qCDvdiyA04wDhs-SbitR1qaKsKEAs-QWOg3UFtGgZMtGh5Kng==
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1944320
cf-ray
70370bc00963e8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55144
x-amz-id-2
68hNg4bfMYAy55QacbRWA6erBl6cEr7WJxqOm17ukAeOYHU3POUc1mm6OoMPJbwe52etJpplvJI=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"2ac01f7650b5ab76bfebbc708928929e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcNFf2JiMqXnMskr3VXTDIYWV%2BRT4WuGFuzoBZRdqC%2FRADnILT3ndphiF%2BZHjNT8wALiJhst4ruzKMFSNEloGSTaLCAvHOFT93XIle25%2BBQygPSj51oXl6XjhH%2FV%2FDuP2qELBPMEfYLPt9A2BUCuoafo"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
4M6S2J8WED7BDJ0Y
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
hqdefault.jpg
i.ytimg.com/vi/7gjrN4qoRTw/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/7gjrN4qoRTw/hqdefault.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
204e705175a48f8019fb8dcfde96d2479047e3aaf7f55dd89f6bb01a56e80dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32424
x-xss-protection
0
server
sffe
etag
"1651105819"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Apr 2022 09:40:09 GMT
hqdefault.jpg
i.ytimg.com/vi/MygX-lG_CPo/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/MygX-lG_CPo/hqdefault.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250bee9b1d22d7bc2c6edb93370866ad8834068990dee4de16a768ee40f37366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22595
x-xss-protection
0
server
sffe
etag
"1651030762"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Apr 2022 09:40:09 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
529840
cdn-cachedat
2021-04-23 07:18:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3dc67c43f5f695f65a3234d8a4ac94d0
cf-ray
70370bc06e06cc3e-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		67 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
W/"60c805fa-10c45"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 29 Apr 2022 09:35:08 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25620099
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZZ64YVJCFT66N5R4
x-amz-id-2
uBHCTQzbqFE5aENWsxzmRCUY5pFwL1R+9FN07yIfTPXJRnC9EVLXBnDKVVwZMDMTt/9lqmA+/7k=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ao%2BA4kkHGKGjrCQzdqByQ42GHynpq0gZ4fixEhD4lRHBVJxQkY7r025QSCzolF8WWzrF91O5apxKUGjPv5uoU5xZheQBbYMKxNcy%2F%2FKUe1vvQeF0yEy0M5KI%2Fb%2FTQ2yspuc05GvEphp3noq1TZuHgde9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
70370bc019a6e8eb-MXP
sa-jwplayer.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		2 KB
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ 		502 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.4
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.4
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		16 KB
1015 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22d2dbc568d9b2b5842846a10a2f884a2612cc721ebff2864a8d710bb7151991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 07:54:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:08 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23119601
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZMM85HpCRKi1ZTanxhKgZAIzzo0ngYyMUgeCojPJq9GEOASlaCvN3Ecf5HySfCwxpjLXsvYW3%2Fqq0N0t8ClI9Dv72o%2BziNy5UjBDiUlu%2FPTrhb0szS2IrK9nKKR49GZlT8QMAFu1GdnawniYkwtDx%2Bw"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70370bc01d0dcc62-ZRH
expires
Wed, 19 Apr 2023 09:35:08 GMT
css
fonts.googleapis.com/ 		8 KB
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9f282849d1cf8f3649ab2b38ee674050c4516b9cafe0c8eb5be6f7f5ce6a529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 07:54:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:08 GMT
search-bar-autocomplete.css
widgets.recruitology.com/lib/ 		0
0
active_orders
origami.secure.ownlocal.com/api/ 		381 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=11d8bf01-4a0d-42f1-9c82-39f1b7726234
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
2ff0a7e9a40ed693b1ffbd12e6705f64adf28953141f7a0e5c7166e6aa379391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
374
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
381
x-xss-protection
1; mode=block
x-request-id
6caed8a6-486a-42c9-ad14-4bbde153edd3
x-runtime
0.038379
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
x-frame-options
SAMEORIGIN
date
Fri, 29 Apr 2022 09:28:54 GMT
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Origin
cache-control
max-age=3600, public
etag
W/"2ff0a7e9a40ed693b1ffbd12e6705f64"
access-control-expose-headers
active_orders
origami.secure.ownlocal.com/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=c46cf15d-1622-4157-8f3f-18b9a61946de
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
58e647d2e10426c5821d1d4472bfeaec38bd711e7b472b09b5852565967d2ce9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
374
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2957
x-xss-protection
1; mode=block
x-request-id
c3fc22d7-b92e-466a-a875-17e596a1ec90
x-runtime
0.045264
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
x-frame-options
SAMEORIGIN
date
Fri, 29 Apr 2022 09:28:54 GMT
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Origin
cache-control
max-age=3600, public
etag
W/"58e647d2e10426c5821d1d4472bfeaec"
access-control-expose-headers
play.png
www.staradvertiser.com/wp-content/plugins/cmd-hsa-dbn-video/include/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-dbn-video/include/images/play.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
12617a86d84e318f81b68310fb64c66b79059877e1b550d2e7a43472e0c417f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-87d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2173
play.png
www.staradvertiser.com/wp-content/plugins/cmd-hsa-video/include/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-video/include/images/play.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
12617a86d84e318f81b68310fb64c66b79059877e1b550d2e7a43472e0c417f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-87d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2173
config
c.amazon-adsystem.com/cdn/prod/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 04:28:53 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
age
18375
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
GjNSYdMQB3wXpaCrV5RqpwzeLGnSv9xu_F-qcHQvc9lZNypHS203MA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
28363
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Fri, 29 Apr 2022 01:42:26 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
tYHQPgmWXaBSRL-2DY3upOYPJQKJtTMluaMomP2ugTk9XxvBTyht7g==
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
529840
cdn-cachedat
2021-04-23 07:18:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3dc67c43f5f695f65a3234d8a4ac94d0
cf-ray
70370bc06e03cc3e-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		67 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
W/"60c805fa-10c45"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 29 Apr 2022 09:35:08 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25620099
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZZ64YVJCFT66N5R4
x-amz-id-2
uBHCTQzbqFE5aENWsxzmRCUY5pFwL1R+9FN07yIfTPXJRnC9EVLXBnDKVVwZMDMTt/9lqmA+/7k=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrvXjWpjW2T1wOqrVGE9nIszYAPSYS%2B7V78WPbqMbBne0CWlKVfswiKXeJu547c97c%2BwnFaMIQn9sMJQD7dEJ7wzNdHhILh%2Ft9uA0SqYHORFHBYq0TIEqRB071nRcTtycRYzHryIyqkO24ZbRjZdjKqp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
70370bc049ebe8eb-MXP
sa-jwplayer.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		2 KB
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ 		502 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.4
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.4
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		16 KB
1015 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22d2dbc568d9b2b5842846a10a2f884a2612cc721ebff2864a8d710bb7151991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 07:50:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:08 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23119601
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dopT2AeqnPSmuRebqNjV232%2Fb6lgh%2BBOCScmkYiUKbAgdluh2iYvq4FELXPw5uJKt8isTOkV%2BC6y4%2B%2B8GiaWNhFVxp1WU5AlJMGZ8eL8CLXdVkopxlnuw%2FTVomlnx7Y75%2BiIarQ0v7BOkZML7xSp%2F6UI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70370bc04d4ecc62-ZRH
expires
Wed, 19 Apr 2023 09:35:08 GMT
css
fonts.googleapis.com/ 		8 KB
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9f282849d1cf8f3649ab2b38ee674050c4516b9cafe0c8eb5be6f7f5ce6a529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 07:41:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:08 GMT
search-bar-autocomplete.css
widgets.recruitology.com/lib/ 		0
0
www-player.css
www.youtube.com/s/player/9cdfefcf/ Frame 2564 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9cdfefcf/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:53:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
49291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47149
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:16:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 19:53:37 GMT
www-embed-player.js
www.youtube.com/s/player/9cdfefcf/www-embed-player.vflset/ Frame 2564 		277 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9cdfefcf/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f47d2e856e15811898277d3a1f455ab9b15d50920b1f351ada165287518bce68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:53:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
49291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87526
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:16:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 19:53:37 GMT
base.js
www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/ Frame 2564 		2 MB
524 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13516ba585f7bc601f104eb718303eb7d44a76bbfcaf804707b74130c1c2b008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 20:01:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
48811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
536539
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:16:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 20:01:37 GMT
fetch-polyfill.js
www.youtube.com/s/player/9cdfefcf/fetch-polyfill.vflset/ Frame 2564 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9cdfefcf/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:53:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
49291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:16:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 19:53:37 GMT
pubads_impl_2022042601.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js?cb=31067331
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
43700b9800ddc7b26ee1bf46a878b942908a720bd48a1809163d3a26de2944c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1729
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127613
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 29 Apr 2023 09:06:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		444 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
0d7833196894b879b5e83c479db940de5f0633ec37b73e6bc075773ecdd3d3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
188
x-xss-protection
0
expires
Fri, 29 Apr 2022 09:35:09 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 29 Apr 2022 09:35:08 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1128
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Hgd6IHxQYjJETXY3ejFoMm52NENFQWpDb3lSajJMNnlyR0t4QnFjWUh2Q3NZNUErR25VUXgxY1dybUdJcUxJMVpqMUZPQjZocW1hTTJCUlJtSHhDS1pMcWZ2UHJWYmVxZnk4VDQrelpXZlN4THR1UEtNRnBnOUpEV0xCOG...
347 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Hgd6IHxQYjJETXY3ejFoMm52NENFQWpDb3lSajJMNnlyR0t4QnFjWUh2Q3NZNUErR25VUXgxY1dybUdJcUxJMVpqMUZPQjZocW1hTTJCUlJtSHhDS1pMcWZ2UHJWYmVxZnk4VDQrelpXZlN4THR1UEtNRnBnOUpEV0xCOGtQWDdOQW9COXZMRDJRN3BiaUloMWlFOVg2NDZKeGpSaUdNQVplMlAzT1E3MSs2OUJQOURSc1pLdmJmcWFWOHlHYUFlL1JJQktoSVBjRGNsNEh6bmdERjNJOWdGQVBFb2tnTTh4T1JKM044T3pkanhtdXkxampvYXNiMXRNWVFiU3VhQ3hYckdOfA&cppv=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
3e7b4f2e637df623f887ab61f1bc2762b373f8f3f27948f48719339dfdaf7ad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3140
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:09 GMT
location
https://mug.criteo.com/sid?cpp=Hgd6IHxQYjJETXY3ejFoMm52NENFQWpDb3lSajJMNnlyR0t4QnFjWUh2Q3NZNUErR25VUXgxY1dybUdJcUxJMVpqMUZPQjZocW1hTTJCUlJtSHhDS1pMcWZ2UHJWYmVxZnk4VDQrelpXZlN4THR1UEtNRnBnOUpEV0xCOGtQWDdOQW9COXZMRDJRN3BiaUloMWlFOVg2NDZKeGpSaUdNQVplMlAzT1E3MSs2OUJQOURSc1pLdmJmcWFWOHlHYUFlL1JJQktoSVBjRGNsNEh6bmdERjNJOWdGQVBFb2tnTTh4T1JKM044T3pkanhtdXkxampvYXNiMXRNWVFiU3VhQ3hYckdOfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1502
content-length
509
expires
0
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.25.1/ 		419 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.25.1/provider.hlsjs.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8208faba31cabb7ea3da9c8ba107f434e5c133a9bbc4071e7d040573fd4ad73

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
gzip
age
225219
x-cache
HIT
content-length
118860
via
1.1 varnish
x-served-by
cache-mxp6967-MXP
last-modified
Mon, 25 Apr 2022 19:34:53 GMT
server
AmazonS3
x-timer
S1651224909.341016,VS0,VE0
etag
"ee5074a7437af7f267f3cc5a33173dc1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
58266
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 22:45:30 GMT
x-content-type-options
nosniff
age
211779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 22:45:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2564 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 11:18:05 GMT
x-content-type-options
nosniff
age
253024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Apr 2023 11:18:05 GMT
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c

Request headers

Accept
text/html
Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 22:30:06 GMT
age
39902
x-guploader-uploadid
ADPycduGv-Q1OMV7WysjBJGM5lJ7Oovg_pBXoHHpvj7YP-74kRlyq0oae60-Vfu9q8HRsE1B06FcmLLan6HRbTKCwI7qKKdwtsJx
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13753
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:38:49 GMT
server
UploadServer
etag
"0ac794e2a61ea0f7ec1bc4cf3520238b"
x-goog-hash
crc32c=HivesQ==, md5=CseU4qYeoPfsG8TPNSAjiw==
x-goog-generation
1648229928975210
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
13753
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/html
expires
Fri, 29 Apr 2022 22:30:06 GMT
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c

Request headers

Accept
text/html
Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 22:30:06 GMT
age
39903
x-guploader-uploadid
ADPycduGv-Q1OMV7WysjBJGM5lJ7Oovg_pBXoHHpvj7YP-74kRlyq0oae60-Vfu9q8HRsE1B06FcmLLan6HRbTKCwI7qKKdwtsJx
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13753
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:38:49 GMT
server
UploadServer
etag
"0ac794e2a61ea0f7ec1bc4cf3520238b"
x-goog-hash
crc32c=HivesQ==, md5=CseU4qYeoPfsG8TPNSAjiw==
x-goog-generation
1648229928975210
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
13753
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/html
expires
Fri, 29 Apr 2022 22:30:06 GMT
widgetinfo
p.cityspark.com/api/widgets/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=9865&callback=jsonp1651225832672
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e42ac5786d36241b2bb8f9bcf603f775d1030b2f99442706222f6b57e83a654f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:09 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=staradvertiser.com&p=%2F&u=XrAkXB0EUmPCpMBPW&d=staradvertiser.com&g=48334&g0=Homepage&g1=Associated%20Press&n=1&f=00001&c=0&x=0&m=0&y=11086&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2394&t=bPnfguGISkCRhFKtBYSDFQB_odkh&V=132&i=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&tz=0&_acct=anon&sn=1&sv=B1Je4NCr23srBJryUpt00evvZ5oz&sd=1&im=067b2fff&_
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.107.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-107-56.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:09 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/alerts/net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analyticssystems.net/api/v2/alerts/net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6UWnlyucsGueGU2LRg5AiOetVlu%2BR6nQ%2Bgna7DI1aoxGIIXU4MHvy4iY6rF%2FpEL0DDouTymUXJ7mxLi9HV9Wl%2F8qvlTyGhJXw90N9Oo5ZnoGVZTUdjR%2BktyjBgF1ENYofxIlMsOCMMfO0AHmsMnyAqnJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bc38ffa0f6e-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUToPULn-pmzMCHBhR
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1006023325&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&ul=en-us&de=UTF-8&dt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1036698177&gjid=1322282129&cid=1497013893.1651224909&tid=UA-16272709-1&_gid=739477006.1651224909&_r=1&_slc=1&z=1229697056
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ares-unit.css
origami.secure.ownlocal.com/origami_unit/production/ Frame DC06 		46 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 22:10:42 GMT
x-goog-meta-goog-reserved-file-mtime
1648229840
age
41067
x-guploader-uploadid
ADPycdsOSxOLWJy1pHTyU7HuJlDBKKwI2Ay_obOLeGhWjkOJpRd9r1kQcqfwDSOWOWFQmvLZetVqAdyh3ZjbXb3TAwfheAaQwj-z
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46760
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:50:37 GMT
server
UploadServer
etag
"020de548baebf815e420fecd7cf5b327"
x-goog-hash
crc32c=+pua+A==, md5=Ag3lSLrr+BXkIP7NfPWzJw==
x-goog-generation
1648230637718667
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
46760
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/css
expires
Fri, 29 Apr 2022 22:10:42 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame DC06 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25981373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWTeBNy85p01yiJ589P6ToMkmTKREaQ85IiOAjXXBXTgfbegZgbZv65Tpl7byGGlPzzQPHmFxDrSBATuUrWYP8%2B5a4c3%2Fom%2Fxto1T3h4c%2FLE53qtauY0%2BXi6p251PBar0xdr%2BB0nnd0SI2jKIb3vUQLA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70370bc328d1cc62-ZRH
expires
Wed, 19 Apr 2023 09:35:09 GMT
sp.js
snowplow.ownlocal.com/ Frame DC06 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
age
0
x-guploader-uploadid
ADPycdv4Vl6gJQHlFcd76anM0bufYjMioWxQCT6nUj2rbSfS_3l9ddVfY6GF04BrI2asFwkszw_PxH4xXRNanNn_4YUCMhwE-Sll
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97919
last-modified
Mon, 19 Aug 2019 14:47:45 GMT
server
UploadServer
etag
"53030ece69ef259990486148c204d820"
x-goog-hash
crc32c=/u8IMA==, md5=UwMOzmnvJZmQSGFIwgTYIA==
x-goog-generation
1566226065807390
cache-control
public, max-age=3600
x-goog-stored-content-length
97919
accept-ranges
bytes
content-type
application/x-javascript
expires
Fri, 29 Apr 2022 10:35:09 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame DC06 		222 B
164 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 21:12:13 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/101.0.0
server-timing
cache-mxp6923, PASS, fastly;desc="Edge time";dur=13
accept-ranges
bytes
content-length
126
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame DC06 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
189303
fly-request-id
01F48TVJD3GRMNM4Z4TNWN5D10
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70370bc3c9d1233d-ZRH
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame DC06 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
195349
fly-request-id
01F48MZ22BHHY31F4YZ9VQ3AH9
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70370bc3c9d2233d-ZRH
ares-unit.css
origami.secure.ownlocal.com/origami_unit/production/ Frame EA9E 		46 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 22:10:42 GMT
x-goog-meta-goog-reserved-file-mtime
1648229840
age
41067
x-guploader-uploadid
ADPycdsOSxOLWJy1pHTyU7HuJlDBKKwI2Ay_obOLeGhWjkOJpRd9r1kQcqfwDSOWOWFQmvLZetVqAdyh3ZjbXb3TAwfheAaQwj-z
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46760
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:50:37 GMT
server
UploadServer
etag
"020de548baebf815e420fecd7cf5b327"
x-goog-hash
crc32c=+pua+A==, md5=Ag3lSLrr+BXkIP7NfPWzJw==
x-goog-generation
1648230637718667
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
46760
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/css
expires
Fri, 29 Apr 2022 22:10:42 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame EA9E 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25981373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTXfiKE8%2BwVqVj74DjERS9%2FRIOSypndhqjnwB5K7VDMg49y4fznItCdQnYB3Epl%2FGyB8LonZxxE2Uo1BWhNa9NSfgDNYx0V40gNzSXOUQlyvFKopRsglu7N3qmAIVke5xc3bh5hzuoToBUL5L4ybD%2FYJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70370bc348f1cc62-ZRH
expires
Wed, 19 Apr 2023 09:35:09 GMT
sp.js
snowplow.ownlocal.com/ Frame EA9E 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
age
0
x-guploader-uploadid
ADPycdv4Vl6gJQHlFcd76anM0bufYjMioWxQCT6nUj2rbSfS_3l9ddVfY6GF04BrI2asFwkszw_PxH4xXRNanNn_4YUCMhwE-Sll
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97919
last-modified
Mon, 19 Aug 2019 14:47:45 GMT
server
UploadServer
etag
"53030ece69ef259990486148c204d820"
x-goog-hash
crc32c=/u8IMA==, md5=UwMOzmnvJZmQSGFIwgTYIA==
x-goog-generation
1566226065807390
cache-control
public, max-age=3600
x-goog-stored-content-length
97919
accept-ranges
bytes
content-type
application/x-javascript
expires
Fri, 29 Apr 2022 10:35:09 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame EA9E 		222 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 21:12:13 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/101.0.0
server-timing
cache-mxp6923, PASS, fastly;desc="Edge time";dur=13
accept-ranges
bytes
content-length
126
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame EA9E 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
189303
fly-request-id
01F48TVJD3GRMNM4Z4TNWN5D10
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70370bc3c9d4233d-ZRH
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame EA9E 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
195349
fly-request-id
01F48MZ22BHHY31F4YZ9VQ3AH9
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70370bc3c9d5233d-ZRH
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035032&ns__t=1651224909302&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&ns__t=1651224909302&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&ns__t=1651224909302&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
CEUzUiNjBKG9rPIeLC5JqKLFP6DpWBf0m8J2gH_-OY_djckf0FZJ9w==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6035032&ns__t=1651224909302&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
EBI_qvNU6PVt3r7KGkWcC1gJ_dp_GmsPdFOF0AfuwRLcTMrl9ofomQ==
x-cache
Miss from cloudfront
58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ 		134 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e2b9fc79630f4a0887f5bb50562844cef96bd421455a15f15bd40dacc967b75

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
c0qlFBbhXKpZGMBahavcGkHzI4brbVVO
content-encoding
br
last-modified
Thu, 28 Apr 2022 19:13:36 GMT
server
AmazonS3
age
16
etag
W/"00b9f81afffaa3af0d6f644d2a9e8a0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Fri, 29 Apr 2022 09:35:09 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
VD5KxQifzdpNxfhjazoaqzpWNrr9eFWU9DdLM3UmcRvwnAGDvewItw==
/
geoip.instiengage.com/json/ 		240 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
9e85dc0f7699e0a1ff54678b058435f14f7b041dfbc0001e44c1accca0b7efc1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 29 Apr 2022 09:35:09 GMT
access-control-allow-credentials
true
x-database-date
Fri, 29 Apr 2022 02:43:04 GMT
content-length
240
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame BAF0 		73 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
172
content-length
73
content-type
text/html
date
Fri, 29 Apr 2022 09:32:18 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
server
AmazonS3
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
x-amz-cf-id
9WLJvWQrx-gOnolRaP17Y8QFvd3MpsMRZfim5alXLzSrMN2CeGm0Qw==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
x-cache
Hit from cloudfront
i
aamcf.aamsitecertifier.com/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aamcf.aamsitecertifier.com/i?stm=1651224909340&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=206&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=601f7d8a-aea0-4ccb-935a-e6f48ca9dfeb&dtm=1651224909337&vp=1600x1200&ds=1600x11086&vid=1&sid=c56ec52a-8888-4cb1-bf6d-ef01d83892b0&duid=82b20e16-d152-4e88-8670-ae59cd5cdf9e&fp=3875861507&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4yLjE0OTcwMTM4OTMuMTY1MTIyNDkwOSJ9fV19
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.84.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-84-193.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:10 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
309252323293891
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/309252323293891?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8d4ea27103273c66b7aa702e4c34c0f877972f0323ef2c63c73cf29e8512b84
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89191
x-xss-protection
0
pragma
public
x-fb-debug
PDQ91Ikz6QdFoiIMMYtmSgQASoifUgHCsRHMMvB+nN97vNXBIDZw9vVigFkbh+2VIFq5dgTxtHr2BI82bxbOmA==
x-frame-options
DENY
date
Fri, 29 Apr 2022 09:35:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Hgd6IHxQYjJETXY3ejFoMm52NENFQWpDb3lSajJMNnlyR0t4QnFjWUh2Q3NZNUErR25VUXgxY1dybUdJcUxJMVpqMUZPQjZocW1hTTJCUlJtSHhDS1pMcWZ2UHJWYmVxZnk4VDQrelpXZlN4THR1UEtNRnBnOUpEV0xCOGtQWDdOQW9COXZMRDJRN3BiaUloMWlFOVg2NDZKeGpSaUdNQVplMlAzT1E3MSs2OUJQOURSc1pLdmJmcWFWOHlHYUFlL1JJQktoSVBjRGNsNEh6bmdERjNJOWdGQVBFb2tnTTh4T1JKM044T3pkanhtdXkxampvYXNiMXRNWVFiU3VhQ3hYckdOfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 29 Apr 2022 09:35:08 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1033
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
id
googleads.g.doubleclick.net/pagead/ Frame 2564
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ae36e513683654941c99ddc945bfb6749ed30d3332bdc7673edc099815ed389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 29 Apr 2022 09:35:09 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 2564 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:29:42 GMT
x-content-type-options
nosniff
age
327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Apr 2022 09:44:42 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame EA9E
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3370296
x-jsd-version
4.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19154-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUaIs6PNGaV7vkaPBagvHXkSd1MPV%2BfBsAczXPkHjGlEQYyDWOhM%2BBUa7udOynBj5DSiOzjiEZWc0lak3m4voeiWXJujjS1QOnVDJiiS8jbY3ZymHJLZoJdVjhKTN5ZJGZLDhqBtzWeXsE6VgmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
70370bc78991cc56-ZRH

Redirect headers

date
Fri, 29 Apr 2022 09:35:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3370295
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111
x-served-by
cache-fra19150-FRA
timing-allow-origin
*
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTrZGVp%2Bwju0BxUBK6mjnN9SQHhMx5BWzs06pZEYaD%2B1yqyw1Xh8XGAyjHHEY3ikLHITCZ7dlNKbR%2B4VOcw1euiAHKE9Mnnj50pck3QrbuTLij4S50hp0NQnxvHvCzevtCRwdy%2FLgY0IYnTa%2Fas%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
cf-ray
70370bc64850cc56-ZRH
inter.css
rsms.me/inter/ Frame EA9E 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fastly-request-id
13c6e316216bd24047f7722a3123924bab36a996
date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-mxp6977-MXP
last-modified
Fri, 22 Apr 2022 23:31:22 GMT
server
cloudflare
x-github-request-id
E700:EB6D:13D082B:1473578:62633BD4
x-timer
S1650670549.006022,VS0,VE49
etag
W/"62633aca-1966"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvqXjVuJ7XGJk8OmaEEGnLvswZMgYdBR7n%2B2fjdPUN1SFzkbPj2t0MqmAo9zoDeqOpaIYSR5cMERVuvHGFTj3Ii98nAi%2BHgIiDq1sgwVONa%2BjKYHFvwsF18am4ckCvqpcRe2PK%2BX"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-proxy-cache
HIT
cf-ray
70370bc548cc0e12-MXP
x-origin-cache
HIT
expires
Thu, 28 Apr 2022 00:37:41 GMT
css2
fonts.googleapis.com/ Frame EA9E 		1 KB
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33edcc8df004f4ddd374961d453e0bd40a66f741500ffb2a6f0574a8a116cb76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 09:35:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:09 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame DC06
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3370296
x-jsd-version
4.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19154-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lar8%2FGbU7EW65J%2BWYyhqD7oiii1IGxlucKWSj8TdYT7C%2BuLAlWmui%2FsLXzymWWkrN1GUY%2FRPNB0q%2BP0f1MwNYq6Z2W%2F7JSHlu0P%2B7z9GMsRJt6xbLKsSAPItU%2F3gBCf3JVRbIf6arS5g0qvb4qw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
70370bc7898fcc56-ZRH

Redirect headers

date
Fri, 29 Apr 2022 09:35:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3370295
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111
x-served-by
cache-fra19150-FRA
timing-allow-origin
*
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFB3gpenZ0SFdOAYWLxp%2BYfw0ulYcEm1b1fuTwZcFQmp54tN6SJFcef9oAmCyiHro%2FaWkQW9Bun4abb%2F6KCj4Yr9h8ogA3LtqQmaje0EGo%2Bmmp6XKagYDzbDToWJTs2JBo%2Br65gCRrnCGM8ERSg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
cf-ray
70370bc6484ecc56-ZRH
inter.css
rsms.me/inter/ Frame DC06 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fastly-request-id
13c6e316216bd24047f7722a3123924bab36a996
date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-mxp6977-MXP
last-modified
Fri, 22 Apr 2022 23:31:22 GMT
server
cloudflare
x-github-request-id
E700:EB6D:13D082B:1473578:62633BD4
x-timer
S1650670549.006022,VS0,VE49
etag
W/"62633aca-1966"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmAJjf7vZEowDlIx%2F64zFdzamSBYS1i2Va37tpKCJJg1zMHeV8nWMJuvv3LSByim0v28jAdU9XPYUw747tFjm3BnR2pIIgQm9HGIfc1xjLgkzF3%2FOhJ%2Bq88g%2FzhPcLT1rznp%2B4ZY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-proxy-cache
HIT
cf-ray
70370bc548d50e12-MXP
x-origin-cache
HIT
expires
Thu, 28 Apr 2022 00:37:41 GMT
css2
fonts.googleapis.com/ Frame DC06 		1 KB
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33edcc8df004f4ddd374961d453e0bd40a66f741500ffb2a6f0574a8a116cb76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 09:35:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:09 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16272709-1&cid=1497013893.1651224909&jid=1036698177&gjid=1322282129&_gid=739477006.1651224909&_u=IEBAAEAAAAAAAC~&z=113930988
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 29 Apr 2022 09:35:09 GMT
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 29 Apr 2022 09:35:09 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2564 		45 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ad5b628c419fe0b443f7c4d0f11f75ef466fe1c735e0750f55f4aea00fc7672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
22383
x-xss-protection
0
remote.js
www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/ Frame 2564 		118 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e76c10cb2c16a8f3fac800e6a3b21fac4f72758fe2d046c2cdbdaa80ea45d6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 20:03:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
48672
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37527
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:16:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 20:03:57 GMT
bsxlwkbwDf-QkeCdULllkJy6Y9g6z-umSfyQgVCzbpY.js
www.google.com/js/th/ Frame 2564 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/bsxlwkbwDf-QkeCdULllkJy6Y9g6z-umSfyQgVCzbpY.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ecc65c246f00dff9091e09d50b965909cba63d83acfeba649fc908150b36e96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 09:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
174564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13686
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Apr 2023 09:05:45 GMT
embed.js
www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/ Frame 2564 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27887b6fdbd2e12fdcee92146545aa700ee894976e0c0744b6c81d73a6010403
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 20:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
48811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8054
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:16:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 20:01:38 GMT
truncated
/ Frame 2564 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
AKedOLSxErALqBCtFurtafnvvpJtsw16ZDgzVPfmASEwLw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2564 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLSxErALqBCtFurtafnvvpJtsw16ZDgzVPfmASEwLw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
144af7bafe02560b9d2ef48a35c13844873b533d84db56b03b0f19263cb7437f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 06:13:34 GMT
x-content-type-options
nosniff
age
12095
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5310
x-xss-protection
0
server
fife
etag
"v2f6f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 16 Nov 2021 21:21:18 GMT
default.jpg
i.ytimg.com/vi/6sgUY0PP_-4/ Frame 2564 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/6sgUY0PP_-4/default.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b16e2f3e5e3d8abe5f9d6bcf0a53e8e38e5ca4aa03ca49a4d96ac70736d77501
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3811
x-xss-protection
0
server
sffe
etag
"1651107618"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Apr 2022 09:40:09 GMT
anchor
www.google.com/recaptcha/api2/ Frame E9C2 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=lnlhi0z5nksq
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d42cbc352a3906c4eee395b221e3ce3ac02a74add34fe2d49ffe73937e9e7da6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TfKnOuxgt5+BY2AyY5Ngqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21794
content-security-policy
script-src 'report-sample' 'nonce-TfKnOuxgt5+BY2AyY5Ngqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 17:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Apr 2022 17:53:11 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
last-modified
Sun, 10 Apr 2022 10:23:26 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1649586986.745808"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 29 May 2022 09:35:09 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=4705386&ntv_pl=1102376
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.231.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-231-202.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:09 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1102376&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.231.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-231-202.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:09 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
geo.privacymanager.io/ 		31 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-54.fra50.r.cloudfront.net
Software
/
Resource Hash
8a78cef0b7848d146a9983a7ec0e37c321eef8a01d5847caa7483e5ecb86be04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 03:22:47 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront), 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
age
22342
x-amzn-requestid
6651726e-cb0c-4ebd-afce-2e2626a720e1
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-626b5a07-728fce9968cfcf2c23b97e5c;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1, FRA50-C1
x-amz-apigw-id
RUsBMED2joEFZZQ=
content-length
31
x-amz-cf-id
UcwtF7HYpk-UXPRVCDvqcXFRH-R3sKcmdEZcJ-sNf3V0fa2IXw8fjA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
bundle.js
auth.instiengage.com/auth/ Frame BAF0 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
z9_dsDhFEXvmKWuBLcY14W3grjGzZbNe
content-encoding
br
last-modified
Fri, 11 Feb 2022 18:07:15 GMT
server
AmazonS3
age
292
etag
W/"9bea1145c763a33ae96eac3f3997743f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
date
Fri, 29 Apr 2022 09:30:19 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
LrNqWIGsrngNeO6jx2O_sRLp5385aNaXQelpZOWEsPhODGm4LYT3aw==
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16272709-1&cid=1497013893.1651224909&jid=1036698177&_u=IEBAAEAAAAAAAC~&z=2077512551
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16272709-1&cid=1497013893.1651224909&jid=1036698177&_u=IEBAAEAAAAAAAC~&z=2077512551
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bbSa3LzB.png
assets-jpcust.jwpsrv.com/watermarks/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/watermarks/bbSa3LzB.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea61548e9d5031954bac5839724821f0aa82d3a6ad15440cd592c551f21fa3b9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
gzip
age
390
x-cache
HIT, HIT
content-length
4826
x-served-by
cache-iad-kiad7000144-IAD, cache-mxp6967-MXP
access-control-allow-origin
*
last-modified
Mon, 19 Feb 2018 23:04:18 GMT
server
nginx
x-timer
S1651224910.785360,VS0,VE94
etag
"ebbad5ad378aa3799d2487401ff2298a"
vary
Accept-Encoding
content-type
image/png
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1
UPf3oGCX-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/UPf3oGCX-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/UPf3oGCX-120.vtt
918 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/UPf3oGCX-120.vtt
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a83fb7f2e36f29f1256aeb8b2f1cb116cfcef216c3b6db1b91d9d408d58c7b9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
age
109
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
205
x-served-by
cache-iad-kiad7000129-IAD, cache-mxp6951-MXP
access-control-allow-origin
*
last-modified
Mon, 05 Apr 2021 21:30:19 GMT
server
nginx
x-timer
S1651224910.136234,VS0,VE91
etag
"d107366066abddcf4ad9907e441f4e22"
vary
Accept-Encoding
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA50-C1
location
https://assets-jpcust.jwpsrv.com/strips/UPf3oGCX-120.vtt
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
*
content-length
166
x-amz-cf-id
ZlAjKPclQnvfeFE0HqIl0Uj7zoE3_W2D2qeRrn-YxdMiaXw8nAwvmw==
related.js
ssl.p.jwpcdn.com/player/v/8.25.1/ 		107 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.25.1/related.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6238da885f072c856560cc65bda22f94818c95e1af3c87190a97a3dcd9b172e7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
content-encoding
gzip
age
225218
x-cache
HIT
content-length
25213
via
1.1 varnish
x-served-by
cache-mxp6967-MXP
last-modified
Mon, 25 Apr 2022 19:34:56 GMT
server
AmazonS3
x-timer
S1651224910.814359,VS0,VE0
etag
"d2d4221270da2d411a70dcb1601f7a84"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
46100
xmgyjcop-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/UPf3oGCX/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/xmgyjcop-720.jpg
59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/xmgyjcop-720.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
447aa5491d25b1f0f9f9650db2d64945862c26b6c4c159a6b2e700f22b0daced

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
age
382
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
60044
x-served-by
cache-iad-kcgs7200129-IAD, cache-mxp6967-MXP
access-control-allow-origin
*
last-modified
Mon, 05 Apr 2021 21:31:47 GMT
server
nginx
x-timer
S1651224910.089857,VS0,VE94
etag
"72f63b741d82854bf12f40ffe95382e2"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA50-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/xmgyjcop-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
ODRzPYQQEPmSag2vtG9mxzBjEpWbn5W51mPu_9EC2tiGmVVFkwEVtQ==
7r3esz8x-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/5fywZp8i/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/7r3esz8x-720.jpg
47 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/7r3esz8x-720.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95670370248fcfd8c4bbc67469514063441b1b6ed3bea5f4a2a206b3ab8bcba7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
age
0
x-cache
HIT, HIT
content-length
39512
x-served-by
cache-iad-kjyo7100128-IAD, cache-mxp6967-MXP
access-control-allow-origin
*
last-modified
Tue, 30 Jul 2019 19:40:45 GMT
server
nginx
x-timer
S1651224910.089882,VS0,VE110
etag
"368bb86685e103a5826fdd21f9cdd2a4"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA50-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/7r3esz8x-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Ed6BNaDgp5gn1NpQ2-E_PzLKR2j7kCMWXAtz8Q5Q4HNukvWp3d-62w==
5fywZp8i-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/5fywZp8i-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/5fywZp8i-120.vtt
427 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/5fywZp8i-120.vtt
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b2b95ac77ee56db4bfd75427a57a4458a8a191b4292702f34e29a0cc2d5c0751

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
age
0
x-cache
HIT, MISS
content-length
145
x-served-by
cache-iad-kcgs7200113-IAD, cache-mxp6951-MXP
access-control-allow-origin
*
last-modified
Tue, 30 Jul 2019 19:39:55 GMT
server
nginx
x-timer
S1651224910.136215,VS0,VE97
etag
"c1bb69609e659cbcb1c2feb96bcb69fd"
vary
Accept-Encoding
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA50-C1
location
https://assets-jpcust.jwpsrv.com/strips/5fywZp8i-120.vtt
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
*
content-length
166
x-amz-cf-id
lpHfPXsbt56_jqdp2ShifyMqoZcgDEYFd5iYvouCqrZRE36Uy7sAFw==
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame EA9E 		168 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:55:58 GMT
x-goog-meta-goog-reserved-file-mtime
1648229840
age
49151
x-guploader-uploadid
ADPycdu611Yh1Gp_ZMF_oSznQNJA_WigRa2chgZmCTebHDcvKfQ9QpXdOVRJ0LU2ITLZSQmDnMn0j_7BJdVIVjh_RQrEyg
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:50:37 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
x-goog-generation
1648230637791346
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/json
expires
Fri, 29 Apr 2022 19:55:58 GMT
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame DC06 		168 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:55:58 GMT
x-goog-meta-goog-reserved-file-mtime
1648229840
age
49151
x-guploader-uploadid
ADPycdu611Yh1Gp_ZMF_oSznQNJA_WigRa2chgZmCTebHDcvKfQ9QpXdOVRJ0LU2ITLZSQmDnMn0j_7BJdVIVjh_RQrEyg
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:50:37 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
x-goog-generation
1648230637791346
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/json
expires
Fri, 29 Apr 2022 19:55:58 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=1&tid=e96dfa2b-3970-468c-a9d0-9c5ad99111b6&pid=8fd0fbc1-1a77-44bc-aaec-1d3a26ad1992&dtm=1651224909830&qnm=_matherq&visible=1&tabid=7b00ed31-c284-4bec-9c9d-146474b56011&url=https%3A%2F%2Fwww.staradvertiser.com%2F&vp=1600x1200&ds=1600x11086&tofa=1651224910&vid=1&lvidt=1651224910&duid=5798030f4b74c6ae&fp=1351496004&cid=ma15446&mrk=988352900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY1MTIyNDkwNjc0MyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMi43bWIiLCJmc3RQYWludCI6IjE2NzgiLCJmZXRjaFMiOiI1MDYiLCJkb21haW5TIjoiNTA3IiwiZG9tYWluRSI6IjUwNyIsImNvbm5TIjoiNTA3IiwiY29ubkUiOiI4NzUiLCJzc2xTIjoiNjI5IiwicmVxdVMiOiI4NzUiLCJyZXNwUyI6IjEwNDUiLCJyZXNwRSI6IjEyMTciLCJkb21Mb2FkIjoiMTA0OSIsImRvbUludGVyIjoiMjA0MCIsImRvbUxvYWRTIjoiMjA0MCIsImRvbUxvYWRFIjoiMjA1NyJ9LCJpZGVudGl0aWVzIjpbeyJ0eXBlIjoiZ2EiLCJpZCI6IjE0OTcwMTM4OTMiLCJyZWZUaW1lIjoiMTY1MTIyNDkwOTgyOSJ9XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.36.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-36-29.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:10 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=309252323293891&ev=PageView&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&rl=&if=false&ts=1651224909849&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22456843294878480%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222346298978947266%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1651224909848.1530828426&it=1651224909348&coo=false&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 29 Apr 2022 09:35:09 GMT
/
www.facebook.com/tr/ 		44 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=309252323293891&ev=ViewContent&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&rl=&if=false&ts=1651224909851&cd[content_type]=Homepage&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651224909848.1530828426&it=1651224909348&coo=false&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 29 Apr 2022 09:35:09 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=2JtQ4FqC468oy&cb=0&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1443757323385-3%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Tile1_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1449255182659-3%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Tile2_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-18%22%2C%22s%22%3A%5B%22982x30%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_x15_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-33%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Top_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-79%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Bottom_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-45%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Banner1_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-46%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Banner2_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-47%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Banner3_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1483134122312-0%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Sponsor-MostRead_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-51%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box1_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-65%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box2_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444788445358-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box3_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1482886799060-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-Top_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1521079920643-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-Top-2_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444965704525-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_MenuBox%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1445920181141-0%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_MenuTile%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1465867295375-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-events_TGIF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1564775939722-0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22529da81b-1d4a-4437-b550-67d18ebf2af0%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Footer_Homepage%22%7D%5D&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:09 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
9XWA5SANX7BDCW55EZY1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
imPGOZqO6JPURRLqFcN6_hLymawwNamPyGk70n_qLnKzsN5-9V355g==
translator
hbopenbid.pubmatic.com/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
be96ed494aea5719c48d3ff6f4b1035e8d409be5fc3cadf62f6f31291112773b

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
styles__ltr.css
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ Frame E9C2 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=lnlhi0z5nksq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 07:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 04:02:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 07:09:45 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ Frame E9C2 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=lnlhi0z5nksq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1ac660767f0b902644fec786e9321a1fc2f2d50fac439eaaca062fb60d88124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 08:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145349
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 04:02:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 08:12:52 GMT
/
geoip.insticator.com/json/ 		240 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.11.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-11-137.compute-1.amazonaws.com
Software
/
Resource Hash
9e85dc0f7699e0a1ff54678b058435f14f7b041dfbc0001e44c1accca0b7efc1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 29 Apr 2022 09:35:10 GMT
access-control-allow-credentials
true
x-database-date
Fri, 29 Apr 2022 02:43:04 GMT
content-length
240
vary
Origin
content-type
application/json
529da81b-1d4a-4437-b550-67d18ebf2af0
h99w9l39sa.execute-api.us-east-1.amazonaws.com/prod/commonid/ 		2 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h99w9l39sa.execute-api.us-east-1.amazonaws.com/prod/commonid/529da81b-1d4a-4437-b550-67d18ebf2af0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.237.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-237-243.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 29 Apr 2022 09:35:10 GMT
x-amzn-requestid
9d2045be-a7e0-4b39-b0d1-a60241f7b9f0
x-amz-apigw-id
RVikQE8poAMF9ag=
x-amzn-trace-id
Root=1-626bb14e-1909391156a70edd592fd648;Sampled=0
content-length
2
content-type
application/json
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		334 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5200:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf8023810adc288c1dae107fc94548921a8039516477360bbc5093861f75290f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
Umjdkh_UzTQC5k_MBoD.eVF6TW9QP8FE
content-encoding
br
last-modified
Wed, 27 Apr 2022 16:52:59 GMT
server
AmazonS3
age
59674
etag
W/"0b9951514e942738af6dd5c85ef87602"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
date
Thu, 28 Apr 2022 17:00:37 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ZYBp8YIPV8QrS7FzqAcJAIJ7tEnbvRxZTtHnQWJRCKphOi0WjJ5_WA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 20:41:28 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-31c24-5db4d56343065"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=95250
accept-ranges
bytes
content-type
text/javascript
content-length
63950
expires
Sat, 30 Apr 2022 12:02:40 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		72 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e030f694f0db805c9991886ad55ad45628b1e63c573d7a74215af6fc8a43c9a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:10 GMT
Content-Encoding
gzip
Age
493
X-Cache
HIT
Connection
keep-alive
Content-Length
17804
x-amz-id-2
ngsPa5H5jyyMDpQg3Z3a04tcOH+4d2WJerU9nAnjClTb+VWmk+zRpsg/rUiaT4TTjtElsyzjkYs=
X-Served-By
cache-lcy19249-LCY
Last-Modified
Fri, 29 Apr 2022 07:53:39 GMT
Server
AmazonS3
X-Timer
S1651224910.083009,VS0,VE0
ETag
"4b051371f87eb37f9e8389542cb05806"
x-amz-request-id
KY9CDK6SRE2G0F0T
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
25
spc_fi.php
cdn.firstimpression.io/delivery/ 		45 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7470&url=%2F&charset=UTF-8&ch=9&ref=www.staradvertiser.com&viewerId=null&referer=&_firid=62826868
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
4b5a95853d6f93f6e7462e50f716c214e94133e4766ec97ff2aeeddee6c48f99

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://www.staradvertiser.com
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
BgyT7lUbQqr-9o5sr5LiqCkg75LOsn8Yhgr3q1f9KR1ZKfjO0fe9iA==
expires
0
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.11.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-11-137.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 29 Apr 2022 09:35:10 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.11.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-11-137.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Fri, 29 Apr 2022 09:35:10 GMT
vary
Origin
ares-unit.js
origami.secure.ownlocal.com/origami_unit/production/ Frame EA9E 		116 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
338be05f56a3a16bc3d0f3027460cbcccbe587b4d054a2c78fe080d3c8c13a58

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 20:08:50 GMT
x-goog-meta-goog-reserved-file-mtime
1648229840
age
48380
x-guploader-uploadid
ADPycdsSyLDu0YabgjDJ_1DURdALCx2sGix1FCn6epnIJQgQPNxxoR9E9XZTKVM7XCYXy23JwFgmLQYndxEe8RtEVo64TpWj_T69
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118480
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:50:37 GMT
server
UploadServer
etag
"caef850285c58d867c3e7b36f32212ba"
x-goog-hash
crc32c=6mULIw==, md5=yu+FAoXFjYZ8Pns28yISug==
x-goog-generation
1648230637786413
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
118480
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/javascript
expires
Fri, 29 Apr 2022 20:08:50 GMT
ares-unit.js
origami.secure.ownlocal.com/origami_unit/production/ Frame DC06 		116 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
338be05f56a3a16bc3d0f3027460cbcccbe587b4d054a2c78fe080d3c8c13a58

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 20:08:50 GMT
x-goog-meta-goog-reserved-file-mtime
1648229840
age
48380
x-guploader-uploadid
ADPycdsSyLDu0YabgjDJ_1DURdALCx2sGix1FCn6epnIJQgQPNxxoR9E9XZTKVM7XCYXy23JwFgmLQYndxEe8RtEVo64TpWj_T69
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118480
accept-ranges
bytes
last-modified
Fri, 25 Mar 2022 17:50:37 GMT
server
UploadServer
etag
"caef850285c58d867c3e7b36f32212ba"
x-goog-hash
crc32c=6mULIw==, md5=yu+FAoXFjYZ8Pns28yISug==
x-goog-generation
1648230637786413
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
118480
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/javascript
expires
Fri, 29 Apr 2022 20:08:50 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 34A2 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:25:19 GMT
content-encoding
gzip
age
590
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
095K6T3NB79CGQG4Z6RK
etag
4abd427e43cd6822329a2c05539e321f
vary
Accept-Encoding
x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
J3SlQbf76koYlX5sLxCnQ0t1syLRLMjo7VB5Ff3gY2mET-GRfTZEtQ==
token
eua.instiengage.com/v1/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://auth.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://auth.instiengage.com
access-control-max-age
3600
content-length
0
date
Fri, 29 Apr 2022 09:35:10 GMT
vary
Origin
token
eua.instiengage.com/v1/auth/ Frame BAF0 		864 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
5f6f3a3019b30effcca11605b80a93e7c77b469b63cba1021e894e202df8d83a

Request headers

Referer
https://auth.instiengage.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://auth.instiengage.com
date
Fri, 29 Apr 2022 09:35:10 GMT
access-control-allow-credentials
true
content-length
864
vary
Origin
content-type
application/json
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 2564 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:10 GMT
generate_204
www.youtube.com/ Frame 2564 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?d2yPXg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-127.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d71e8cbdb53102b681f51bb059059ea3eb93148b75426a076f6c9206620b1008

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 02:14:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 10:50:53 GMT
server
AmazonS3
age
26433
etag
W/"25bd9a6d37c4f9fe771763986ea8b6cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
EGQWlQ.lK.8OAVRMOQEmijL6oEDuzu3E
via
1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
SYZTf3_CKOjQ58yVv9HdmLbleSZXFx_mKM4rT8YWYmu4EJYxwqF5JQ==
/
tag.escalated.io/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.staradvertiser.com&type=display&cust=7470&sid=direct&c=&cust2=direct
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4f221b892ae436d646292613b7f020842ef753099d5d07dbfb535936f4d8096d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store
Connection
close
Content-Length
4887
X-XSS-Protection
1; mode=block
prebidamp.js
ecdn.firstimpression.io/static/js/ 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:20:14 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
897
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
8a2gqAvE4Avz3_Xl_UN8n7VoMRvsoMT5pwUgfeozfciMd0zIL6wlxA==
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
expires
Fri, 29 Apr 2022 10:20:13 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
725
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19162-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qlATxe%2Bx3IpfFUC3iSujtLU%2BBIbA1Ug6g7cKkE3i38cY6DZxOy1H0mE02cXj%2BTjsMICUqPFQP7RiZxZOJXdzGZgAG8yaEiURwzreabU7tIBd04J9lcYvaSTssLLoK2lrSVIfqsou%2BBF16gwwwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
70370bc9ae412325-ZRH
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:25:19 GMT
content-encoding
gzip
age
590
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
095K6T3NB79CGQG4Z6RK
etag
4abd427e43cd6822329a2c05539e321f
vary
Accept-Encoding
x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
lNMnF5RJilo354qmPhNWlGqbog_97p2jzW8PDBQtlKv_EJsP7FJ9Ug==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/ 		191 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c1cd74e1bae371d24605770bb65b81c31ffebf43e45ff01b535b23bea87f4da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:10 GMT
Content-Encoding
gzip
Age
449
X-Cache
HIT
Connection
keep-alive
Content-Length
62095
x-amz-id-2
Q1FwX3P+hehSVQ9dDk70PkvYp+yVV0IYn7DIpcgPYlb2DVZzOliMPX/ECV+/ARXMlyTJH8JkWdg=
X-Served-By
cache-lcy19249-LCY
Last-Modified
Tue, 26 Apr 2022 13:52:54 GMT
Server
AmazonS3
X-Timer
S1651224910.311353,VS0,VE0
ETag
"50304451ea6cf0b5d1ffef391681a6b2"
x-amz-request-id
4XG7YQKXX066V7P6
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
457
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E9C2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:40:09 GMT
x-content-type-options
nosniff
age
50101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 05 May 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E9C2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=lnlhi0z5nksq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 11:18:05 GMT
x-content-type-options
nosniff
age
253025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Apr 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E9C2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=lnlhi0z5nksq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 18:59:48 GMT
x-content-type-options
nosniff
age
225322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Apr 2023 18:59:48 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=164214603234511&correlator=3378517565796265&eid=31067331&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&iu_parts=5136785%2CSA_Native_HomePage%2CSA_Native4-frame_HomePage%2CSA_Native4_HomePage-1%2CSA_Native4_HomePage-2%2CSA_Native4_HomePage-3%2CSA_Native4_HomePage-4%2CSA-FootballFever_300x300-1%2CSA-FootballFever_300x300-2%2CSA-FootballFever_300x300-3%2CSA-FootballFever_300x300-4%2CSA_INT_HomePage%2CSA_INT_Gateway-Sponsor&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&adks=209233742%2C1265839655%2C3828629500%2C2441712459%2C352046981%2C1925805504%2C1601519305%2C122768717%2C2150871482%2C243705689%2C75063581%2C1052146423&didk=3696184069~595016503~831586661~831586662~831586663~831586656~2616672821~2616672818~2616672819~2616672816~2673544695~3135847618&sfv=1-0-38&ecs=20220429&ists=4095&fsapi=false&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1651224910416&lmt=1651224910&dlt=1651224907792&idt=2072&biw=1600&bih=1200&adxs=140%2C140%2C140%2C393%2C646%2C899%2C-9%2C-9%2C-9%2C-9%2C0%2C0&adys=2450%2C2450%2C2450%2C2450%2C2450%2C2450%2C-9%2C-9%2C-9%2C-9%2C0%2C40&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1012x4238%7C1012x4238%7C1011x1%7C1011x1%7C1011x1%7C1011x1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x11085&msz=981x0%7C981x0%7C252x1%7C252x1%7C252x1%7C252x1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C2%2C2%2C2%2C2%2C512%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1497013893.1651224909&ga_sid=1651224910&ga_hid=1006023325&ga_fc=true&btvi=1%7C2%7C3%7C4%7C5%7C6%7C-1%7C-1%7C-1%7C-1%7C0%7C0&topics=1&nvt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
0b112f1a68c0e27c4d7b3de210c64f22346f89d75c942431f29dd67ac2a7ccbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
363
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		642 KB
107 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=164214603234511&correlator=946598474294584&eid=31067331&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&iu_parts=5136785%2CSA_Tile1_HomePage%2CSA_Tile2_HomePage%2CSA_x15_HomePage%2CSA_Top_HomePage%2CSA_Bottom_HomePage%2CSA_Banner1_HomePage%2CSA_Banner2_HomePage%2CSA_Banner3_HomePage%2CSA_Sponsor-MostRead_HomePage%2CSA_Box1_HomePage%2CSA_Box2_HomePage%2CSA_Box3_HomePage%2CSA_Box-Top_HomePage%2CSA_Box-Top-2_HomePage%2CSA_MenuBox%2CSA_MenuTile%2CSA_Box-events_TGIF%2CSA_Footer_Homepage&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18&prev_iu_szs=300x100%2C300x100%2C982x30%2C728x90%7C970x90%7C970x250%2C728x90%2C728x90%2C728x90%2C728x90%2C300x100%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x100%2C300x250%2C1x1&ifi=13&adks=323572193%2C415600777%2C1023568893%2C776454535%2C1314924799%2C627532990%2C4244480135%2C3396773607%2C4116631529%2C1735864866%2C4170063637%2C3518020607%2C713581990%2C2869934086%2C3123340506%2C1463211416%2C3217711606%2C1069172642&didk=2061533101~1681246194~3506187550~3506187346~3506187729~3506187317~3506187318~3506187319~2117746389~3506187410~3506187383~3666337357~1042756366~2208701322~677057241~724029500~1345779972~4022704251&sfv=1-0-38&ecs=20220429&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_pubmatic%3Dbanner%26hb_source_pubmatic%3Dclient%26hb_size_pubmatic%3D970x250%26hb_pb_pubmatic%3D0.00%26hb_adid_pubmatic%3D2078b29eb2a2a5%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.00%26hb_adid%3D2078b29eb2a2a5%26hb_bidder%3Dpubmatic%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_pubmatic%3Dbanner%26hb_source_pubmatic%3Dclient%26hb_size_pubmatic%3D728x90%26hb_pb_pubmatic%3D0.00%26hb_adid_pubmatic%3D21d26b9cb32f5d5%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D21d26b9cb32f5d5%26hb_bidder%3Dpubmatic%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1651224910428&lmt=1651224910&dlt=1651224907792&idt=2072&biw=1600&bih=1200&adxs=1159%2C140%2C309%2C436%2C436%2C436%2C263%2C263%2C1161%2C1161%2C1161%2C1161%2C1161%2C1161%2C-975%2C-975%2C-9%2C-9&adys=102%2C102%2C59%2C295%2C10573%2C1780%2C3822%2C7329%2C704%2C2958%2C4010%2C7778%2C362%2C1158%2C2378%2C93%2C-9%2C-9&ucis=d%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co%7Cp%7Cq%7Cr%7Cs%7Ct%7Cu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=337x100%7C337x100%7C1600x11085%7C1350x64%7C1350x72%7C1350x24%7C1011x24%7C1011x24%7C328x14%7C328x14%7C328x14%7C328x14%7C328x14%7C328x14%7C350x-1%7C350x-1%7C0x-1%7C0x-1&msz=300x-1%7C300x-1%7C1600x24%7C1318x24%7C1318x24%7C1320x24%7C971x24%7C971x24%7C300x14%7C300x14%7C300x14%7C300x14%7C300x14%7C300x14%7C300x-1%7C300x-1%7C0x-1%7C0x-1&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C516%2C516%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C350%2C350%2C0%2C0&ga_vid=1497013893.1651224909&ga_sid=1651224910&ga_hid=1006023325&ga_fc=true&btvi=0%7C0%7C0%7C0%7C7%7C8%7C9%7C10%7C0%7C11%7C12%7C13%7C0%7C0%7C14%7C0%7C-1%7C-1&topics=1&nvt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
d631613979ffee11c042584426b0fc55027bea3c52c8a356ec6d0d0d0ce68861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109733
x-xss-protection
0
google-lineitem-id
-1,-1,-2,5999662712,5334153289,-1,-1,-1,-1,4901051034,5997644865,4837391996,5987944745,-1,-1,-2,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2,138390318997,138307053035,-1,-1,-1,-1,138258016293,138389885289,138307415909,138388633838,-1,-1,-2,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 281D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js?cb=31067331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:10 GMT
expires
Sat, 29 Apr 2023 09:35:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 8BF1 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:24:58 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 08:48:22 GMT
server
nginx/1.20.0
age
612
etag
W/"624ff6d6-1b8e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
I_IuX0IVTxerGWcXIAsnqEYcDFayp7ugJgil_JnZDFKz8DQSz5nsow==
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
expires
Fri, 29 Apr 2022 10:24:58 GMT
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
514804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
573
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-882"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FWVIPmL6PjSZlBxh4n5%2FpC%2FVPvNA0%2B0CF7WtNuCYbMmrypqDt2iKFmYW0wGyCqoyyMK3%2FT0%2Fn2U9dJtBHWUujxLzCTVjifqLwsTTALw3DH9xQf7R1ifFtYBUQSr%2BuJ15Bcfu9KqguAVCGCANoaXvJH%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70370bcaaba20211-ZRH
expires
Wed, 19 Apr 2023 09:35:10 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4679
date
Fri, 29 Apr 2022 08:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 29 Apr 2022 10:17:11 GMT
one.js
csp.azureedge.net/cdn/OneCol/ 		138 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 15:51:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d799c9204961e2"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
61870
latest.json
origami.secure.ownlocal.com/origami_configs/c0aa0b61-81f1-4fd2-b368-d1a0f47f3a53/ Frame EA9E 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/c0aa0b61-81f1-4fd2-b368-d1a0f47f3a53/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb06d422519cd6190695a775b156cc4fa54bcd4455657717d4f3a2575bb4b732

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 08:44:11 GMT
age
3059
x-guploader-uploadid
ADPycdvGdHeM9xitAKR1RJv48MkkAer_zzAWp4TrhmEYOqIzHRAwuo33NtX-0qWyj4FL4RIptPqhyhAJVrTImrkyW8l_L7XdFeGT
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
c0aa0b61-81f1-4fd2-b368-d1a0f47f3a53
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2087
last-modified
Fri, 29 Apr 2022 07:32:29 GMT
server
UploadServer
etag
"84c8c1e907f0ef6d2b556221a3620115"
x-goog-hash
crc32c=crvezQ==, md5=hMjB6Qfw720rVWIho2IBFQ==
x-goog-generation
1651131154130356
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2087
accept-ranges
bytes
content-type
application/json
expires
Fri, 29 Apr 2022 09:44:11 GMT
latest.json
origami.secure.ownlocal.com/origami_configs/fc823aa7-38f7-41fa-9f4e-315ddee174d1/ Frame DC06 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/fc823aa7-38f7-41fa-9f4e-315ddee174d1/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
707b6430691c0b90fa8a73e03a25fa1635473e6acc9d32d95b2dc134359f8ec4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 08:43:42 GMT
age
3088
x-guploader-uploadid
ADPycds75moidT7Tch03QrPXIb2c9RXtwyF6TtTh1t_de7exx4AAxXs0paOc4bmdgIviIM1Dq_1gJpfh71Jx1tAuHs7zsqaqHNwc
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
fc823aa7-38f7-41fa-9f4e-315ddee174d1
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2619
last-modified
Fri, 29 Apr 2022 07:32:28 GMT
server
UploadServer
etag
"aee3098e8f081944a7b5921a68b15733"
x-goog-hash
crc32c=v4UDhA==, md5=ruMJjo8IGUSntZIaaLFXMw==
x-goog-generation
1651044750191337
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2619
accept-ranges
bytes
content-type
application/json
expires
Fri, 29 Apr 2022 09:43:42 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame E9C2 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=2W_gRz39xX8G13fM-OdyQPlc
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=lnlhi0z5nksq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d3c8c63b8dc1ba55a49ce52f0a6b1942a9fe9ebb163651a4bdf130316f2bbbfd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=lnlhi0z5nksq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 29 Apr 2022 09:35:10 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=eaaeab4b-a75d-410c-94fd-7a522c29704e&ntv_fl=CF4se3gYGjAPzQcMJoAeWZBvuMByf3mSfd6pqSUcCCjE72VesWY2C5eDzpryLU6FttldRCyNVaYlJ9ihvKU9th9Zj37zi6PA6xCSmkm5WQYhBeliyxkeDg0X2CeJ8OWwpJlJVszWU0OHCVE7mwaXudqffThS-Yzq34Pqxf7LRmEx2_xNs4UID9ePKVMhEcSatqsoJFBVCmGb2ITbQREDRtVUYfnmCnLD0TrQZ3T4_qo=&ntv_ht=TbFrYgA&ntv_at=303,302&ntv_a=AAAAAAAAAAKNIQA&ord=1651224910562&ntv_it
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.231.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-231-202.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:10 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 34A2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e4e330b75bce30e11721b1a4d4afc02a6ec19bd2b9c9e5cf8106ad097e402b8c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 04:28:53 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
age
18376
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-length
1945
x-amz-cf-id
xylY8v0k6XAY_auEl5fPbtrkHO-X_-C7l6kvcX6D0DM8rXJiZOIl1g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 34A2 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
28365
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Fri, 29 Apr 2022 01:42:26 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
kPzof-00i01jJevwJNHsB1GVERIkrlp1bTnliwByj1MKDgwAVIGNIw==
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2564 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a2ee726740924a7519c8949fd581d218798979e48b062df5767668fd1051e5da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 29 Apr 2022 09:35:10 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/101/ Frame 2564 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/101/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 08:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15395
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 19:36:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 30 Apr 2022 08:08:36 GMT
bid
c.amazon-adsystem.com/e/dtb/ Frame 34A2 		64 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=cXYpb4tfXcu4H&cb=0&ws=0x0&v=7.75.0&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_1%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_2%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_728x90_1%22%7D%5D&schain=1.0%2C1!insticator.com%2C0eda47e1-3a3f-4444-8ab9-a525f4133e8d%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
GAMGYEW10WDN2YAPEBTX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
Z3kk7oFANhWsHZBb8RSFBx3E3hgytY-PS199Wn1Nme8XmTlT2O_Z0A==
/
www.facebook.com/tr/ Frame 8DF3 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.staradvertiser.com
Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.staradvertiser.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:10 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
product.instiengage.com/ceu-code/ Frame E7A4 		368 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
817552872eaf9a3af960ec23d94c84565c310e73648811cc6525c6bae0515d09

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
OeZDonxq2nO7Nchl9LMRefOOb.PzaL8W
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 15:34:34 GMT
server
AmazonS3
age
3000
etag
W/"63165424096668b69f96b61f072d00aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Fri, 29 Apr 2022 09:35:10 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
3yOXtKfjkdaqBqWbyCff_JLDT2LpCfACxQEZ7QQZ7pznr_oNAcQH7g==
xmgyjcop-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/UPf3oGCX/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/xmgyjcop-120.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/xmgyjcop-120.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
79fef8990bbeae100c82eb30055721ac49b2baa695957bd4b5609cdb9fb46904

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
content-encoding
gzip
age
288
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
4204
x-served-by
cache-iad-kjyo7100117-IAD, cache-mxp6967-MXP
access-control-allow-origin
*
last-modified
Mon, 05 Apr 2021 21:31:47 GMT
server
nginx
x-timer
S1651224911.953828,VS0,VE94
etag
"5a68798ba93ebd788ed8f9702d285056"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Fri, 29 Apr 2022 09:35:10 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA50-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/xmgyjcop-120.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
4sLPqD2EpROfSlIWEiUKNCWO1i9dONHJzVhN_JHnaTwpiZ6yfKDbxQ==
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 8BF1 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:20:14 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
897
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
4XcYVrM5ohyJZTeaqwz6VY60QTL1dHWMu1BcroHyK9CSEOaNcGn_lg==
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
expires
Fri, 29 Apr 2022 10:20:13 GMT
ats.js
ats.rlcdn.com/ Frame 34A2 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
17696
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Fri, 29 Apr 2022 04:47:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
qbFFOmE8zJVysxfvuhnCNiR07wkA_ddtC9aUDtETgWAEZyM-6H5Upg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 34A2 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Fri, 29 Apr 2022 09:50:10 GMT
config.js
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ Frame 34A2 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d240fae19e970dbdc7adca2b14dde7f8765f2242ce7d03fc22e139dca38dabb4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:10 GMT
Content-Encoding
gzip
Age
2323
X-Cache
HIT
Connection
keep-alive
Content-Length
13226
x-amz-id-2
HeLY/XswPCj7/kqEz4Gw3jvyJLVsR7ZyxXku2wbCEblOhUSu9WBVWwB2F15UUq04JrN+87lMPX0=
X-Served-By
cache-lcy19249-LCY
Last-Modified
Fri, 29 Apr 2022 06:28:23 GMT
Server
AmazonS3
X-Timer
S1651224911.703637,VS0,VE0
ETag
"21c1c055a96b89bbc576d4042e188eba"
x-amz-request-id
PPT2RRM0C07FK6Z0
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
108
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 34A2 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 08:52:52 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
rbx1
content-disposition
attachment;filename="id5-api.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
11181
x-request-id
27394058
/
onetag-geo.s-onetag.com/ 		555 B
972 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-122.fra50.r.cloudfront.net
Software
/
Resource Hash
ff990708f1742064fb848a81f53edab5672739625bb6b0ebe08ceadd7f913c7d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 22:10:55 GMT
via
1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront), 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
age
41055
x-amzn-requestid
995b55bc-29f6-4eb0-aed6-461976ca9f28
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2, FRA50-C1
x-amz-apigw-id
RT-VgFFICYcFy_g=
content-length
555
x-amz-cf-id
d-U_xXxY2BLK97hPzfCTZIoqV7-Mn6_lpJEzzHHtN54lpjHJXjDPJQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-101.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b174c2de49f6aa7f8b72125c63c163012b9ff34afdbdaea39b4c499e1d16df8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
uiJ1YCXqTfg4YsRV.iQoQhQ_4iTW1U6K
content-encoding
gzip
etag
W/"af8244025b2d978df209bf028c458664"
last-modified
Mon, 04 Apr 2022 13:02:16 GMT
server
AmazonS3
age
24245
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 29 Apr 2022 02:51:06 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
LYcWoYj_q1sCl7uHbXqKotnuSoWMU0BLUQlfpb3g0VOtJHi4yLwWEQ==
m-9a9d1fb158.js
tag.escalated.io/ 		113 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/m-9a9d1fb158.js
Requested by
Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.staradvertiser.com&type=display&cust=7470&sid=direct&c=&cust2=direct
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e0e83202a9ee204ef43f827c6577a14f183f0fb12e3b96ca6edb852d5c6d9a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Apr 2022 15:57:32 GMT
Server
Apache
ETag
"1c281-5ddb8fbd03300"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=31536000, immutable
Connection
close
Accept-Ranges
bytes
Content-Length
44052
X-XSS-Protection
1; mode=block
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=164214603234511&correlator=1031722806627304&eid=31067331&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=31&adks=1231134253&didk=570410235&sfv=1-0-38&ecs=20220429&fsapi=false&prev_scp=h%3D9%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie=ID%3De13449a289797ee8-2295a2fd86cd006f%3AT%3D1651224910%3AS%3DALNI_MZsa9mP-L1A1fxMyMp5YFlSEDJrHw&abxe=1&dt=1651224910784&lmt=1651224910&dlt=1651224907792&idt=2072&biw=1600&bih=1200&adxs=1162&adys=9013&ucis=v&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x728&msz=300x-1&fws=0&ohw=0&ga_vid=1497013893.1651224909&ga_sid=1651224910&ga_hid=1006023325&ga_fc=true&btvi=15&topics=1&nvt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c44d25f5a4c9d74e2983906ca05f02af6165fbc3da4ef41486b48454ac8e4169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9479
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=164214603234511&correlator=859819239454262&eid=31067331&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=32&adks=2233527209&didk=570410234&sfv=1-0-38&ecs=20220429&fsapi=false&prev_scp=h%3D9%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie=ID%3De13449a289797ee8-2295a2fd86cd006f%3AT%3D1651224910%3AS%3DALNI_MZsa9mP-L1A1fxMyMp5YFlSEDJrHw&abxe=1&dt=1651224910788&lmt=1651224910&dlt=1651224907792&idt=2072&biw=1600&bih=1200&adxs=1162&adys=9447&ucis=w&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x728&msz=300x-1&fws=0&ohw=0&ga_vid=1497013893.1651224909&ga_sid=1651224910&ga_hid=1006023325&ga_fc=true&btvi=16&topics=1&nvt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
fba9a72356c099f08c586db5365803ee42e99cdd0156de5d74aea21b1f820bbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18393
x-xss-protection
0
google-lineitem-id
5747548770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357539009
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=164214603234511&correlator=1152409140758817&eid=31067331&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=33&adks=613459873&didk=570410212&sfv=1-0-38&ecs=20220429&fsapi=false&prev_scp=h%3D9%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie=ID%3De13449a289797ee8-2295a2fd86cd006f%3AT%3D1651224910%3AS%3DALNI_MZsa9mP-L1A1fxMyMp5YFlSEDJrHw&abxe=1&dt=1651224910791&lmt=1651224910&dlt=1651224907792&idt=2072&biw=1600&bih=1200&adxs=436&adys=10978&ucis=x&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1350x142&msz=1320x-1&fws=0&ohw=0&ga_vid=1497013893.1651224909&ga_sid=1651224910&ga_hid=1006023325&ga_fc=true&btvi=17&topics=1&nvt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
58b094270c4dd41e2cc2b8352194e59e0bc07541c84446968499bc8cf7e400b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18659
x-xss-protection
0
google-lineitem-id
5747548770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357538982
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
16a7853a-971f-42dd-9d5e-52b41d338657.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/ Frame EA9E 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/16a7853a-971f-42dd-9d5e-52b41d338657.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
932bfd5cc555827a06d1d0ebb3c2c86a398803bfe36ad37bb519431679ca9b79

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
age
0
x-guploader-uploadid
ADPycdugUu-tXh78VlFMW8P2yQPx6wNipHRCK2-_3yXe383Lq78ZucCgpaplEUIg-lbiumKJnK42xnln9gbgc51KArxwmQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21110
last-modified
Wed, 07 Apr 2021 06:08:46 GMT
server
UploadServer
etag
"9271dc765e85f5c931a193550f6030e2"
x-goog-hash
crc32c=UIcJ8A==, md5=knHcdl6F9ckxoZNVD2Aw4g==
x-goog-generation
1617775726809174
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
21110
accept-ranges
bytes
content-type
image/jpeg
expires
Fri, 29 Apr 2022 10:35:11 GMT
Inter-roman.var.woff2
rsms.me/inter/font-files/ Frame EA9E 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fastly-request-id
fa18e8693a6262b44dff575f0307e64a2be67041
date
Fri, 29 Apr 2022 09:35:10 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-cache
HIT
x-cache-hits
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
227180
x-served-by
cache-mxp6971-MXP
last-modified
Fri, 22 Apr 2022 23:31:18 GMT
server
cloudflare
x-github-request-id
2402:3849:A851:DA42:626BAE62
x-timer
S1651224911.934536,VS0,VE0
etag
"62633ac6-3776c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYmTlPngIKLzdf76dWE4W4UTK%2FeXI1nThGUEIq%2Bd0w8K9YKh7LpaT3xNrvE2a03yAG0Gsu4UFJphwllUSnKLTfmP%2FKmW70wX3Jntu56Uc8w%2B3doZcpazALswdYlM8MbvVq6402KF"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
x-proxy-cache
MISS
accept-ranges
bytes
cf-ray
70370bcd3cd6374b-MXP
x-origin-cache
HIT
expires
Fri, 29 Apr 2022 09:32:42 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame EA9E 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3370295
x-jsd-version
4.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
262440
x-served-by
cache-fra19128-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KS5vGa4T%2FLZ%2FXWpXnInMjW4lxWc2x2wh5bxnJCe1KO7xKGR3HDlkgN93nYElJ%2B49d8TJJoLWQF5ATcgESbR2NsE4kDkj%2BUYCTnI0Dr6PpvJyC1ryt298gMID4ixFc6qvX7txmBUMKSF3%2Bz6STDg%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
70370bcccbb02325-ZRH
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame EA9E 		26 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1651224910809&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=AdForge%20Ad%20Unit&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=37180507-36a7-4949-b2e8-485350bf84b7&dtm=1651224910806&vp=300x250&ds=300x250&vid=1&sid=9e7aa9a2-8940-4bd6-b3fb-517a56071e80&duid=864c31cd-607c-4864-a4b6-ad500de4577a&fp=1351496004&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiYzBhYTBiNjEtODFmMS00ZmQyLWIzNjgtZDFhMGY0N2YzYTUzIiwiYmlkIjoiZWZmN2RjMGYtYzRkMC00MThhLWFkZjAtNjI3Y2VhNmM4YjBhIiwicGlkIjoiYzQ2Y2YxNWQtMTYyMi00MTU3LThmM2YtMThiOWE2MTk0NmRlIn19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
969a6c1cb4feaa761d0bd3a9b5147c67
function-execution-id
qx063nw5f9aj
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
photo-1600502281976-e0e31b326509
images.unsplash.com/ Frame EA9E 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1600502281976-e0e31b326509?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDE2fHxib3V0aXF1ZXxlbnwwfHx8fDE2NDg3OTI4NzU&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
cbd54f1943122a56a8c176c044871e7e62b13b4e666c3adf6eb53950abcd62e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 01 Apr 2022 06:01:26 GMT
server
imgix
age
2432025
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-imgix-id
86f85c72597e4ae086e4f335ba1320a4fae73008
accept-ranges
bytes
content-length
59970
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10031-SJC, cache-hhn4021-HHN
89adbbf9-c4de-434e-ae06-ec02a08607a6.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/ Frame DC06 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/89adbbf9-c4de-434e-ae06-ec02a08607a6.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0e62bb7a2b5b9db9b16885dcaf148afac5db086925988f0224d4a8081d1da3a4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
age
0
x-guploader-uploadid
ADPycdsEvdruUN_mMaEvRZFmfQ47f1QLesmgnEEz0GseVnQEHSx31lw8w10k-Xx3Dn3cp8U97CHzFqkXkGae2WAYrrUWyQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24571
last-modified
Fri, 22 May 2020 07:51:10 GMT
server
UploadServer
etag
"8bc050b660ae6d5ba434eca1ec1b880c"
x-goog-hash
crc32c=rH6OuA==, md5=i8BQtmCubVukNOyh7BuIDA==
x-goog-generation
1590133870191117
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
24571
accept-ranges
bytes
content-type
image/jpeg
expires
Fri, 29 Apr 2022 10:35:11 GMT
j8_36_fAw7jrcalD7oKYNX0QfAnPU0PG9JfGhA.woff2
fonts.gstatic.com/s/frankruhllibre/v12/ Frame DC06 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/frankruhllibre/v12/j8_36_fAw7jrcalD7oKYNX0QfAnPU0PG9JfGhA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d60bef1316dc12b91225f2862832123dfbd67ae192bda2d2dfd385130b42a07d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 21:12:36 GMT
x-content-type-options
nosniff
age
44554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19952
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:09:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 21:12:36 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame DC06 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3370295
x-jsd-version
4.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
262440
x-served-by
cache-fra19128-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAPxnxki23KhtdsRbWurLAuzpoSQR%2BtPpNW3xb39JLEJ5UkCv4KR7M6XEeOPccUoLKrrYye9FF%2B7n7ZYNq62CFLZ5203r%2FzYfs46UhDtEmsCubSNwAs13jOeSIppjCtiraSActg%2B94da%2BRsy7WQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
70370bcd1c472325-ZRH
Inter-roman.var.woff2
rsms.me/inter/font-files/ Frame DC06 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fastly-request-id
fa18e8693a6262b44dff575f0307e64a2be67041
date
Fri, 29 Apr 2022 09:35:10 GMT
via
1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
x-cache-hits
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
227180
x-served-by
cache-mxp6971-MXP
last-modified
Fri, 22 Apr 2022 23:31:18 GMT
server
cloudflare
x-github-request-id
2402:3849:A851:DA42:626BAE62
x-timer
S1651224911.934536,VS0,VE0
etag
"62633ac6-3776c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKZvbOeVbYSLSnaCa5MADgfS6dfYPmgS6LOdnPqn90qVuRV%2B5G28s%2BJLKtqKTnU2XyXnPOVyrD2plRNlaCFKheK83iI3S8Lezun9OkiebIWAG8YR8I89YqXITNWQQTHWD8RX5gjJ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
x-proxy-cache
MISS
accept-ranges
bytes
cf-ray
70370bcd3cd3374b-MXP
x-origin-cache
HIT
expires
Fri, 29 Apr 2022 09:32:42 GMT
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame DC06 		26 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1651224910860&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=AdForge%20Ad%20Unit&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=37180507-36a7-4949-b2e8-485350bf84b7&dtm=1651224910806&vp=300x250&ds=300x250&vid=1&sid=9e7aa9a2-8940-4bd6-b3fb-517a56071e80&duid=864c31cd-607c-4864-a4b6-ad500de4577a&fp=1351496004&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiYzBhYTBiNjEtODFmMS00ZmQyLWIzNjgtZDFhMGY0N2YzYTUzIiwiYmlkIjoiZWZmN2RjMGYtYzRkMC00MThhLWFkZjAtNjI3Y2VhNmM4YjBhIiwicGlkIjoiYzQ2Y2YxNWQtMTYyMi00MTU3LThmM2YtMThiOWE2MTk0NmRlIn19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
6bfe255f01f36568086eb78433bfb33f
function-execution-id
j8394emmv8q4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
photo-1611773236700-a0592aeaf8fc
images.unsplash.com/ Frame DC06 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1611773236700-a0592aeaf8fc?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDExfHxwZXN0fGVufDB8fHx8MTY0NjIwMTA1MA&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
e77b5a4735cd6675a660c3906a5ff1f4e963f44809c31f0c6b6e992dfa0a5e37
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
x-content-type-options
nosniff
age
1552999
x-cache
MISS, HIT, HIT
x-imgix-id
7e6337be84c93350da81edc63c06911e8395d9fe
fastly-restarts
1
x-served-by
cache-sjc10076-SJC, cache-sjc10058-SJC, cache-hhn4021-HHN
accept-ranges
bytes
last-modified
Mon, 11 Apr 2022 10:11:51 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-length
26441
cross-origin-resource-policy
cross-origin
934.json
id5-sync.com/g/v2/ 		213 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/934.json
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.46 , France, ASN16276 (OVH, FR),
Reverse DNS
p01.id5-sync.com
Software
/
Resource Hash
c84a710be43e6fc31c712a8e481ba1ceacaa2db050eaa5866b752d20163b1f56
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 29 Apr 2022 09:35:10 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		63 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d086ec3bfeee87bfd7a9b2db26eeb4cb02d8e4c2d7ee2ac61c743cf88917ae03

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:11 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
x-server
10.45.3.45
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		109 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
0cd32786d1b0a966d8017aacb4c5bdfe03e9239d9acf3d8b063a9d941123efbc

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 29 May 2022 09:35:11 GMT
envelope
api.rlcdn.com/api/identity/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1273
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
lg.php
cdn.firstimpression.io/delivery/ Frame 8BF1 		1 B
457 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=67473%7C67474%7C67475%7C68125%7C68321%7C68413%7C68422%7C76814%7C77576%7C83342%7C93650&campaignid=43%7C15%7C9%7C13%7C16%7C18%7C11%7C22%7C7%7C44%7C6&zoneid=110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:11 GMT
content-encoding
gzip
server
nginx/1.20.0
x-amz-cf-pop
FRA50-C1
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
W5NDd7r8oQIRaoIzPdAwZr7BRX1navQJaPKgBkk4ZiRMHg7YprvTQA==
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
expires
0
arj
firstimpression-d.openx.net/w/1.0/ Frame 8BF1 		73 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firstimpression-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.staradvertiser.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=daac1fc9-4184-444f-827f-c9b73d116357&nocache=1651224910988&schain=1.0%2C1!firstimpression.io%2C7470%2C1%2C%2C%2C&aus=728x90&divids=fiInstance_110722_0_214253483078402_unit&aucs=&auid=540910482&aumfs=10
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
58654e8df89a12f73e6381de0e6db832fab1e304047586cfea12aea98daa9286

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:11 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 8BF1 		36 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=505551&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22311dc95f9ba06e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%2C%22domain%22%3A%22staradvertiser.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22staradvertiser.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22426e1e9e003c55%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22505551%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22firstimpression.io%22%2C%22sid%22%3A%227470%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1e884bfb7c5fd4ce3d17a9532d2484565d3fc8672304396113f428898a966e0f

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:11 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[217.138.196.102], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
27
expires
Fri, 29 Apr 2022 09:35:11 GMT
cdb
bidder.criteo.com/ Frame 8BF1 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=82151352351
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Apr 2022 09:35:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bid
ap.lijit.com/rtb/ Frame 8BF1 		94 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.2.0
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
288306dc7cfad98e8115853dfd762e7a2c97e1493f067e44ff7bf9c4b98ea675

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 29 Apr 2022 09:35:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ Frame 8BF1 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7704a8ff24dafe20df5aa870e7b4a31b7a2c24ab1437a390bd13cf07f4d3dcd6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 29 Apr 2022 09:35:11 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.102; 217.138.196.102; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f9fbde20-4be3-4cb0-9ee8-264155261f4c
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 8BF1 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 29 Apr 2022 09:35:11 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
hb.emxdgt.com/ Frame 8BF1 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=2000&ts=1651224910999&src=pbjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.16.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-16-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 29 Apr 2022 09:35:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid
ib.adnxs.com/ut/v3/ Frame 8BF1 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
16e9e81f2507a6ddb3483718f974a6cb5545aff6758e7f4eadaf39fa3231d965
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 29 Apr 2022 09:35:11 GMT
X-Proxy-Origin
217.138.196.102; 217.138.196.102; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a24ee2fb-0d0d-42f7-8bb5-834cb832c823
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8BF1 		371 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1486010&size_id=2&rp_schain=1.0,1!firstimpression.io,7470,1,,,&rf=https%3A%2F%2Fwww.staradvertiser.com%2F&tg_i.ref=https%3A%2F%2Fwww.staradvertiser.com%2F&tg_i.page=https%3A%2F%2Fwww.staradvertiser.com%2F&tg_i.domain=staradvertiser.com&tg_i.figroup=a3&tk_flint=pbjs_lite_v6.2.0&x_source.tid=daac1fc9-4184-444f-827f-c9b73d116357&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.021727548466041968
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e6871437a654959244132ccb5de60da3bfecff72cc8d876771fbc2b3e54e1664

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 29 Apr 2022 09:35:11 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
371
Expires
Wed, 17 Sep 1975 21:32:10 GMT
mvo
tag.1rx.io/rmp/212956/0/ Frame 8BF1 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212956/0/mvo?z=1r&hbv=6.2,2.1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
pragma
no-cache
date
Fri, 29 Apr 2022 09:35:11 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
apstag.js
c.amazon-adsystem.com/aax2/ Frame 8BF1 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:25:19 GMT
content-encoding
gzip
age
591
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
095K6T3NB79CGQG4Z6RK
etag
4abd427e43cd6822329a2c05539e321f
vary
Accept-Encoding
x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
YCsEJTIABwplTP6BnwbVZKt9EF6XYVlYHebEBAywSjxotfwzvx38tw==
css
fonts.googleapis.com/ 		5 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 07:41:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:11 GMT
e7366cd8-a6ea-43d7-adef-30cc7200d67a.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/e7366cd8-a6ea-43d7-adef-30cc7200d67a.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ae560147811e1c76b5061cffd724cb6a148e633f4e23c601a98949f4b28dc770

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Tue, 29 Mar 2022 23:18:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
19PIvcefVef4oqbRPioMuA==
ETag
0x8DA11DA68E700C9
Content-Type
image/jpeg
x-ms-request-id
2b7344b6-101e-0027-06ac-5b2a75000000
x-ms-version
2009-09-19
Content-Length
9824
6a00b766-3255-4008-bf42-8ffa58ff193f.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/6a00b766-3255-4008-bf42-8ffa58ff193f.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ed4d00f8b9dc2c9e1b0b1caf5dd533c71bfccc30e61bb1122639f684f71f603e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Mon, 11 Apr 2022 21:45:46 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
DJhclxATF1tW+KSvYtrWiQ==
ETag
0x8DA1C04A326AF26
Content-Type
image/jpeg
x-ms-request-id
e0833a4b-a01e-0050-2eac-5bffe1000000
x-ms-version
2009-09-19
Content-Length
20193
39NK-12y6UCGqmV7I_30TA.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/39NK-12y6UCGqmV7I_30TA.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3f378a2f6996823e0e48f69a8abc5e472923de714e68f285a8ab70c66e7e17ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:10 GMT
Last-Modified
Mon, 06 Sep 2021 23:24:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
QuV2QYDH2m9eaOjTshtCzg==
ETag
0x8D9718D754D6060
Content-Type
application/octet-stream
x-ms-request-id
ae521752-a01e-0032-4aac-5b3dc6000000
x-ms-version
2009-09-19
Content-Length
53090
f5aa8ddb-81bf-4872-918d-56aa87544084.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/f5aa8ddb-81bf-4872-918d-56aa87544084.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
78b8c5ebdcbe9b538d0326396c40f77c5e0f529318a4df6b8cdb6a578527c0a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Wed, 17 Aug 2016 21:25:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
di8zSgC32wT9Bh8ib+ywgg==
ETag
0x8D3C6E512B6E599
Content-Type
image/png
x-ms-request-id
196bff46-101e-0037-69ac-5bef1d000000
x-ms-version
2009-09-19
Content-Length
103270
846997ea-4ab0-4abb-9c2e-775f874d16dc.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/846997ea-4ab0-4abb-9c2e-775f874d16dc.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
018a6ba81f499f8c19ed8bf09b3f6fbe80ba35248a1fa3b1f92328d4533fb6bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Wed, 16 Mar 2022 04:26:57 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
1+bHOI9XXn4r121PB+gquw==
ETag
0x8DA0705355F4907
Content-Type
image/jpeg
x-ms-request-id
944ce883-401e-0077-39ac-5be825000000
x-ms-version
2009-09-19
Content-Length
14759
47b29332-c3b7-4c9f-b090-59c6df0bc0ff.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/47b29332-c3b7-4c9f-b090-59c6df0bc0ff.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dc8d71c5560be6512b92a2c9f017d746d49d1eed1072920db8af83f78e561bc2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Fri, 08 Apr 2022 04:14:19 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
JfAg8frS4yG+xXU0jAqO+A==
ETag
0x8DA191640EDAB05
Content-Type
image/jpeg
x-ms-request-id
82478c2d-f01e-004d-65ac-5bf25d000000
x-ms-version
2009-09-19
Content-Length
7891
119e549c-70e3-41b7-836a-a87c311ab168.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/119e549c-70e3-41b7-836a-a87c311ab168.medium.PNG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bba2c26504fb78a647b11f2899658f903be695b28af45512c2d0a8ee205d86be

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Wed, 30 Mar 2022 02:04:43 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
gaTAVEpAopX0xOdXqmSLCA==
ETag
0x8DA11F1A811EB3E
Content-Type
image/png
x-ms-request-id
2b7344e3-101e-0027-2eac-5b2a75000000
x-ms-version
2009-09-19
Content-Length
18177
e0b0aab8-45e2-48b1-88b3-f1f5dda4a827.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/e0b0aab8-45e2-48b1-88b3-f1f5dda4a827.medium.PNG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aa22f02b904df277a53b83bc1966728c9857fb417d4d8bba3e5efcd3b8a84006

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Mon, 04 Apr 2022 21:31:38 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
iUGDJQpW/GdWGakfG1IKQQ==
ETag
0x8DA168280C54520
Content-Type
image/png
x-ms-request-id
944ce8d6-401e-0077-09ac-5be825000000
x-ms-version
2009-09-19
Content-Length
4317
3d12de5a-622d-4360-84d2-4e74eef892cc.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/3d12de5a-622d-4360-84d2-4e74eef892cc.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e664f86ab7de4fcdce327a2bbbce893026fd7d253147b9734bdba2aa29951e30

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Sun, 27 Feb 2022 05:20:20 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
U4E1AfpGGNE0Wyq3O80sxA==
ETag
0x8D9F9B0D96B427F
Content-Type
image/jpeg
x-ms-request-id
82478c65-f01e-004d-19ac-5bf25d000000
x-ms-version
2009-09-19
Content-Length
12246
5f6ad266-7312-4c4e-99a3-a858a80ab7e3.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/5f6ad266-7312-4c4e-99a3-a858a80ab7e3.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
eb16e701b9e60db17e7ec8870ccd716bcabdcc777c7c86da2b78be38a3c1f0d2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Tue, 15 Mar 2022 00:50:54 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
SbFBqTY9UyEl3ei47Db9KQ==
ETag
0x8DA061DDC3991DF
Content-Type
image/jpeg
x-ms-request-id
e0833ac6-a01e-0050-20ac-5bffe1000000
x-ms-version
2009-09-19
Content-Length
10502
f5a53693-de87-498b-a035-124412f9eea0.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/f5a53693-de87-498b-a035-124412f9eea0.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d85e7a9efc0ca2e08b8c657bdf56d98ae41a63bf5d7bc786bfdf773ad1541850

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Fri, 18 Oct 2013 01:37:24 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
YnF4J5TuYB9u2ixhDGVWtA==
ETag
0x8D099B9BAD718B3
Content-Type
image/png
x-ms-request-id
ae5217c4-a01e-0032-35ac-5b3dc6000000
x-ms-version
2009-09-19
Content-Length
147623
0dd45eb2-261b-45a6-976f-1af797b3b268.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/0dd45eb2-261b-45a6-976f-1af797b3b268.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8a41bd8ba79ffdfeee22f92c6bb530a736fcafe2eb8629331435a893f30bfe1b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Tue, 19 Apr 2022 21:45:03 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
liHkBs+eT/zQ4NOtbsTBFg==
ETag
0x8DA224DDC7845A4
Content-Type
image/jpeg
x-ms-request-id
2b734509-101e-0027-53ac-5b2a75000000
x-ms-version
2009-09-19
Content-Length
14917
3wA3j2kFdkiiopPebAOY-w.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/3wA3j2kFdkiiopPebAOY-w.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d68dbe5cecf4c2852de8319488d82f9f8083584bc4f64fbf44464d3782b82fb6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Sat, 31 Jul 2021 05:25:20 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
JICU1Doo/mb3kKv489v0Bw==
ETag
0x8D953E396E102D4
Content-Type
application/octet-stream
x-ms-request-id
944ce91e-401e-0077-4fac-5be825000000
x-ms-version
2009-09-19
Content-Length
36428
7231a5c6-5a8a-4bfa-a41f-c83b3a8e94fd.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/7231a5c6-5a8a-4bfa-a41f-c83b3a8e94fd.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7a6d9ed7a90c64f9f4ad49b365f1d1dc74a96219d869cd9f8253b9a77c5a16ff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Fri, 18 Oct 2013 00:28:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
InDm0UIKqEMxPopcuYW8Nw==
ETag
0x8D099B01854BD6D
Content-Type
image/png
x-ms-request-id
82478c8c-f01e-004d-3fac-5bf25d000000
x-ms-version
2009-09-19
Content-Length
98030
mJ0Jss6CI0ucbkEqC10j9Q.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/mJ0Jss6CI0ucbkEqC10j9Q.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
002eb87fc5a792a8f14c974b574aae22c22969d5b3eac081d97126b93491ca91

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Mon, 25 Apr 2022 13:43:10 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ohr1w1hvgWffLz0ZKUAR3w==
ETag
0x8DA26C1899CF01B
Content-Type
application/octet-stream
x-ms-request-id
e0833af2-a01e-0050-4aac-5bffe1000000
x-ms-version
2009-09-19
Content-Length
23499
SoOsk-z-oUCzR1AlbN3JGw.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/SoOsk-z-oUCzR1AlbN3JGw.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b4a6816894039d78e1a00716627d69fb916d88b284e07594fbde4babc8e289de

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:12 GMT
Last-Modified
Sun, 08 Aug 2021 22:06:35 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
nfTFrwQm1dkafRNV6mDd1A==
ETag
0x8D95AB8C9D03A8C
Content-Type
application/octet-stream
x-ms-request-id
196c002c-101e-0037-3eac-5bef1d000000
x-ms-version
2009-09-19
Content-Length
32582
483bf697-41e5-4a32-ba53-b48d4d758133.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/483bf697-41e5-4a32-ba53-b48d4d758133.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7f7a2eff204787d41e37ca51909b80cbab14e7de622a15dae5b0c568b84d6335

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Wed, 06 Apr 2022 00:02:09 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
uDOqcu7AaZ1aIPpbDAUk7A==
ETag
0x8DA1760B1DACF66
Content-Type
image/jpeg
x-ms-request-id
2b73452a-101e-0027-73ac-5b2a75000000
x-ms-version
2009-09-19
Content-Length
8702
1aa72ac5-3b32-4120-aca0-32f98bbcb48f.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/1aa72ac5-3b32-4120-aca0-32f98bbcb48f.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e57223601accd803ee944f5d48d2f5baafb59762a6c24074d0406211ed5369bb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:11 GMT
Last-Modified
Sat, 10 May 2014 23:30:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
kiNPQOZFslJBrgDS87p0Wg==
ETag
0x8D13ABEFDB8AE84
Content-Type
image/png
x-ms-request-id
944ce980-401e-0077-2fac-5be825000000
x-ms-version
2009-09-19
Content-Length
74248
235609b9-09f3-4519-90dc-e8acbcde45e4.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/235609b9-09f3-4519-90dc-e8acbcde45e4.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7cccd3476a69740ad7c4be6f357e9060b5fb466785dd465577e2a98027585022

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:12 GMT
Last-Modified
Thu, 07 Apr 2022 21:21:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
aI0+vSDpcMD/xohQx7l3dw==
ETag
0x8DA18DC9BE3FB10
Content-Type
image/jpeg
x-ms-request-id
e0833b36-a01e-0050-08ac-5bffe1000000
x-ms-version
2009-09-19
Content-Length
7598
5429d371-38aa-47b2-b810-705bf1d867bf.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/5429d371-38aa-47b2-b810-705bf1d867bf.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1b8b1b0a56d01ec7fbb4f0807eba4d8bb67fe56bb24d68388ce781396eaaefc0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 29 Apr 2022 09:35:12 GMT
Last-Modified
Tue, 05 Apr 2022 04:41:42 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
bi4oThCtm3j9ZF5XYTfPOw==
ETag
0x8DA16BE94F62F2B
Content-Type
image/jpeg
x-ms-request-id
2b734552-101e-0027-18ac-5b2a75000000
x-ms-version
2009-09-19
Content-Length
8350
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 22:48:08 GMT
x-content-type-options
nosniff
age
211623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:00:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 22:48:08 GMT
369.json
id5-sync.com/g/v2/ Frame 34A2 		213 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.46 , France, ASN16276 (OVH, FR),
Reverse DNS
p01.id5-sync.com
Software
/
Resource Hash
a903daca1436101447edbe1c0afc6da52244ee41727a5b7a1c37074a7d847396
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 29 Apr 2022 09:35:10 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
css
fonts.googleapis.com/ Frame E7A4 		4 KB
508 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b057c880cbce263eaf21e52b47c99822e68243a00a4a8ab698826328d7caeb85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 09:35:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:11 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame E7A4 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12727656
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
T18ZEX77RD27CDYE
x-amz-id-2
T58iHULcUdkMQD+RVZl3jyWk3K1douVqFmqvJsBQw125eugLjMbTUwjESb13yVpVQZDT4I1k4Ko=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLMaMyQ8uFA2wxm3BYlD%2B0kWMkQaP6b6DAd4R1gnwqROCMLTe2MfKevge8hqMGjR%2Fz4%2BKel8CLJIb%2BVE9%2FhXve80ttgfoxDe3sWNei8nei55MjcZ%2BmhatYu1AclPB0zyPWftexhWIJqjPkE9YZzFtLCF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
70370bd0284a374e-MXP
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1006023325&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&dp=%2F134cd2a0-7eab-4f89-ad56-f416cc5743c6&ul=en-us&de=UTF-8&dt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEFAAEABAAAAAC~&jid=734970911&gjid=1501077449&cid=1497013893.1651224909&tid=UA-123718506-11&_gid=739477006.1651224909&_r=1&_slc=1&z=219066244
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.instiengage.com/json/ Frame E7A4 		240 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
9e85dc0f7699e0a1ff54678b058435f14f7b041dfbc0001e44c1accca0b7efc1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 29 Apr 2022 09:35:11 GMT
access-control-allow-credentials
true
x-database-date
Fri, 29 Apr 2022 02:43:04 GMT
content-length
240
vary
Origin
content-type
application/json
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame E7A4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4e00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
w7gtQSz9AStQdiIs3IcLPUYoKdf9yCiw
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
162
etag
"b5cc01468ea9b242e6354798d28874df"
x-cache
Hit from cloudfront
content-type
image/png
date
Fri, 29 Apr 2022 09:33:36 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2129
x-amz-cf-id
Nq5ncVtx_xK_b7NSdzX_8rUIh-a93tXuel3SNr0jLHr_bPvcuefWMQ==
icon-check.png
static.instiengage.com/files/images/embed4.0/app/ Frame E7A4 		649 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/icon-check.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4e00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
LAzj2T9To4nJbbC7ZHWfpQpTuFxrgcvY
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
73
etag
"b673377b664a0b33454c267d911fcfc1"
x-cache
Hit from cloudfront
content-type
image/png
date
Fri, 29 Apr 2022 09:34:08 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
649
x-amz-cf-id
9EWlvy2X1JEq5HTQTa-AdExneV0EXdnP7kacUNMWEfGuPtjI2UiIjg==
graphic-ooc-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame E7A4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/graphic-ooc-opt.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4e00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
eOMnJSzBI81wb4OK.n4S.oHVD4IqRrSP
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:05 GMT
server
AmazonS3
age
73
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
x-cache
Hit from cloudfront
content-type
image/png
date
Fri, 29 Apr 2022 09:34:08 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4833
x-amz-cf-id
Z1eiLZ1_oUiidG6M1GOyxswKSkDl6HV-FGyuBTrDgK7ij6NfKO_ikg==
contents
cms.instiengage.com/v3/ Frame E7A4 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.instiengage.com/v3/contents?embed_uuid=e5666664-52a2-4b8b-bca2-c3f0a6d328e9&cookie_id=null&content_order=ORDERED&for_embed=true&content_count=20
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
94cd1b8e956cc8f7582b1ced8c30618422449295ca9d5d6524dcf97f10f74fc5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 29 Apr 2022 09:35:11 GMT
access-control-allow-credentials
true
content-length
18315
vary
Origin
content-type
application/json
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/ Frame 34A2 		191 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c1cd74e1bae371d24605770bb65b81c31ffebf43e45ff01b535b23bea87f4da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:11 GMT
Content-Encoding
gzip
Age
450
X-Cache
HIT
Connection
keep-alive
Content-Length
62095
x-amz-id-2
Q1FwX3P+hehSVQ9dDk70PkvYp+yVV0IYn7DIpcgPYlb2DVZzOliMPX/ECV+/ARXMlyTJH8JkWdg=
X-Served-By
cache-lcy19249-LCY
Last-Modified
Tue, 26 Apr 2022 13:52:54 GMT
Server
AmazonS3
X-Timer
S1651224911.344813,VS0,VE0
ETag
"50304451ea6cf0b5d1ffef391681a6b2"
x-amz-request-id
4XG7YQKXX066V7P6
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
460
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame B9D0 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2372
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
seccAS4gk0yVxB8C1HQjsqYwQfNw0dqTEsB1DQ6ENCagoJD4WOVMLg==
9837137720388202531
tpc.googlesyndication.com/simgad/ Frame B9D0 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9837137720388202531
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 05:13:48 GMT
x-content-type-options
nosniff
age
188483
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11445
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 18:58:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Apr 2023 05:13:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame B9D0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame B9D0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B9D0 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:11 GMT
l
www.google.com/ads/measurement/ Frame B9D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcKRBaoifNMBKRWFXReHTlNhl_gGUcu2oZQmUf1oGL2lMBzmP3NN0mkr8RQ971xwVIMqTpM-gVVBSHRKQIS4Lf7B5KaA
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 1E52 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2372
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
_pG2icSLHPePqNJ5F-SM7GK8EdD6i3FJCeauL740s3BbjFcQoRqCoA==
14566850117176945425
tpc.googlesyndication.com/simgad/ Frame 1E52 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14566850117176945425
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c8d797886442e55fa5170fcf3586ed6e57f226116f583e5a354266d838c60fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 09:07:15 GMT
x-content-type-options
nosniff
age
174476
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12817
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 18:49:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Apr 2023 09:07:15 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 1E52 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 1E52 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
l
www.google.com/ads/measurement/ Frame 1E52 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSp65KERaqGzvmHZd8v4goETZ3wqXdbeSszOpkxUIdis2W6Cmdk5K0mDADvV5Uk-80KlCfS1XZt42FxxxluVoxRtzrh-A
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E52 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:11 GMT
container.html
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3108 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:10 GMT
expires
Sat, 29 Apr 2023 09:35:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
prod
dhukrzx4tb.execute-api.us-east-2.amazonaws.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://dhukrzx4tb.execute-api.us-east-2.amazonaws.com/prod
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.170.211 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-20-170-211.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
prod
dhukrzx4tb.execute-api.us-east-2.amazonaws.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://dhukrzx4tb.execute-api.us-east-2.amazonaws.com/prod
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.170.211 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-20-170-211.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
container.html
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 01DB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:10 GMT
expires
Sat, 29 Apr 2023 09:35:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FE2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:10 GMT
expires
Sat, 29 Apr 2023 09:35:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 6A5D 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2372
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
QGwfFIf_NxWkhoQ4YlLnC-IxfiBMgXnr8Pq2IkbaUV68riFtlJqPzA==
18038059899022175573
tpc.googlesyndication.com/simgad/ Frame 6A5D 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18038059899022175573
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcb38585130ca0af25b2430265a71a1333f2d67aa910d9e567eaf6b625a10092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:55:21 GMT
x-content-type-options
nosniff
age
128390
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23182
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 19:06:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Apr 2023 21:55:21 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 6A5D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 6A5D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6A5D 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:11 GMT
l
www.google.com/ads/measurement/ Frame 6A5D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQK4hPNako9dTuN-bvp6tNSxOeViBPSGLieGcfzzasPQuOeYEaD-nTEsGgdiyrFClqwB52A
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 5E3B 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2372
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
_R0wYuXnZvr-7dtpsgv0c0h0A2GFehlIxjnBy_D5osgab7fVrgLZWw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5E3B 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:11 GMT
container.html
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AEBE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:10 GMT
expires
Sat, 29 Apr 2023 09:35:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D162 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:10 GMT
expires
Sat, 29 Apr 2023 09:35:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1EEE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:10 GMT
expires
Sat, 29 Apr 2023 09:35:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 38C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:10 GMT
expires
Sat, 29 Apr 2023 09:35:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame CDE3 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2373
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Ubu5hktzNS96q68R82JMjVcGSaOH-O0xcNO_D-zLoG7sY5lI49vwRA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CDE3 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:12 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 66E6 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2373
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
e3E7xEDOCVCtJ5bpL2M7Xt42ud0e9Xn8WppSyjMa6CkPKWqVBkUcJQ==
13935128801456484552
tpc.googlesyndication.com/simgad/ Frame 66E6 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13935128801456484552
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08d911adf333fe7a15691fd03207e76cb33a0a006075b0c33dd452ad46192b04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 19:32:22 GMT
x-content-type-options
nosniff
age
136970
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41926
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 19:11:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Apr 2023 19:32:22 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 66E6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 66E6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 66E6 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:12 GMT
l
www.google.com/ads/measurement/ Frame 66E6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkfStirUGS1aAwXnj8LuVsDLNYucUjnqEMT0U6gekhwMD_7J9rbt7dAvhLssc9cIXyt1Sa
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 3222 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2373
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Y0-3BBkKnMZ-ggdabqtDKoLRPAwvWM_goQ7Jc04A4ByUuH-nM9EAcg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3222 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:12 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 8C97 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2373
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
2R5TvyJo2hwY2BBHKcHBYeQzcOorNZbS-QvpRfNBkdN2n_E5zfLBpg==
11936074607953690781
tpc.googlesyndication.com/simgad/ Frame 8C97 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11936074607953690781
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b818c83cb699a992c6ed8b6946c577dd312fcadf5f5533a0e19c77c17932d04b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 05:46:50 GMT
x-content-type-options
nosniff
age
532102
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41696
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 23:41:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Apr 2023 05:46:50 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 8C97 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 8C97 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8C97 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:12 GMT
l
www.google.com/ads/measurement/ Frame 8C97 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiy_9sJPyEwbFYjDSgpGeYAOPALfYeqWSy57v3F6-y4Bcwiqzg3RLzSfwNiGaS9MBHcnGe
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
container.html
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 87C2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:10 GMT
expires
Sat, 29 Apr 2023 09:35:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 37C0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:10 GMT
expires
Sat, 29 Apr 2023 09:35:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
photo-1611773236700-a0592aeaf8fc
images.unsplash.com/ Frame DC06 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1611773236700-a0592aeaf8fc?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDExfHxwZXN0fGVufDB8fHx8MTY0NjIwMTA1MA&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
e77b5a4735cd6675a660c3906a5ff1f4e963f44809c31f0c6b6e992dfa0a5e37
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
x-content-type-options
nosniff
age
1553000
x-cache
MISS, HIT, HIT
x-imgix-id
7e6337be84c93350da81edc63c06911e8395d9fe
fastly-restarts
1
x-served-by
cache-sjc10076-SJC, cache-sjc10058-SJC, cache-hhn4021-HHN
accept-ranges
bytes
last-modified
Mon, 11 Apr 2022 10:11:51 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-length
26441
cross-origin-resource-policy
cross-origin
photo-1600502281976-e0e31b326509
images.unsplash.com/ Frame EA9E 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1600502281976-e0e31b326509?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDE2fHxib3V0aXF1ZXxlbnwwfHx8fDE2NDg3OTI4NzU&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
cbd54f1943122a56a8c176c044871e7e62b13b4e666c3adf6eb53950abcd62e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 01 Apr 2022 06:01:26 GMT
server
imgix
age
2432026
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-imgix-id
86f85c72597e4ae086e4f335ba1320a4fae73008
accept-ranges
bytes
content-length
59970
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10031-SJC, cache-hhn4021-HHN
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v17/ Frame E7A4 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v17/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 19:24:50 GMT
x-content-type-options
nosniff
age
137422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 19:24:50 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v17/ Frame E7A4 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v17/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 19:24:50 GMT
x-content-type-options
nosniff
age
137422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 19:24:50 GMT
gtm.js
www.googletagmanager.com/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7993daa13b4ddc4aeab2693f5d63406ba74bcfcd526dc872406648395ff61ab6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39723
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Apr 2022 09:35:12 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 2564 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
X-YouTube-Client-Version
1.20220427.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtRalRkMmVyRXBxcyjM4q6TBg%3D%3D
X-YouTube-Ad-Signals
dt=1651224909394&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C299%2C168&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 29 Apr 2022 09:35:12 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123718506-11&cid=1497013893.1651224909&jid=734970911&gjid=1501077449&_gid=739477006.1651224909&_u=KEFAAEABAAAAAC~&z=568028327
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 29 Apr 2022 09:35:12 GMT
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame B9D0 		0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=726350
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1Hqz4q0txjKvxJFBNEkYNs%2BxU3jSEW%2BaHSFEzr%2F6Mcrq2jlJMngGb0RqtTeCr3G68bE6aSIpvDM3dv2r5t8QuVyJMWWqEi3wmZgEndoh0cIaCRFBbISJ4JEIYPTAuSEI%2BmvNUnOnRZhSSLmpy%2BdKFZUsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bd8896f374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT0j49Czm9hYAE5aB
view
securepubads.g.doubleclick.net/pcs/ Frame B9D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRDIuB_BBcvVlUDjUrPBTKK78ub0SGiUEvFrQaeWLtv4RN1acPLVWMFkTZq3kvkJvr9MZTXGMZ2yIJ_EegRvNn-qaQgwu1h8SmxBEcDmpsqJrHaBipxi2q2fLkmm2yXu0CZOtYIzUTFn-NFiMipdAIiJH6LrDY-05qN2h1WSq5hFyz6IkjqGA9522_heoUHFtAAGDVu51tb5Qu8IyRK82hakV5ZoNRYCV5e7hclLx97-2he_31ZDZp1AGvIN5NuYmdD8NVgR24icbpN-4XkCFpoNS77ObRs4_J_5-DqvXUnejdCXUTyD0gh58zENo4DVw4PTVmgAXWtPCQv9wkfdsOwBA&sig=Cg0ArKJSzCL0vGuDB44XEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 1E52 		0
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=973011
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYQVjt21yS3iZZ3Md40HrGMBAjC%2B1WE4YHyn4qNyNbIfLRYKmFUl2YxkI002gRNmKIulEvl0bSHt3HFDQMcip56oJ%2BYKpfx20sAo3JvnC5spshVENOhBehZ1omBA3QsWsCHNcDXU8Dk%2B4DkByDhhPufxjg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bd88972374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT0mFtHKIZAsAVydB
view
securepubads.g.doubleclick.net/pcs/ Frame 1E52 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfOR7wTdgsrMzud7lhUxohcWOJw7z_J3hgPu9JRxqHqL0Wv5_QnH6W3y24l9hWLxDmry_gXrEg9tYze5_yT5CsponfqecX36-0kmaBRB_7I0WIg9Jah1siPgIp9MWpneGgkQQFer3zhX0j-CSlVZgFoDxYJd5tI-lM3aQoQ-Kclfkin8Y8bDK5J8C1YCRHbi8aR3xO1T7cF3ib6f8qapla6a5hDRItM6OCYokcAqwMAG0n-LBwgdrzblRHzGrV_bZokoDVtPM7jJgKc5ihezCsKMx9zplSsE0V2YsTjB8i80IMtfwE8sSu0qk3GB1bv9XbnJpDHtSAgTO48XPVPypNIg&sai=AMfl-YRzVNxMujYowo8h3SKXoWHTidIg8BDEai32UUXAUrTANOLh6L_dfsK7-NKPY_Wofp_cI24OalCdjPjndOFLYdmF_23wyq9Oz8Wb3vguSWe5ZFASI_VAOO19ew6Ag58&sig=Cg0ArKJSzKSzLHTb1HbvEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame DC06 		26 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1651224912583&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=AdForge%20Ad%20Unit&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=a5350f2f-805d-4cc5-b393-1323a6d791a9&dtm=1651224910859&vp=300x250&ds=300x250&vid=1&sid=9e7aa9a2-8940-4bd6-b3fb-517a56071e80&duid=864c31cd-607c-4864-a4b6-ad500de4577a&fp=1351496004&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiZmM4MjNhYTctMzhmNy00MWZhLTlmNGUtMzE1ZGRlZTE3NGQxIiwiYmlkIjoiZTA1MzNkN2EtMmNjZS00MDhiLTkyMjMtYmJhNWMxOGNjMmY0IiwicGlkIjoiMTFkOGJmMDEtNGEwZC00MmYxLTljODItMzlmMWI3NzI2MjM0In19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
e74e017c60abc30a91abb6b606e3964d
function-execution-id
7vplmy9gvnml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 6A5D 		0
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=1093063
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbioFGTgVdL0srZ8BBnkkZyx%2FxEMBzdh8BZkflUY6sybqeqTwjpdKqQnv32yKx%2FQiLHtjwBVq0pQn2kJD%2Fx%2B8n14WK2m6hI3C02mIBGAdp7CoSfn5Tf90l2i49oTeCsW33%2BPZrgikUVh0PG%2FlvwVuMELzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bd8896b374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT0liQYwyTt4AE5ah
view
securepubads.g.doubleclick.net/pcs/ Frame 6A5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulEhtcNDm2ONbMlmebQxNIcYjb8_RoUZ2Fz9uGJ24Z0cLm17kzzdOEF0_V7rLj0hcEkuLXo-d2LdySwWhc4F8LvwIJry7AbWCopyEAF9xDoxUqRnN-Pfo7Nd33ErDjJtOpoAU3YOV05QuLwxw1F7dWTILyzN5YjaiXFEwWZuqR5ujNhcPuuhV8doSK05jaHe2FNTYIrJn0tI-lgRnPYZS_L7wYCQm7OAuXTT73VBbXmrHu3PuxarNWgzpMF_CnujqYe21G1cZ-DsvbrSXhIfm-GzbNjte6E2pa9YqtbyeGwM2aeqtAmq9q4sbB5WVkLCND&sai=AMfl-YSgscxXZepF_v3o3Z8xRGieS8nCSgBY0i34QF5umA6VSi9FHiWPJWxmeenvO4B99j4dqQWNoNd1sYArReuLxvttarZY-VDk-hRlLJ0O17jMtRaSvnXxVVnV-euqU7o&sig=Cg0ArKJSzHcxZwpqJti0EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 5E3B 		0
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=1037729
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgzaggXOMi5XDMfUa4CsTtqKttFAyczAbrrG%2FdouipXhv9FsUExTvRaB2F4nQcjnStanpPe201y3yFZhPdyi4dQ%2BuQ7Z5%2B%2BQ%2F%2BgoYUjCKTULRGjWgZDvK%2FE%2FHMkI2R6GgjIC2cPuxvuZR7GCuuIZr%2FzmcA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bd8896d374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT0MVj2pC-HMANuoy
view
securepubads.g.doubleclick.net/pcs/ Frame 5E3B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQGMu70I_LHYSo8DwOpJHMPINzOe16wZQQ7VOIG8c0xDU7e53pZTYQBo7I08IIVYMNiv8D5-7ef-Ld5ZWlFZhrKDiVP4MF5sws1btZbqo0zCNsTwpVOwf7fiioGHw1YQFVayNKtPGdiaN5hTxgmCvFrA39eTPCTqtlWk_Ignr3-whGvz4GeKcT-ipYeEIPKm-3AstQkWtq-5PHkSlbTx227G9_HoFeIm2qoaoAmv8YBky6gO2bvoV873RUk2oF5E1laD3Zal780j8_ih2CJheWAYEm83ZJ9lQPp8Ixp_SIDz8ak5knfQr3bkTLI0PrCU5o41FVJ6g&sai=AMfl-YQehtCfwp3cVbek5MjokQUtCTtfyqV9ZVjJSOd3k3qhDY3H2-H4Wi1DZ2smHSwPlbuEYioVrhk1L7rkMEJiOH2iHT9s0wM-Zo85-zWQQkD6XhHEuCY1k5OWHIf1oRY&sig=Cg0ArKJSzDfSPT7ZCZrPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame 5E3B 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b078a887633e489bea3993a5932c0b2d4d4041adcfb43a0d0465e1d38c456c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
76Xk1EXrkJUayJj49AvYDsIhCYSBN0.J
content-encoding
br
last-modified
Wed, 27 Apr 2022 16:53:20 GMT
server
AmazonS3
age
2
etag
W/"74ae308b1903b82a57cbe469cd6941bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Fri, 29 Apr 2022 09:35:12 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
OCQ8hOMd_n3MjsR5EkJJpCge1SVqIxE83_2yJTz_IIxpbBG7hIucdQ==
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 66E6 		0
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=497314
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGg8RKbjhQEs0FGOcJuEmmiPB5yX8edNCOyxZ2q5TkUN%2BxTa48cM1KxIEX6Sop7LqDq0jI44PxaJrxDaDkucFlnKXIwSR6sZQtosBg3YSKwrJ5mihSii6FtN64I1b9GGZPYMEpD3rV5RyiAgI5B%2FMPGLew%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bd8897f374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT0lbexzyizECHCcB
view
securepubads.g.doubleclick.net/pcs/ Frame 66E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMDQPHphEWBkLJLP_XRJyOwcFPbPP8vzs4bTOwSOI3EjmyPaJl7PJlsIoOa5FjQ0lTwkpKIfYNIUJR8ATt2es7LdcIGuN4m5d9N_iJ8UElvA6t5sYHTCpBKcHgSUTh6fDpR0xQ-szTFr2NGgCneoUd5YNzeqbwa5lBnDAMen2yDRPoDnqgrs_n4NROso4xSf8CTkZuv3dQ03V_RrfA_0pQPMw55HzZISD-LBMmh2HKFD3zMlAjJXR45dJi1Lk-3hsYhZumeu3BJzaBUP3lN027FP8oTNAX4futMgzumyfFo0NVh5VYZZBWuqvfBvgs9Uphy7Km5Ic&sai=AMfl-YTk7zrwX5rgpspMKoD4uRuJoC0-kU5tZy6hLIG_g5T09nz-cN1VpbJmbRn8TUCy34aBcSx0v1MDfrcpq-lJOgnEiigUrthZZBNRzf_JqQKVEdplCpwTr5R4ez9dW8M&sig=Cg0ArKJSzCnGf9_GkMzjEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame CDE3 		0
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=950898
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJhRekG0B2HlxitXuWe0K3vDjWj8b6%2BSFMoXkfaOq%2Bg8TrO%2FYQseB0mEqrIDX19xOgsODvgAPOR1raEOpxKWYJ79FOtLIKd26gBoWBF7ATYo2yWaRJU%2FIuPJCv7KbVVEr06SiY8r2T4yQfzoIJN%2FgR2T9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bd8895e374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT0nJl4AT0IEASZKS
view
securepubads.g.doubleclick.net/pcs/ Frame CDE3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3-DWzbv2hHFr7rEH2dnfp2-Pz9AzNTtq_jnqPzcxsC7HOLGKjwPmZfubtDd3Pw_WklVgNgqtk5wdSSucoRK4TQiTfLiKlT89Z9ZkX_TcB8Xxn2gF8dKvqo_y7uYjwl_tWHoXXetnnXEaFRGmzEpZfT95jgPgoTkO6iytFTpXdVvdoovhetotKxb7Psdyn9ZXhXoHJogP4bzpu28eXXuOVeYN3QiTjC17sWqEEB26KilMjksEWCy7qss-u4MHwtajrRAfpqRx9T2QMBEGi8VKU3AQ90x68pZVZGFjn2MbNcJXMY-pz39-Si9lvzGN_PJ60LtqX-Q&sai=AMfl-YSPyw5tjNBOuSzOsAk2R8oU6HBW5krhXOyuefOznbjjU9hfmn-qq5vPlcMik1Uxl8xiP2ODnLvsHPdfkycD9x5lVPAKdGVUE8RhA3e8ZVB1_xrwQcNW5LoMN5Rhhxw&sig=Cg0ArKJSzK9MRDPotGNgEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
zone
tradehouse.advertserve.com/servlet/view/banner/javascript/ Frame CDE3 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=382&friendly=friendly_1306139728&pid=0&fr=400&frlm=1&random=1306139728&encode=1&origin=https%3A%2F%2Fwww.staradvertiser.com&referrer=https://www.staradvertiser.com/&cturl=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssr9d6MNAYkZfdJjbej7l3oYuJiM4zh45YV89iFf1xjwCveKoCpohGJRa1acmL3038eeGWfqXcdAmsGuxRMK4-Nnxa6C0k9vqyMM4iqB893BCNEeDcT6amHGuUOInhAjOgxZR-Wy_IeqmF5DX8Lk324ZeZJ1A_uq3NZ-HBW72cSyqYd_DjrAuhDsKXlh9hKvQs47szlEK4vjtjFXPlo2b5ZnRepElEsBL6k8HyDhuLzwHLmcCoRNXjhqMb8FnhkrLBtmEnH97P3EmSuq5Ptxf67GHRgg29m02SHlS1GydLhX1FJHS__Dg11Z7QmJbYs9BbVoQ&sai=AMfl-YTXd_4IgRqfEaTHgmGuLQ_f7b3Fn2Uu8SZH_kTG730Om8Pkbwn5K8oU0XJyBsM9j5ZUljQxJECg0JLO27D5KGfvJX43QhAUQ0qdsfHR86tJw9IrDWq3D5TyLnprfU0&sig=Cg0ArKJSzO0DVTWdAKEtEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.255.62.202 London, United Kingdom, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 3222 		0
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=285612
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rt5NBMmdkZ%2FDHN8tKibu%2Fduk7KpLn5s3wKV%2BJywnDRWWTmEh%2Ff4eT1sa86TDXJAUWGkezAig6T2e4huvxm8AAX7zHQKE70oIKcc1wcKQu8HoncofBLcfW%2B53JDcaMhRBcIlsQiveF6ffmDkOo1Qz7ZkFAA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bd88961374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT0m6AhdWTwgAckER
view
securepubads.g.doubleclick.net/pcs/ Frame 3222 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssis_xOcLjW9zViUllDvySSTQaFlL8DSDGaCbTrzBsIHDZOHaHdACLXsu_IKTlnSPBgdAOG895uMJOzooBngRWkPYMrUACd5FkovFXhM_H7saiL2QQzFOUP2c_Pxny9CisLY2i_G7_Ve1SaY3tdFhOszPbDg67e8tLR_Imdq466tlnnfAqywR7Eucup6WItJBMfoYigE82Bbu3sh7VWX8tYl1mavsrokQvqTPgXjocxelS8zvbmLHEnriFZwz01wCzLXPxrovAFU8GXwyqAz6u5cZmbFBOKvPIwBZ8Tk0MFoc5QWqkK5A-hUj-wZTLKDrHUe9K_Mg&sai=AMfl-YT0tgsU62YLexL8PqTJjEXr7Xoy8qVEMpqsMe-yHu3wi-XOYmup1kvP7DUV03vrpJdP6AVIqBf4L4xqjMYQ739OLhHqeNrthAiJfQiGQ--t2LyQ14q3obIW249wu6U&sig=Cg0ArKJSzPPKPglGg1VQEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame 3222 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b078a887633e489bea3993a5932c0b2d4d4041adcfb43a0d0465e1d38c456c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
76Xk1EXrkJUayJj49AvYDsIhCYSBN0.J
content-encoding
br
last-modified
Wed, 27 Apr 2022 16:53:20 GMT
server
AmazonS3
age
2
etag
W/"74ae308b1903b82a57cbe469cd6941bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Fri, 29 Apr 2022 09:35:12 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
82dwi0ava8fqcwjAgFfF-yhUSJRsyV9DJS0_PSsSCskgp2d9Wq3eXg==
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 8C97 		0
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=1009492
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZx%2BX9G89kD3Qmgbyn06zkzHExRrIrQJwSFTtmzPqMEK51f0b950COe%2FfShlKxh0LXwRsW3b3iOBNJPAnVzLeuRCaBLj3lO%2BgzTPX%2BH3w3%2FmDQgensZtIEkj5%2Bm48aRfx4iWt%2BMmg%2FDgxBBkZxF0pYK1tg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bd88966374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT0k4w8nlBckAY23B
view
securepubads.g.doubleclick.net/pcs/ Frame 8C97 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGlJWbvOntDTh96FEcv14I0DyVlh7E4dBnCtTYqDYgfZwmRVtc1O2ui4FiO5t1qTT5ZVsYybIoXd_fL_J5KOc-wmrpTjUaCLbPllxDV7_zyq8Mbror-rGxbHmh7D_NMiluIDcneLywouQtxBJLEPzMpibP-gAWtuk2hN92to6bzNJ5uXItQx14P3trIGBZ-4YnlvRcALODog9Oiz8wYp3W6dst9QFoFe4WG-OcqZgT4h9Xok3eKKu24kx3h_AKRJ2T6FuCrl6KDlRJBSAwh00yeWhc3t5rbF25pyzZCacOznf76uGWmEn4_pa_XhzfQA-X9WNQY6NdOQ&sai=AMfl-YS99JSxsItE0jfTta-HVlEgC2Bl2ObBGS1RMfNDFf8uW2TtTXfYsMAOSNUSMBbh3VFDt7NNPyhWOhdCDeIbhUaQYXia4GnqfITQnGQzqFMHliVj16HIx8SY6YXBF84&sig=Cg0ArKJSzOCGc00_k1pJEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
DH_u2aV3nGM
static.instiengage.com/content_images/unsplash/ Frame E7A4 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/content_images/unsplash/DH_u2aV3nGM
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4e00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c7ce6670a68db054c11d55db68f98c431c425940cfcb87458815b228eda06ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
OPD5IjEK_RQs5scpJJKmiu0DyVpB9MId
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 14:56:07 GMT
server
AmazonS3
age
915
etag
"6e646c23949f532df113863a4b07c56c"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=31536000,public
date
Fri, 29 Apr 2022 09:35:12 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2435707
x-amz-cf-id
MIa19FoR_YqWNUzdlpZsBL5Z1ZvsdruA4qJqm0twT5Nk0HW0m_96GA==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v17/ Frame E7A4 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v17/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 19:24:50 GMT
x-content-type-options
nosniff
age
137422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 19:24:50 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame E7A4 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin
https://www.staradvertiser.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
719880
cf-ray
70370bd8ae2be8eb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73852
x-amz-id-2
eMadl4c/O3qXzuDU3r+9hCZnNzepwx/YX+lspvxT7mes51R7BXCtcrXLiYBVsDMpPb5Xv9n2usA=
last-modified
Wed, 30 Jun 2021 15:43:51 GMT
server
cloudflare
etag
"fb493903265cad425ccdf8e04fc2de61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Zdh7ZQNlavKf5%2F%2BEZcWzkNmovobIqH%2B6COIUsnMQdrxc98zbnNSXfEHII2DmF8z1JvLLVLKWxySfoisopjQG5kNgzQoAC7%2B8EuDn1CBPPz8BAnYlCS7BcER7PTFmtfJRCmYTP2Zntj8oz9y9CRh1g9j"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
TNG0BD85XT18HG6Q
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
4a2a849c-6fdd-4690-9103-15845f8cb087
https://www.staradvertiser.com/ Frame B9D0 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/4a2a849c-6fdd-4690-9103-15845f8cb087
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
767a31da-eca6-4b35-94fd-28a232eac6ff
https://www.staradvertiser.com/ Frame 1E52 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/767a31da-eca6-4b35-94fd-28a232eac6ff
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 3108 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2373
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
xVghobFfRrFAKMYyS8GrDdqvcXaQPXCkoDygFxd5qxNr2z03LANoWQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3108 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bu2l_bSJlLr3jmia_H86fFAdqC9f5DFq_0SQd5sjuFtcs9F6BPN1Gv0ZLTS5RBlPKOlPCB1nTcMh8l_gMIeIzxfvHlJMpxlzOVH13LBltyTz4lpOo
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 3108 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3108 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 3108 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:53 GMT
l
www.google.com/ads/measurement/ Frame 3108 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUnbh0xx6eZNd67ykibN2guobegA6hCsiz0mRJiCpaaOXndCM3H10HxZgOznyJCTItYk3SIclAIrVLvpPGy4OEw6Q8KQ
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 3108 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31g1qap8u3&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsNTEzNjc4NS9zdGFyYWR2ZXJ0aXNlci5jb21fV2ViXzMwMHgyNTBfMSIsInkiOjMzMDcyMiwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC0xIn19&sb=undefined&cb=5865607&h=www.staradvertiser.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.114.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-114-98.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Apr 2022 09:35:13 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ Frame 01DB 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 07:55:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:12 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 01DB 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2373
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
gS1w86m24kW-2iTUMdl_NftNKQ_nGk-02uumPX7YpWUIpcdPbwn4Rw==
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 01DB 		2 KB
908 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:30:44 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 01DB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 01DB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 01DB 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 01DB 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:53 GMT
l
www.google.com/ads/measurement/ Frame 01DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcF-DNQXphM3rP9OSeTwegAHgrBYN33H16CJwhmKJdhnbY8vVAiuFnS9pkPgqQbRIm_iI1
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
3c09399fce195357915a25abcce0a496.js
www.gstatic.com/mysidia/ Frame 01DB 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 07:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12188
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 23:28:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 07:48:45 GMT
css
fonts.googleapis.com/ Frame 2FE2 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 07:43:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:12 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 2FE2 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2373
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
a6qHkx4IdbfZWZ9Mgb1weR1vAw3FsF-6oZT_4Lkb1ZL4MQwLFAFpxg==
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 2FE2 		2 KB
911 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:30:44 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 2FE2 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 2FE2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2FE2 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 2FE2 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:53 GMT
l
www.google.com/ads/measurement/ Frame 2FE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaThM7ZN4iVeYfEjkaVtyd_9p8hB5AIgOkFT8V2IDshOwan2g7YzSViYqPhbvHczaUOf3foc
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
3c09399fce195357915a25abcce0a496.js
www.gstatic.com/mysidia/ Frame 2FE2 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 07:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12188
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 23:28:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 07:48:45 GMT
06db7c16-1370-41a0-bd49-91248f8ceeb5
https://www.staradvertiser.com/ Frame 6A5D 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/06db7c16-1370-41a0-bd49-91248f8ceeb5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
6b86e8bf-6692-4ce5-8105-76c4e72001a9
https://www.staradvertiser.com/ Frame 5E3B 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/6b86e8bf-6692-4ce5-8105-76c4e72001a9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame AEBE 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2373
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
I-HI9yBTBZzo60iAyGyiCo5L12U3F2qy7FQ9qZJN_QcRI2iMAUT-cQ==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame AEBE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AEBE 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame AEBE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:53 GMT
l
www.google.com/ads/measurement/ Frame AEBE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfHql1XNSjg6A85r3R8exT7SkvHhb46HL4_4hnP8bHr4Ty5TR696qO1_ufhe-AYdyiWfsb
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AEBE 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Apr 2023 16:41:02 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame D162 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2373
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
lVEGLXEKmpXHweMciFPbId8zTI2WiYF4ET-EbWeaEO5CTmIj1oGV6Q==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame D162 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D162 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame D162 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:53 GMT
l
www.google.com/ads/measurement/ Frame D162 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoZK8ekdk0mG-olcyCIt4INDlSu05sdbj80iudqpLEdNk48ruNahrnsphC9yM3J1RjvjHN
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D162 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Apr 2023 16:41:02 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 1EEE 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2373
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
EngZ7dYUn3HO7rrP_l9PCPvjyO7fmvwBTe-kdCpuRsmr9Zm1CcPnUQ==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 1EEE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1EEE 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:13 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 1EEE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:53 GMT
l
www.google.com/ads/measurement/ Frame 1EEE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZOTcjLg_hLTwggAaUXsUb1STsdMncop-f0K27tT2d1T_v5Me8E4btDKwsUHC0I6l3pOMM
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1EEE 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Apr 2023 16:41:02 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 38C9 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2374
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
iLn49TH15HG86L62dB-UUdgVgdGJ1P0aCX9qgXcYoEu9MZgs91OALQ==
c01c069f-be1f-47a1-a1ee-81d80d0d5f3f
https://www.staradvertiser.com/ Frame 66E6 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/c01c069f-be1f-47a1-a1ee-81d80d0d5f3f
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
0645b265-a518-4117-80e7-8b8afda2be0d
https://www.staradvertiser.com/ Frame CDE3 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/0645b265-a518-4117-80e7-8b8afda2be0d
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
c95368b7-1a8f-4ede-a6b6-40a98b406881
https://www.staradvertiser.com/ Frame 3222 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/c95368b7-1a8f-4ede-a6b6-40a98b406881
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
f68f6a74-0b99-4887-84f2-835ac0ee2528
https://www.staradvertiser.com/ Frame 8C97 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/f68f6a74-0b99-4887-84f2-835ac0ee2528
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 87C2 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2374
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
lb6qyc_wuVNsx2Wbx7Bx-KbfJXaVGwva9PUJ_3AzGjp3CfDGinaESw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 87C2 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BMeu4JUyUdntYHq4H7zG16MUIZrq1-5fbSuUdZN5YdRuTpTFKNOVSDNaILAmBNCQAE716e3vV_yNHbRJr2aH_D8Onk8eaBkBPhyrRIk_yFR5g2YM8
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 87C2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 87C2 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:13 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 87C2 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:53 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 37C0 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2374
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
EGPgmebivBep2XxmKirXsY7eYp9Iwrkw6lSxBgctI1jaBu73hU7e-A==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37C0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bw6RFqphrF-vQf70gsUUVs4sXQW3T1qCcB5ZTLMHS-BO1TcQ_Y67rp0toatR2_Vu6toywRrPiwtxXAwf7S3OfTmKOGfLNFWxKN9i4m8nmcNBHWVEo
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 37C0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37C0 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:13 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 37C0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B9D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPyTHotoxydBVMHEP6rFAT7GhMT6x3une1U2xv-jxm5h67VCnxI1d9-29AbDGkTmGIvorEyPg-zKMdgR1dPZC5RWNAknYlXkAXiQd0OBXt1pVoYhJRnWnisZubk4LyKnjSJTb856wNNdEPQ11b7A_FoK3KKzJREiKaSvm4xogGUnzQ88F64wUVx0ypQRSZrgfTN4dc7POmZgMrBRmPXSrkf7y73VYbjpNCFnlSinEQiYz-xS2ggIGYf1f26_9YnmBXU9tmmqtqhznT64d2Nv3hlHbQ4eH9mBWdX22HlMeTw-a9npmiZ8SptTrXrZSSx4Q4kIFoF-cw4cfCDRtkL6sJS60OUw&sig=Cg0ArKJSzD2OnBTwTtXyEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 29 Apr 2022 09:35:13 GMT
truncated
/ Frame B9D0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f9d20bbbb11313d4609c06d5daa676809a24993966c02292d92c327576410ec

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1E52 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da4caa8b2aea08a79f746dbe84f3d8929e762f6c4f4bd0b2cc326e6b7478c76f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1E52 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE8CqR30PF7attjGDoTJUHqI-PPXcK9mEncp_5ZKGmK8EUsFM0ZlENl5ehsj14eGCHFuJfZKdxPXc9LgHxzUCBpwrPCnJ-Lth3BgmDeBJAOCcrE4_1uCOTEpGMXoB4j5ufdAQajiUQDnojozwWZQQqtUkOBsRm_QxzvqrxhMO2YTCy-zSDaccdB4GdKtjo3zk_EyvPPwj1rz4y2oirU4dsT-f0Gxh8KpRn4o7F6oAWyZljAw6KG7QmZ4DFYq1ncUysnJazbmpYL7OJ2Ifnf20o5XzGfv7rVtYcmt6e3louN_PAaIbodA-7d04-tGcdg4kZLk5olYvBVZQjqmWesO5YaluA&sai=AMfl-YRSrdMjblvFUeGqytBmIDQxmtLuwsUc7AkxFYzw6gcgk_koVSO_IlYC4fMPnWVpMcwDvPgw4A1mCfHu3aGh6LGN7DOxFD7RddK8R_CxQg3mVivqqFGnI8W4QXcPp0k&sig=Cg0ArKJSzIXXEX0qRTj7EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 29 Apr 2022 09:35:13 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 8BF1 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 08:20:05 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
age
4508
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Y8eMUd4ivkk6rWs75RYDTIXCsEAE1yZco7JZp23W-wbYGp9B_3nztA==
bid
c.amazon-adsystem.com/e/dtb/ Frame 8BF1 		23 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=dye0Oebk0MJsB&cb=0&ws=728x90&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%2267473%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&cfgv=1&schain=1.0%2C1!firstimpression.io%2C7470%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:13 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
4K804G6NEN2YAPSMADDV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
JJ6c91a3w0s1DrzrYVnVkfCpTQPubNnAoFvaWxAKoJ6n7jFfYlaJVw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8BF1 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6A5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8xBlsvRDed_pXQLu1d23cRD5i8IZyhVnWfD2t0icK3GjrNy3p1j52EesjLe3hKbTh8yOJiIhYssmLFSqhMSAw4IxrxxQP_gCLa9dLM4__F0PugiXdx4dv34BqsTtKeNPx1IExwr4jJRnFLOMnAV4yoMJ4Xj4jgScCh4TiZj05ORhX0lmGqGBs0sxhEeYD-Ld7AogyC1DoHtsan0UcsMJqcTXN-mGpm8kvPKnMIUsvK1uF2mXkpAZjXCBhOggBZy3GAmK6Tch37PV8Heb0HAOkTRMQrRNKdCgy3lDqOG8Tb2N0MmKNOs0a2_HpoloIg9CNuLI&sai=AMfl-YQ8j7n6m-TpylU93LBE7Jpi-y6gn6ezbIorCE40HO2e9wJ5Mf4cErJveGZRRBaU1MetPLevkIpZFS6ZYwGQZHWB_sDx1YsvIu_UaryVHBa0OAB-VK4_8Am67yyEYHw&sig=Cg0ArKJSzJ6vFHwWqkoHEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 29 Apr 2022 09:35:13 GMT
truncated
/ Frame 6A5D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afe919bed467e2c393a9be950f96f68cd989e9b138749084e5e7ec8dfd6d69a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E3B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4698b4a96bb1168e1aaa19bb26977135bfc517e2a03bc96ed7a198814238e9a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
post
tag.escalated.io/ 		31 B
464 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/post
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
a2289d15e4b9364f534f7843fd9df373fcc3c9a41dbf5706e5603e4a096a6caf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 29 Apr 2022 09:35:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
close
Access-Control-Allow-Headers
content-type
Content-Length
51
X-XSS-Protection
1; mode=block
truncated
/ Frame CDE3 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3623590c6cb327d573341fcd7bd11893ac0ea6a62ceebccef73fac7ec7738f19

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 66E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuX4KJaF5ActsRhxZ8t53J2yiDBOmLKxmcWrMnyWetVP5a72J0EM2_pmhhq0HsDbIGLNg5rLRSF2MqIBkisZSwiO48bmR1ma_5A0CL0D-YMhZPPp26VWeET2uVJyhOcl28LKiSD2CBRvDZwuaFPx_UXBiLwzs-51lGKWJDsgvw0kJuiED93uZXs_X0S-Ag-W92_kr3BxVdSyVnpFdrW_Jxswl5iuP6luf2xQdHXKjtttGEltS7dsGi42VoP41rxCvIyf5wlaE0XfgbA0TYvq8hAIDz5zso5RBy2Dn24eMweMKT2ttvoKFb6U2SZHZwwsBOEleV6PKCDTQ&sai=AMfl-YSpk9iLThI_kYnsku0A93QlhNDbsEqZyuALMLUcb3GmJeJEQywVjXA8QCI-snRnSdNFz6KSHVhcut0lRsXJ6u0T5GAiLwry_vrmjJ5CsrG4TXbdyYf8ApVT9gMIYLE&sig=Cg0ArKJSzH-_DsJIr3KJEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 29 Apr 2022 09:35:13 GMT
truncated
/ Frame 66E6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15e25cd0ae9b52d5a1d1df19dc9e3ad6e5bbce6814716976968c55054e035c6f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3222 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5790c964015d7b569677083d7d72c6b94473b6f6d191ac09c0d8367c7f706867

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8C97 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCb6t3SCKyLd2ee-d4uhPxAUG19ryQQ6HPVOU2CCFQSvqtTwIslvibkaurkzgNqD6wTu69AmhVbLm77dWRMXJ3dKwUm8RxSJhoCeY6cBTrD2xJHfcOQaul72X9dp_sTAY1xzWr_t61Lk1Bx-n9QUgk2m0b52yUqGXT5JWXzBGk-iPLW90di_jdrmU5BZhRF7zXofGF5H_pDcNILNVzmSzF5HKRWUZ3X3LiyKFKYDg9gfodapB4RLRc4rLhthAQgM6hajrJMXzWOsPREJwIlr-8VrswcxSE25hGm22hJzERkbEQdeuORqmS9LyXA0xMDgqK4Q-lzl4_yC83&sai=AMfl-YT4P7Ge5k-Fii-Xa1U-mnZSnahe17ej0PGaU_USLgt4dyKX1cf92WJs-uoLvhiOOWdlmvO11BAuY1pP12v5lTtVce52cBMYxyHflTIvFSBpVCx4UxSQIlaMvocTjQY&sig=Cg0ArKJSzB1LfO_xVQb_EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 29 Apr 2022 09:35:13 GMT
truncated
/ Frame 8C97 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b9afa35ed543cc9634428b704769e417125e768c2f699389f514a3287c02104

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.113.js
static.criteo.net/js/ld/ Frame 8BF1 		0
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=1497013893.1651224909&jid=734970911&_u=KEFAAEABAAAAAC~&z=1799436327
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=1497013893.1651224909&jid=734970911&_u=KEFAAEABAAAAAC~&z=1799436327
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 3108 		0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=770010
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BSLLJqWgoJuc7ECOpLokk6cPOsQWNjZzdNoX%2B4lYc1tkJUNGNTxVwd%2Fuxkb4EndiLmq%2FgMBl7PzpRLpcxHdDedQO3h4S9jqUKEn199sM%2B1Oy0ulmPnvgs5ZIZfEFL%2BZ3mbr1zZY0ZuJ5lvSYq0Pv1N3Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bdf2f0a374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT4Hx5DcitxwB76KR
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 01DB 		0
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=109572
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xD2py5Av032lX0Wi96NIB%2B4yM1Vy%2BGz59VxwPugz9E8ey38BpnJOheHrFwYnff7LGBpHkhOb%2FdolQVu5kmb%2BnMqyLb34zDZQKKfrzefHOfIMAyIkvZ%2FzHjHtmC3gIWRSZd6gUB2KEXc767QrAOktm%2FZ79Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bdf6f99374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT4VZuXr0xBwADNKR
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 2FE2 		0
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=1010174
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjZ%2FYm2Ad6qK4ri0MmIJqwbG3QUX1SIk%2BC52PeSyRYZNiJJwkouF%2FcVQ94qDl2oCNX4UuoXdAMhvYb4KC%2B1246GRCQB6NNvah1vXkKYH59twC%2B8V%2Bi%2BOQUlqbHqodnwScDgNrLK5wPr7i9B3cjD8%2BbadjA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370be08a78374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT49NjuIut14ANuzC
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame AEBE 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=455449
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6qI55tynl822TxIJLTnKusz4gL7O%2B2hbPCRHntJq8cPYGweM2ATaAT%2FcX%2F%2Fm4kczfgl4Xmkc2%2Fd9haUNo0VcuW1fuKomISeW6s0pVrFeP1l9QPIqkabFIoEqd%2FYfGQG1HdeBAIHL3YPXRLNohhhUNeScQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370be13c23374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT5XL33hT4iQAE5yh
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame D162 		0
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=956842
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wN1z%2BIkRyt0MdhaaNpqmYD2S5wJ%2Bm6fmWfDrSS3GLC391gyADgbx9vjoVd3VbptAtPqIG3%2BaUPnRZvp4sdF17o8zQIsuBdGJTEhX7ZdgPy1EPx%2B0NdKELwyL0HKd4EscocvkwIo2xXSqi4o1vQ8obuMnYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370be17cb6374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT5hnPTJKZSIAbO6R
58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ Frame 5E3B 		134 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e2b9fc79630f4a0887f5bb50562844cef96bd421455a15f15bd40dacc967b75

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
c0qlFBbhXKpZGMBahavcGkHzI4brbVVO
content-encoding
br
last-modified
Thu, 28 Apr 2022 19:13:36 GMT
server
AmazonS3
age
20
etag
W/"00b9f81afffaa3af0d6f644d2a9e8a0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Fri, 29 Apr 2022 09:35:09 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
auPWPbkKjqCZqO3Iycnu0NEGcNU6GU9JL949PtMnaURpdBOJf-R0lQ==
index.html
auth.instiengage.com/auth/ Frame 7EBC 		73 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
176
content-length
73
content-type
text/html
date
Fri, 29 Apr 2022 09:32:18 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
server
AmazonS3
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
x-amz-cf-id
r17riCOu8A0NZReUfM-5UUPgfjL9j2_h7gAVCXWmGWtQtpc_J6uBEQ==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
x-cache
Hit from cloudfront
view
securepubads.g.doubleclick.net/pcs/ Frame CDE3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsts4gxqPmX0sMCpXP_rChryrleS0pDUr-dPCWL4d_-FfvnPXmKjhreteAQMwvphtlXbi5DVQIxymKvezYq_6TfBylMtVzLdy9P2g-wPinR4AMKcxC5P4sqYi7_LEgsJzDEtllDT5W_TWv_nEOOqqY0tpKNTHqmXvPZd6DP49ZlKMbyyuKkPomVKrTmnZWEfQbVU_dlTSc8HUovn7NozVnehfHJhBLx4AYbb88WQ4hQ8PJEKWtlnNcTcJxzv3oIKV5EkaYDyWWLNm3LgpfKNv81Y2YPM8BQ6_pflGkaR1kmWm1TTE7S6KrQHdGuRbqP8wW5PwJGnexkj&sai=AMfl-YRDCnYB5lHbddq2NHP3zkeY_Tjv405J6QDOSkXY4972xuMKhRPWVI96FMeejO-yeDcfhTwBqTpeKNqGJMPNdJ91hPHKWtXZ1SwC2lia1Mtg5iK_Pz5gQ7omuN9tNuM&sig=Cg0ArKJSzPHhmJsbPj6MEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 29 Apr 2022 09:35:13 GMT
58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ Frame 3222 		134 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e2b9fc79630f4a0887f5bb50562844cef96bd421455a15f15bd40dacc967b75

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
c0qlFBbhXKpZGMBahavcGkHzI4brbVVO
content-encoding
br
last-modified
Thu, 28 Apr 2022 19:13:36 GMT
server
AmazonS3
age
20
etag
W/"00b9f81afffaa3af0d6f644d2a9e8a0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Fri, 29 Apr 2022 09:35:09 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
hu1a59A_7Yo7DfILeApPhINfWzvPazW-6uDLY_4E14vqgKkXExpnBg==
index.html
auth.instiengage.com/auth/ Frame 48CE 		73 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
176
content-length
73
content-type
text/html
date
Fri, 29 Apr 2022 09:32:18 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
server
AmazonS3
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
x-amz-cf-id
BqHA0ef0A29JPUBeN3R6x5AAABTwOfxrVIumdyHXjAZ2Gbve6_crWA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
x-cache
Hit from cloudfront
event
event.instiengage.com/v1/ Frame E7A4 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-load-v2
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 29 Apr 2022 09:35:13 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-load-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Fri, 29 Apr 2022 09:35:13 GMT
vary
Origin
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 1EEE 		0
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=676199
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNXZ7aLxipo3GTbS8OjIwZ6tr6msYCQB0hzibRj1qKuY4XriArUn03rNjR6zf6wpstkvhRhgaHcWBlEpsWdZ6t4XR61EK6mdLRwQ1aiuzxzWqVMDtr%2FKN6EBSIsA%2Bk%2B7vYzrHsj6Pxq1AgvDTEr5IyBhaw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370be1ed90374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT5xErkxnA0wAVyqh
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 38C9 		0
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=263569
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZUIxEHiXMi8FX9FXovO6bDO8Y40ijvlnr1p8IJLloygvoiU07tYEu7lF%2BK55rOtyyqiNAyKn3n1vg%2BLmcMXgbzOF9JBtm6h0rLBVVT%2FN2Jnm2hGLQcn6QrUPeofp4IUwmN00qQkfrOyEAxwGAjPMaXgiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370bde7d64374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT3u-me_zTiAADNIx
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 87C2 		0
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=517323
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVlSlvQFo%2FQAQYdsBL41lMDKZCEkvUWE8PT3kOjLYQqoh6lrNziz6K2rFFlD36CWLthccFWPRMcLF5EG4Oakfno1UDpFIOoTuRuQwy1pMGiQHLaqtjsmkc8ltGu4PYyZcRj58sKo3AWqlXLPQN0P%2BtY9mA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370be2af42374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT6OcmyrwCMQA_6IS
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 37C0 		0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=866417
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HaumWaF7C%2FRgAbuGp7imwWV9jbA1m8%2BNBzPspv6PULujMz0QoDeyRlXRbWWpLRtLpIDVWpQOdyaPTYRgH%2FIUrsyUgRaVHCwNi9gsWb0H%2BSCv0%2BRB83K%2Bi0tlduVeBaBnWSw8R9fDwxvZplimr%2BE67R2xw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370be2efae374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUT6XBo6he274AY3Qh
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160074
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160074&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDk5MkQxRTgtMkM3Ni00NjIxLUIyRDMtMUNBMUZFN0FCMTYw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 29 Apr 2022 01:25:54 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:342
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
5bce6239-f981-4b6e-a1ab-7bc1655df8a8
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/ Frame 3108 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/5bce6239-f981-4b6e-a1ab-7bc1655df8a8
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6510 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEMDLzegCGODkscQBMAE&v=APEucNUkFK6K7dLzC7L_5tjcM0ZOwJtIKMyxQVl2AkivBRDOd6ghWudRFqsd_Xof3elu8cV_0C_s6ZDAWt4k1yG5FWmsmhKv0RiqgjmMcIf9GNkyWAmNHjNbHUWmkfLhkM6tgdrhCpprkSBpIhhIEq9QI4S0JO2-1duykfmzmg6AIHVqrRyptuc
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:13 GMT
expires
Fri, 29 Apr 2022 09:35:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3108 		57 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-NH_Hb7jfVcuPGuUlBcBhKdR9B2mkZGNMyVnnzHM0w1trDRBJLDwByA3FTyULxPA2djSbtdu-V8HjGqbuQuhD82La8Q&cry=1&dbm_d=AKAmf-AV0hpkJUecEa8vADD-SPALvotp-5VyEpw8lV6b743tCX-JTi3xq9umZ3FKh-ri0cUz80m9v7rTvCRufOQJ_49Jz3WfDRNFVl4ogqGf5JwBP5BKAraV-UZ7z36FtedC_Dp_Yvpeome-sX_J5fsAh24ajASMxNPWN7pN5nk9-8zSMcVaX0_Wj8xBq6esLDXXa8PNVqArHAFpuGH2MCccjAMY7MHZU4xyBYPzVgdoPpguwj0Cjl6VLG1KFAACdCq7oRcGN9mFOMFMfv_ahWq_d18aiIrgcecb8eB_7Tv9sAxaY5iX9SnEQtm8AI6xahjiyN6su2p7RX5jmzbn3TjoL4tjoOwQUTGekTXJTiiu8yQQka63UXAwFLDqTpVhxfNkOGbkHfHQcZFHOEh6jUfn3q24KBVOJaYHUKYchJRuFvjn1gEpvLZ1MABJyLK8q4cw5qUupIViOExNrq9pTXVVoq0CVfOigFvnFdLK2alfCBSKus_7b_62EzotN5PE0ZXYUmRpaU35gR20XM6PARc1BI7D-s95o_DXeZla6v4VYhUsIFnS-GMwaT-Wc4leZY1UbRqCQ-PH9nF4F0jQJ96VmEogjxdmaoigPbE7Q3FoUfK6hNUcgU54cZDvPbZrg0Ixxu0-aLfWVaU2g5CuDtGiUlphgy1nHqog5ZW5dKD8lgNHAIfNnmTbu-0rHCwzvvPDCRUPwnAnC25A1bl0iSMAzdYBPJQrDnFGI-utVlMqPVXH3ISxmfMf9zYpRNElESdysGoPXDcnaJO9HZbFx-HpZGftMhMEkdXGrXWMCjwgH7AmL5e07u02obahZxvZR4iol_mcElMAVlCuBY5AH5SbjlJ0qdGKILForME7B0KQajzVExHpXWa8iB30KeN1_FylD9iTCjea5-dSxSOfAV17CdrY-2EETwGLACm1mEROqu6FIBEDxWd5ryLaS-jo7cx1sTUH4_7BFG0u2htH2z4fWn7UJcmCSdtGPqeBArEkbkeicRRC_TAkbYrCaPSOB_-KI_i7PkKO9tg1WRPZUAYq8DmXNsLoYaewAI0Em1U5K-EMSsZ_a0dSvMRisqOiWrdSotYHBVhy13VDDDGptSlCzOZjzLvKKZ9Q9Mu5FUOTzxq_YRTqkfJPoCoHcIYkXmPo-vGyo4MyHnvsizDSzbjhtdGEEpNsurcLUBudDnYQkoGpBx22AqOfEkSAjpq8QSIkb7pQpY0Jt_YX8yp__U0KTOhkJqd9GNMJOdXvjiOWmamAzmBhh0gdniwDV-7PvuPPf5PejNhG_3Rif-2DCwjE5BqHIUgB3qN0RGdR0iUZjS1rLT3isaTfHJXzkZC3_pxOOJKit0wAtBYcnyttIupOVnJiwbTszNg7uhIS5rMzimxZ5wVY3w9-d1DFO_4pJv1inzVfrd0KXR3DhmH5IOQT6b6n1moiJFeloJN0xWlCZIP5gZsSLKGtBCcTR_s0ERbIToWltX21RVI19drhAFVqo43ieSLsEiNqUEsTghSZ232OIvChzz5uP5aKbPjMi6ilXIOqm0b1kkLhlheoqBuW7jSpabgmVFJ6N6KGoH7OLCTvvsUVAABaSK7gQlPN9OaasZuLgGKZI797SUeGLMfn6KVRiKe0LSWIexsqAYeoDJh0eG0KMdA34NR77ihp3L5sN1i3yYWgXZi9uwEveRLyxlXlMssGUrkdoqH1hUdwySUJfslLTdmd9VHuvi70_e8B8tnKkfLCaY8uPEN8SvUQDzs3vO-fFgqa8XCx_al2_eyP6R7Gr2jtCEMuL9a3rAerY4q8X9zmAE1-htNj62SSAgJmLV8Dc672yere1oPy6jKENbSl8EUTqNCmCW0kvD3QgQUA1-avOlt_42s2uSqHV1xpjtWTEizQPF4XmlmdySsdVmCmwZ0XbHFs4NuDb7AURzuHLGEmdoJaCyrLtNcygaT97U4e8QYrwkrNkwnxzOMqoD8eEzXaWO1vwawNNbGxB_eE3P3K4YSQn14IQxTKkAWJT2J14X5ifVHS8ZVvnu_f9aPFWaqYomqfaxum3N1R4sd-9lQjRcv6VAbIeNpUQR7NEhhA_cdKIp4OiOGjRZikOi8wlFJX2efACRfrFJxVbxGRdWe-Tt8DDxciPV-BlNBzGWOHOydPwKzkB98SDazBumMw7tDD8Orcw79rpn3JJp-AeiSQlEV9ABdWcV3vA_6ERYN3HR6DR-kvtq85xKmp3FveN8lVjqgjickinvUenz-KWm5vTqCp4MVwJc05Eaqzl_xSK8YM9qKzA4-2hyTTIOXEGeYAeW6ymW2mvGZRr8CQwPVyB908QyUISVHpPtX7GjjW7VQ0SFBWruIqKAJCiGKN94tRO-grnV_TtNnFeGrklSQgKYe6xemOMebPq0mJyup4EQ_smgI4_aOn2j279mU7AarlncR5fdEhJ5QIFg1oFPfMh_lXjxdGHAbrmx_1UGaXeKJibnXHxO7pGAXLBPJjuPSvYWxagXXntc3wwoBwT443ui4i81Q1YdB9g5W6GRHz-nJ-XAiiyDgwGIKAaraIVquG7mtAqmHyKIp7M3wGqt7PmkqdYEQZrDYGBcCgxUhGt9g1R9xQDyI83Tx5u64if9JO6_L3EUbIUFHwOo-Ivi-381rquV4RgRREpQ3Ibi7zJwFLvS1yTiW6MyyLYIyVE5SooeCDmd3HiFwD6Kc43PA_W_WA3pLfe53pZXDXWXb9Vaa3zjNt1oB2rvNq9tLH0uLUePcL5BKMlaRuSxVsjtLaaLuXc3IGtWtvl4hxxbXbARsYPetv5EH4_xp5tLViSc2u_yZbFw4yonJl10TP1qlKEdKPF38QTWJyrCqdJsmaY6BlPUuYhtrIVd3ihNrnTeFeTBAmRZw3MKWWnd2fCEpNF5ecqY4XjoB6C0uqnoWEf_64dAxVJS7uICGrg5YA-ofusSbqg2VUbUVUjYprT9f9Jil3EGW5UVTmPSFM2diMA2Ov5AurnswozAWCkuqxueMd2MwgItrgPNE7YTG9AgTrH8zy1FySUXE0afWDWXTImv21g6cCrRRZhLvUeor5ZCO6c3eYUPLFoiW-1j_8R7a0RPR5YSO4EUXbBU44V7-8FiSDCDflBJ2V3BcDXpW0YFIeTYjzXvej3eL6IscMhfcxy1YCcEHma3F_JGc58oMiOTwq5eDfi1N9-LXK1mHqtiE&cid=CAASJeRoaAwZcCwgIMrB9_s0GMnBkARskRn7fhD7Tnn4xLu2-yC9xaM&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4b01553d1ae1d88e824bfecb2048b0bc81e333cbcf191c98498c9d82bb83a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27677
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
39981a27-8606-49f2-b246-f340111ff0f3
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/ Frame 01DB 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/39981a27-8606-49f2-b246-f340111ff0f3
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame 01DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSBe8TrFrYtHMIdP67_UPo8y_gAXh4OHqafnV7uTrD4OmstHrARABILmOkB9gu4aAgNAKoAGr68jFA8gBCakCorsHpF_4tD7gAgCoAwHIA8sEqgSTAk_QSP2Hrw-9_sM74CkkHgQsMrP49XaIBRgAu5iYJXTFb23D-ZnpLELCqtl--r9SQtyOSijTzA7TLzAcQOthPyp6C3ko_i9A5i5EA2nU9W5_kBd9pBWEln-8ORCltnmIPmqrLnZUFubVzT8IgP5i83gP4FyaXtR82Qb4vMO72g7q1zKBw4LbV8gwp21gIJuvcsLlVrbGWeXpjgYUog6Ponx6NAHsbrg7oFZtwpXuHrRFbHXoSbkjTGIrtJ1OdQSm8ZHIsJWsQ-mThkVpfvNqXbSG0zmKcghloIc9UvNDc-Gjqovyq5Yr4QmUZPELcXAYJp5W6tH46V93axdBa-2cJ2WnmQK55Win_4E3nu2ZIhpiDZ7MwASt8O6S7gPgBAGSBQQIBBgBkgUECAUYBKAGLoAHguuzMKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMehBdIICQiI4YBwEAEYHYAKA8gLAZgM4aquqYMEuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi0zMjM4NTU1MjE4NTg4NDM5GLGzDA&sigh=IPsNGPBLjOA&uach_m=[UACH]&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE&template_id=515
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
7651774895797135129
tpc.googlesyndication.com/simgad/ Frame 01DB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7651774895797135129?w=100&h=100
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5481a6df70d9dbaf53b9b031ca30febb0ad0e1526a44b9b838ff9ebbf3352fd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 23:22:26 GMT
x-content-type-options
nosniff
age
123167
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3035
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 10:04:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Apr 2023 23:22:26 GMT
truncated
/ Frame 01DB 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 01DB 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
e7730d13-a0f0-421d-97d4-8c2f82580b1f
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/ Frame 2FE2 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/e7730d13-a0f0-421d-97d4-8c2f82580b1f
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame 2FE2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDCktTrFrYtPMIdP67_UPo8y_gAXh4OHqafnV7uTrD4OmstHrARABILmOkB9gu4aAgNAKoAGr68jFA8gBCakCorsHpF_4tD7gAgCoAwHIA8sEqgSWAk_QnKS3JyoyAturOFS86-eO7zDmZ22vOPiLyOMAmXKOUfiiYs4FWzshbTtjH_KSICfS89DH8VdSMHGW-TlSay5qJmv6cciY4CxEuhIo6kz1aVf9W_SkKy2EdeqM5mmU1H2HdApndAIHIiBsVmsfVdVZY8Gx1MCNBsVL5DH3xNjRcnBWQdS8uym3IhslMJZwM0i-UA2hv5hv_vIq49RujlFoJnuK6svwMWizZ_HMAWFpG2A5-h9OUoWA2GiViMJncOMAYcrfHRlCf9FFME22zkZaKt_6Ol2EMrxcTmGax5xB9e5SbZFbPS8HZKXS7NzBfTvC2Mdmupe8c0iSHoRuZF5_oT-aGgpToEJkPfVKbiH7Z0fSKh1iwASt8O6S7gPgBAGgBi6AB4LrszCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDd9QXSCAkIiOGAcBABGB2ACgPICwGYDOGqrqmDBLgTgwTYEw7QFQGAFwGyFx4KHAgAEhRwdWItMzIzODU1NTIxODU4ODQzORixsww&sigh=HpgqbdkwPhM&uach_m=[UACH]&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE&template_id=515
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
gpt.js
www.googletagservices.com/tag/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
2dc47a73f81502d1fa622236090b445485f3a153e20e3f358af11932c3bbcd62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28748
x-xss-protection
0
server
sffe
etag
"1199 / 887 of 1000 / last-modified: 1651183562"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Apr 2022 09:35:14 GMT
7651774895797135129
tpc.googlesyndication.com/simgad/ Frame 2FE2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7651774895797135129?w=100&h=100
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5481a6df70d9dbaf53b9b031ca30febb0ad0e1526a44b9b838ff9ebbf3352fd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 23:22:26 GMT
x-content-type-options
nosniff
age
123168
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3035
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 10:04:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Apr 2023 23:22:26 GMT
truncated
/ Frame 2FE2 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2FE2 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
0b235ad3-1175-4922-be42-668ec52bdb8f
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/ Frame AEBE 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/0b235ad3-1175-4922-be42-668ec52bdb8f
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame AEBE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8A82TrFrYtbMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIcCT9D77uA2nkm8JiJ7am-OqWbe7YOdFPepYsFPqM2bM-JBpLZpJ799C7ZN5LNPsP6GIVMcjZ7ydrSc3p5PNyKPwm2hSzug-n1ewiM1Xv23mB-s0kxboLQAfnfD_zpnzFEV_luK4UagwI8bZ7x-X2dniXbGCtpWXJ6w3fTXXHraNtzKXvPdULMx8zceEACjDIXrgIYY9dNwLbSUaX1njE2xvZjgm48Np7lNOyYT6kgl60-V3RmMz8u8ZJKWWZHeQZRdE1tLwdRES10-YpxHCParq72K-XpXAhtUCwtYFtFm-tFbG5MoGLvUVlZotyHOD1DmKbDQ8ui7feIgGMobjl3JN7yTcO-p4qbgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMyMzg1NTUyMTg1ODg0MzkYsbMM&sigh=ria4oR3hNeU&uach_m=[UACH]&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame AEBE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k7usEoo12AVah_pXGAIAAADPvLLazY0yMLNhggnRORSoEE2xa2LuANuBhqFgocpROQASAAA&wp=YmuxTgAIZlYIu_1TAA_mI_Fu2FqZZLwwtzlDXA
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
server
Kestrel
server-processing-duration-in-ticks
214412
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame D063 		42 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlYIu_1TAA_mI_Fu2FqZZLwwtzlDXA&u=%7CzTp3kVNQobA7KSPq5JJ0BNpvENGD5z%2BzvSpEconUcIg%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdk6CJzhjh6Fnec1oKLdeDn3nEXPbRtT1xc9UdPgszQ9h2REdlZQ3Itm62cG7dhjthD3at5zAUtw1upsCRYKAnhpUkmb_HqYnTKsI5Be1Ei2a3S3Mzh2Ovy5Wf9Z7yv4UaEJWLP-cM29TVDFlRD2xNeYdIwql2CkkeWkaAFKenXzbLEV7bSBi_2_zNUloOk2cpAos3H3NGg6XW3U9IeoAq1_eAt0a8sBYc6GkZJHvUMg2x9K536smOkNkb1GFloUIX4TO6mj65rh17FnOV6BzBhYLH5nDkN5Dg5p9moeGxWDN_EFhHQyeRQ3eCfyarK0wk7NItlbSDzPuhsejIyh3iwKUWJlqISW5YyYILjek6QVOzLdS_Cer5I6NHRSVfwjo5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp3suTrFrYtbMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9D77uA2nkm8JiJ7am-OqWbe7YOdFPepYsFPqM2bM-JBpLZpJ799C7ZN5LNPsP6GIVMcjZ7ydrSc3p5PNyKPwm2hSzug-n1ewiM1Xv23mB-s0kxboLQAfnfD_zpnzFEV_luK4UagwI8bZ7x-X2dniXbGCtpWXJ6w3fTXXHraNtzKXvPdULMx8zceEACjDIXrgIYY9dNwLbSUaX1njE2xvZjgm48Np7lNOyYT6kgl60-V3RmMz8u8ZJKWWZHeQZRdE1tLwdRES10-YpxHCParq72K-XpXAhtUCwtYFtFm-tFbWZEJimh2pFP7RS5WjDR6grPE-FSxU_r7llF_Evx2KZCLoWhD5zWo8QjgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QAoEBFiwHTwTw3Njis6IhGyY9lw%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5c01c7ea41386c8affcc3cc181df5ecfe9f2b06b81833af635b9aa25388ca633
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:13 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=uAGUpCCe63pgJS8mTFgcf1rbmnFaZoLtvicwa73KERerQnW6TlS9amH9V8tcMZ2f7OGiJfmwHqzYjn1KNmRFIcAWmNIdHTieaw09CKuM6uC7YvCZBkEs_dtKV8Y3ejv9bU6zV9lvbMJiUXN3xt4d-PCBgGSDUWVYx-S2JCvs030VRQKaM2wffcaaREndTmLkSqwzWjtRxFna8R_RL-50zZDxJeE42tr2IFiMm-5cBxf0o8EuoVFwqtxarPwW_avzXlOtD6wo6y1KU6Cb"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
17530941
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
3233c4bd-98f0-46e8-9891-f8a02939e94d
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/ Frame D162 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/3233c4bd-98f0-46e8-9891-f8a02939e94d
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame D162 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTVaoTrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIcCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv6rewqHV-_C6VXTWk06jwgqb9rQH6-izjVOslp0LwK2y4EiSI-9DngBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMyMzg1NTUyMTg1ODg0MzkYsbMM&sigh=n0EB4ta3v8I&uach_m=[UACH]&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame D162 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k7usEoo12AVah_pXGAIAAADPvLLazY0yMLNhggnRORSoEE6xa2IGzGwAcQZeAV8jpgASAAA&wp=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:13 GMT
server
Kestrel
server-processing-duration-in-ticks
272565
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1429 		47 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww&u=%7CzTp3kVNQobBeWaVJs7DeNUC6NI0BQ0R5ZFeuKtp5Rnw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdmjbN-pVanZKpeyPCW9n_GeNVO1CFH1rDBmh2JqM1spQT5uTde_7LxAQAaYWgJ_M7GY-UvH_dN0RPnTjcmM_nYfNCNd9DHiP3pAUInCaNwOrfxUMfdox3EoF63tiEpMEGviXZdgBsMdQmi3CnoDrNaPdGCc_4v3xMLuEkFWGjZanjGi1ktqIcz7GrXIz92fLb3N5OxAthUp_l42DM2JeobfQbfVN8n7p14u7N4O-u4pw_1pJOtWYItcmEO44SMJC1rM7CKPLJ-ENOEBqq3ecFFDNwmS6eyJI8WBk-ay59AWOHyKbPQliAW_O3gZTee2NlKaMp9K8al92UCBpjBzLQnkPbH9F6RI5EunTymXXQjuHr4Cq_kXRqtLA_Ia2xoykXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHOQ_TrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv67-4Lj4wd-aDEv2asaVi8Arx_SsK0pSAOtFINTB21xQIcWKXU8arW7fDgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Lc_rIBiAirvBeievzCHp7qCxMkg%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
367e8ed7b3d5076def16d1863cc2b16a1ff3ce579e3e5644132ed5bada59db6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:14 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=eK-rkCCe63pgJS8m4IJag35X8gHL_pLtTYORLtOJaCXq3wNdcxEIU5Z46kK_UNG-ra8P8CU1w-DlkJkJemCJimeeESl4zddAEnSvTDD7obm00gJ0hEn65p-3ihJxwFfmSrOsojdLommBV_O4U_iRWcivtCClbpHsPjVKq7IV0Z_5BAeWofmYhHkneKRDYZAhpoGrsZ3YXnWReZFUTBI7M8bm3Xy9ogUO5mdZlJDTzQGi_oKpEHi66nNjaFOsCDtOaI_h0bIHdNqJur_K"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2775081
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
event
event.instiengage.com/v1/ Frame E7A4 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-content-load-v2
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 29 Apr 2022 09:35:14 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-content-load-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Fri, 29 Apr 2022 09:35:14 GMT
vary
Origin
7f5a9c58-81fa-4d84-8eb6-0750daba3fc4
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/ Frame 1EEE 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/7f5a9c58-81fa-4d84-8eb6-0750daba3fc4
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame 1EEE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDNCkTrFrYtjMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIcCT9APjnZUphhybTMx4ctvcGwr2S2q8KB87i6IkaBnunCE3NtajwkGokv0FsgL9hxGZgR5PTRFjtgtdlthDvd9eLKJsguOWml4FP7E40LP71BOtrRqSTbvDMcZ4Fyuqh86d2D6p10loMWWAyElr0KtBJoJnGuWTtGjshTUbOcc--TAjgWh9d-Il4eeNGP_MjG3qWIJT2PtyH4Zu0SmlS2hYnPMiyM_g_VRA-3RKA8Ij7PjugOf5mSniK2-DkW7Ol55bB9JTfCS8OznP3BdBF6I377NgM9AfR-wuFPFThcu0jBQrE_f_LIUJMNjcdCTTZ8FAjrcK-WFiNjIuZe6MH10BuL9tmJMOeXgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMyMzg1NTUyMTg1ODg0MzkYsbMM&sigh=I3lYjo-h9LI&uach_m=[UACH]&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 1EEE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k7usEoo12AVah_pXGAIAAADPvLLazY0yMLNhggnRORSoEE6xa2J5rdFFcIDob1z6UgASAAA&wp=YmuxTgAIZlgIu_1TAA_mI7qrN9Y_ukA8rot-rQ
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
server
Kestrel
server-processing-duration-in-ticks
234436
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1D71 		44 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlgIu_1TAA_mI7qrN9Y_ukA8rot-rQ&u=%7CzTp3kVNQobBzwbEtTGqAp4dMG7XgnQLhiBe0jVjwCpw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdgbhHCq5nd1Ut8AA593fWnMo4JbnJ3iLElszPy-7Yvw82zKbzagfikWFik4hib1LDXJ3CcA3Dk5gq1c3yqehXemzZPTs1jAX3Vq3Fowu_6g_ld1ATw33oNUgBqQfGH4RUN_xElwWGSygTeMDQW3R98b672C8xgyPZTpsFjjqJm4JgzHw6rCRx0xui0mgF_b39b_T6Yh9MJK-GB8HlBEnVepCMkWC5W916UBgwpDgyM9uSJK9svrzy18u5Q-w65QXXWip56CqgcvBldOC9roC3-82Oeh-258J6SZgZY5rFpGHopGEwJqO4Xe7zL8sCeKly8YQR6r1R6W9KoowoLhAZBDfAjU-gP6oeX7o1cbiBj_P7_khSVj4wPxvp6A8fvKOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__y0TrFrYtjMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9APjnZUphhybTMx4ctvcGwr2S2q8KB87i6IkaBnunCE3NtajwkGokv0FsgL9hxGZgR5PTRFjtgtdlthDvd9eLKJsguOWml4FP7E40LP71BOtrRqSTbvDMcZ4Fyuqh86d2D6p10loMWWAyElr0KtBJoJnGuWTtGjshTUbOcc--TAjgWh9d-Il4eeNGP_MjG3qWIJT2PtyH4Zu0SmlS2hYnPMiyM_g_VRA-3RKA8Ij7PjugOf5mSniK2-DkW7Ol55bB9JTfCS8OznP3BdBF6I377NgM9AfR-wuFPFThcu0jBQ7k3-bmG21sbwg98LzvuZqTnIIVmPpsATNwzerNzLGM7lZ-WmPHbmDc7gBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1xhA_HoOjn_B0pfGRLtRDR4cfKEg%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a58aea6180e81604ab9a58508d196d1102e6ba7cde05036b2efb295f0a0cec3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:13 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=tkEF4CCe63pgJS8m3v-wxwCkFa91hA9_5e2Fo9YVS6IBwb0kmTod2ZDCWkC7MgZ656jKQ2u8jsRxGvnq1i8RU6IBkYwkGdYm5e9BW91QqD5T-WN7QggXKTnMg-wL4NTfoA7YviKDHOvy2g6WRXpRp2UqDmHgKjUzRYIKiSUfmq5gqUwG973LswdUdnunupoc_JZCJ8OLPe4k56GiioOX33JtPDdvsRs1zdBsoNaofPuZ2s2QmYGloUTnlZKzeNryBslOn-P0-XVqXIzd"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4932192
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
a573e64f-d4e6-4b0a-8c43-9d4d34f900c8
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/ Frame 38C9 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/a573e64f-d4e6-4b0a-8c43-9d4d34f900c8
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame 65A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJVOLTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIsCT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLSyKFpejytV6-sTZ7a3limYV6JJgdqDfoKAInfU5yV_cRTMR_-q14AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzIzODU1NTIxODU4ODQzORixsww&sigh=_YmCbH9VTfo&uach_m=[UACH]&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 65A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k4TRDpmhCNwBWof6VxgCAAAAr-76pJstONSzYYIJ0TkUqBBOsWtioV1NJnz4fO8DiLcAEgAA&wp=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
server
Kestrel
server-processing-duration-in-ticks
403435
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4E94 		84 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
884a0619fc9ea8ee4ca2254a8704d2068d6ca530c931e8e75057334786ef74e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:11 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=fRC3RiCe63pgJS8mzm0cqsyVMG350J6XqNz1lEJXg2CQmval4AZtkekCz_MmvEchMTA9aKT2_VZK2uvyqJyLRrgu5wmtlS5qLDJ6bCR51KV_lui8ma5jYqdjvB_kiCYPFtuUOuaZblaGnEHuUeovTZp9s-TSF_yqYMYvJjV_D1-OKtVdamQHtoR4MvpxxBBX6lIzcFfQdDVsXChl4ZVkij9C3TTWCJn9SFz6B7lgKmCw7u8fmPL9UyfRBR9j5Msu37KhyyHVsyg6WG6r"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
24664628
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 65A2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 65A2 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 65A2 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:53 GMT
l
www.google.com/ads/measurement/ Frame 65A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDKNbj8k2JsE-j01j6TPn-b4FXn9WJ8mqW1Dx7fHRVD81JxVR-SjiCNQD8_Uv4o3tJKRy5
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 65A2 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Apr 2023 16:41:02 GMT
2d7ed3b7-9d3c-4eab-afcc-cc0a0bc1eb8e
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/ Frame 87C2 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/2d7ed3b7-9d3c-4eab-afcc-cc0a0bc1eb8e
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
pixel
googleads.g.doubleclick.net/xbbe/ Frame B363 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECEPPg0pcDGLjPssgBMAE&v=APEucNXl2X7PLz_dcHue4VPhkcHs_Ohmp0AxeOfuo2HvU4FRF-xJwy2cFeC440HXitF7xo-o7S8bz47A3jU6EngGLUIT9UvIzg
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 87C2 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:30:28 GMT
2586868420077012569
s0.2mdn.net/simgad/ Frame 87C2 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2586868420077012569
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84cf6138b6651f78fa922a2af3aaa49dea2278515197cc9de9d68457851fd77b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 19:40:30 GMT
x-content-type-options
nosniff
age
395684
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107297
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 13:39:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Apr 2023 19:40:30 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame 87C2 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 08:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 08:59:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 87C2 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstqsajlcAyCgQB3AnkV_MYx2lEWU0XHc4epIhSFWSQwLu-cBGrJHooZkdTaIbBaMLjfouAUV6IGs83B8bg7nz82Z4mpdHm62dCl-IqLL3VHw7H4Vop9f42tgWn4adiBe5WLQjSMsFFlJTVrdlQhiK-KZniQnfBFJbmRyN8JouV7Hra8fb3IZBzdRodlnVCVLd8izmncJY3NeWkBXfYElfq1R5WOkKLF3Lu4CALSX2_jgnFgz2DExuwOzSU5OyvW1D0ziFzyNclzu7t5mgerovJSpOgDc-5wbsIbryv2vgLF2qW7Qrv0pEdPY3zHIqsWaxnu0UHTVDbjXoskBrDFBX5JX7NetzFa1l_6elV-qarkcqJZ6TEnsysj8QVVdU7ZUatYlQtis7pRoLZORBWTLkCV4--Cuf5U7gAQ6SRpyhdIzRcfPn2LGtXL4_wZIqECSqK_sPxsixN1H4IuBdn4xMB5Aw2dsQ62fnxAvvwXWDyU4QFOoTypNAuVw0WJ82BrkqP5FxXWKBGezYpphetb5nKQ0R6D4wDdNk22BAwtT_Zwjeg48oXZzsjOW8jy94rWpSx8LRQChenc-AMpX955BV7xKhgXIqNXCJ4bZecKGRRthBPzvHOdT_LDYb9XOpVPhV1sXe_RiokF3NscClHQZIxU7C3s4kI9vYUfNTOssxL2FTPSGpapRG5Sqj-F5mFXBkZVW1TpZE8PZdai6_RBUPgUXMli09pn0jlYcMqe4mPz1wJi1blNb5FiXXRtfwZrtNhXpETlYftQjx7S8JaTzkMBf1Y4om-B0xKjUz5QE3Gf5b0BLRrBqAzHr1wl-NR52mK1Cg674W4f7usdxwGARxD9iAXRR2jQv1jn2qu6P6y1LTGhkDca4pTenD4LKATxOpELuG3ES1AAZrY3suODEnmd9pOWMqlFD61fSrQ_SuxgT7MWZrRA8l0nJteXnltdfZI7TJqfvDzjToO-gxMrPGZTc8To3E0ldGsSos8zeL_a25acuIic3RVZOKaWM2WMWyeZQKgiPxoe0pcRaa5tMRXzABWXZeK87-USnr3foLUznwDXSZIoiHY7C5a-vM-C7iR5wHda7iVJmoHSIdQIGmfqnBwpNS0GI_P4nAQ3lRH2UUOJitea8U8_p8RljT2YrGSLwpE6KOUY5isE4v_g3YcM1AXHM4LapBtW&sai=AMfl-YSF1vouZB_-PA5KHp_sNMjRW2ISAark07rVYIxMOLcG8EPvSwNDFdGIfcZKxzEm4ssyt8WD3_GpllBPFnT8fJ943MJwPBhJ5F8jdRU4T74cS83ZXrRhliKBZSMxU7Gig1wM5uKxq_vir5l-c6gyDR695pljGkQ35NTgY3eBslZwfuTc7ZClWTr9iEQtGZHUDUoFUkDetGpygdL-fwXoCY3MhkJscYoQX8FTWy7efVTpfSGJU6fmq7rEgFk-qCa8zCDlL664YcB9nmx_LGuyd_ajb507dseMlvOdV_S1pkls56FA4OxzDVp2_SaASoNyenpBp0oCUtezOeaK_9j1TXMXjW0SnKi6sLlGuJB3A7MqFpEQD_TQuIqhAL2Up6SlWqw2gGvgrllKfdu6zLLSrFA&sig=Cg0ArKJSzOb5pBmYIKTPEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220427.43154&adurl=
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 29 Apr 2022 09:35:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 87C2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233648
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 16:41:06 GMT
8bc4e147-63e4-40ed-91ec-f1a97a02eba8
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/ Frame 37C0 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/8bc4e147-63e4-40ed-91ec-f1a97a02eba8
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6CE2 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvTChCF7YyRAxj6xuzDATAB&v=APEucNWprOgsVFeJBcA79n10ra5s3pGCZrerx_suQpDiTmOYRZn4BOclgSn2I_ASzjBC28FyyyLWoqpnVpgyI-oJAoBnmLtovg
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 37C0 		60 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtWG9KWrleknI8YNwaqJ2TV0n4Rd2eWderLGHnxVptfosShYpypM7mOJVcFXltegXs8cYuQ75kWQeaRO33yzm8yY7FmQ&cry=1&dbm_d=AKAmf-D9kIs-QoFMK5n9L48OFuoBfhcZWYJfgrzoEgUWq5LqC_TEGIqX7YLYYvJXLafhfiS9k5O7x4GHh_qZhlGhcDBR8VXittGsx7_YLL_3Y6bAUPkNvRaN9CM0s2bCX8o7mo3aed8xgGS3RQyORYbfqHUhGl_OrMYHh2bToaNDNPZxPb4R3UIYgWV8WYrnQpiyiI5hWo64sg_kiw7yQulgAOWXCMZYhD5j_rYgBGGiLHaYwxxRMFWP0hLq_gSSIuzaCCC4lSv_D0F4GUCVxa2ud3hOt3YCF8_cRoJBqZvjDXSdK0Bzk94Ayr3KAK8iY6JLTIRDpnonF4y0PCDyeGU4JuCVWJkWV43BDq5aiMNAO9lkRQcBFbukZ4XaEwtIGql4AwFHHitzwBXfjthcoslsNzZLiSIvgt66PH3fwV10DZJ5lObo04WzPoZD1DhgqIruNo8mLLjHTMLUySNarKgJZ4HcOxibLNJ6Z6rQzol8JqTiLgcOLXMfhfqPV_rTSEP_WgFgi8vPj2Nsm1qncp0DhSzdk_OoAh67AZQZgPP1IU-P7TP8aQt_83kgmtACUFxwhT8SXyY4yGvenZiOmJnPGrhu1JE0gMyYkKB6ZB-4VSamA4HJFcRff8zflnohB1_6OEiGt2FPdBdeANQX_mLscPxxtcFjgn4CneSuVXiM7M_bqDvPOdU0L0oqZoTGRyAOZUS59eHHTbfd9hnEYokOQ3QioYzrqRYfa4rsisHZu1ih50Xzg0UeHqG88V8NZWp3vznngPsOPrGMOQDkfYvMyDfg6vDbwZAcQYdJ6UcV933KrPzNSOmaSI8ozqQT8KYhukNrYtXuwl1obJtDl5Umk1pQff1yHwbIZ8ByMZZxrf_McEC4KyuzvF-713MFyHP7Qixq4M9FtNyWuRe3mUaA2c1Z6dlqlDT_abCH_bT_v80Mi00wr9Xn-zTUUfGyevhY7Wbq8S26lsx1NdMvYYm65upb2KhciQ-3Az0NAywBWxtfqSMWpTj22cGq8GnPkbAUthJE3IDWCoNnl8eYkzJ8qPGXJJhUeYFZRFJ82Lth0gUVlvbAM3Y17ShVsBlgnGuqJGRuSuK0OsqwDi0RLTwprV-ruZFU0AmO8Yqnu86esxoqU5NM8SqHjzWkvjUKfbDLf0EaaI3Uao4P7VJIa4ufl-yHmnnJQXqjVf_zl21xbMjGdZ8xkV12KIm7D2WwzixRHSEbUD33dueMU0TM_ylIOw6P6HfK1rkkKDAjJ14MI3Yv65iUC9ds2gFzVOwUGFqqpZjsGQ2uzeM6O6_Oo_pQO5jDjBTAauYdy_hivA9FFtN_m2puzKHIdg-FzwrRAwrH9VBPIWEVk99Ri2pOwGrxuqlwTZc3-9J08UGf-A5enxrBWd5ErSz4lNL4s1c-VP7-Rp97Rld9SGAUAlVZj7c8LqYodjawDFYeMkDnyERdoyBR2wA6g4NCT1Hf5RBlj3370I8c6SJw8GXY8Mr0RKOmu4huXMrUX8Y5AY0KDrkIjw9Z_Eh5ugTU1jiBYq1pCNH_nQeUv_iPvFP0W3EDWHDpAodtiwg2udSGG2MsTodbn6hFccTFwPasbVRMGxY0ARyo2Kwkc5l538vl1el8QbAlZMfT6Wu5Fy1yfQomIlMwNgrDPr64ZrosJ7Jno9cuZ-M8YXWfW7WL8UPQdgPWRKX10GfA8zGKttQHZmm4DXKX17BpSWomW0iq6h7S5XkOqr2gHmtAOJi2GLp0b3mirM_mZ2RB_3uDpa-PaB4WtA3q30gCE3vNsBr52kLHAnf_43hS8Euzvx3fJAocYVEog2WygHO6tS8har_ZS2zHIr2r2_6JMCiDzcHumfafEntoS5gm3Do1KHzxWLFbSdldryPIJrgFEfr_Sc-kHbGCKpNuUnm5QMBmBJmEguL_nNeu3XFtitip9dnjZfVJgCGxkXNnZp1FBckDkZKQ1jkUMjyJ7F_b5wLnymLxHQVSX91mOJF1on0c5Qg708dtWNeJz5Q18z1tA8q5dc0U2rdrdNmwi9bsBdOOzE4OLDfZGB7GU7YSdJHFj4l7sG8RJh37zrlK32SQpGKUUXYsdPqPREhPK0nrHDABAJLtgmZQTHQQhbs5TFygOHmNeZOD82m716w5WUgOFa3nlrvWGDWvtVm6x7AJadEoddB4J8M_-hqPUQxtaEU7JGF5ZjntgavW1xPB739AwLItd7n0xbKv7_IdDKtLmrFm9AZDH2JT-fbN5C-GRcTkyp3IQtjsUoLbCeV-uS8MZHckEnFHstrCAupXDP8Wl3XULbbDfGqHCpbLJr8f3c2-v8KEQK-jIO-GUFBWjcnEbLvIKxDVlvGXiia5HaM1YrT4uEun16Nk2FZjrzKx54YNQ6aVbr5GVcT6ZWegRDjPQaRTtSyh_YXM1ZK_3AXb3opzC37mm1LNQaqh4271ShISiFsVA5DhMdJgqG22rsavf9Zki1qMCxxMxQ2_7UbsaF-L-pJXma_kpXuIE6eXoEOWHGEBpZcnlbJnztHyLnLz6csNwr_GrW2Popx2KcnTSN4id1-uNFie0SjVP1TMrdzFQJwuJlQNwl6_iWO1eMp8_ym-OtC50hvzR-1ymaMCpK6HoEi5f9jzJGdIKteY3K8KKSJnuy4D96RrE-zJVGzpVSFfqdaamHdOnHg1gNiA5tXP95uiQoPMppFIMBYC7yDIwyOZFQzscFo_gQyTD4A_KBW5JOOw5BVDJO_nN6HgwgSwkCRZBqsqs-iMuEtLorQTsvbqWLFlGP6dV_4oLzIxIxSLNmtsXxDOnwOegMYGHq__odSyT3fe-kufuyW53PnYVVSfK-QuBcFrLOYLVM3xyT3SyfOgJxbVzATXaxz0K_ehvI8yZMOm918gJgZfwsn8ZIucupuyJlHXZOveSBXI3FvjqSZ0lORW-if1ncBpLM9VYmikJ88Rd7aPpjutWHC9AsaV_WZQLkAJjlXr1X1mHLp4HobgJQbHk3HxfjBO8TG7SN_MSXCobBmKlcDmQhVoX59Cd1DSGYjLaaxv-ukXRSm7YE_usyq3b5ijbx1f6s4eDLbWtxondEKbkHFJ9lRabjh-XLNFWEEtu3r64LWB2X8FFDz4ai3xS53_e0I9_EPZ-K_UgJTNkTfvmSuYfkhqL4bFa2JMKacsQxttDfvs5UFF-BApSM441duSphWiooKwpvln4R4t-dHjIFGrE6kUhPz4NWT7vTdBcwPclRr3iNufMxv73XtxtEJvlKFCN_gXvnZQcQCTmhSH03xPEMPlYFdIRD-ooX_Wk7X7ICEUwaf-1A9z9-FT-As3-3iamkokeIZ7VKdX_s1GsL3dJVR7K_nW&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
941284f1352ad65210e4a48333bc4ec6ce4dc3ed0de3417ad9c2ecfc0760b82c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30433
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 01DB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d89c2129577439acb5aa4b0220bde998d6b1c8695668ed7d425a291573a36c6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2FE2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0992a63e09bd6c7583e8aab385f6d943430b68526f2658837bd9d64167b03384

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AEBE 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b929b38b2405889a56c6ef995871ccd3caa91c06ec93231cf4f9800f9d8485bb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D162 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac65c60307db2c323be645d2c72bdf669cda19ac634773a69f25b9bd1d812544

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 6A5D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfV_7TmIlH1UL8v-KHLsvAW3qNuWdUqD_9bQ3MEHUTIAsNX48chhOYZ-MzCSYMcR_Dn19mAc-edQTfAcCRqOEccB5wVr-4hbkYHiBa6wM8I6_nWdU_&sig=Cg0ArKJSzN-J8YXrEumwEAE&id=lidar2&mcvt=1437&p=271,436,361,1164&mtos=1437,1437,1437,1437,1437&tos=1437,0,0,0,0&v=20220427&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=776454535&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651224911803&rpt=1359&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle.js
auth.instiengage.com/auth/ Frame 7EBC 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
z9_dsDhFEXvmKWuBLcY14W3grjGzZbNe
content-encoding
br
last-modified
Fri, 11 Feb 2022 18:07:15 GMT
server
AmazonS3
age
297
etag
W/"9bea1145c763a33ae96eac3f3997743f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
date
Fri, 29 Apr 2022 09:30:19 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
46o9Lhm7FsV-W2jl-PnPRhZX8Qd76lRN-d1-MdM9StLXvZdBElVDMA==
truncated
/ Frame 1EEE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c6c33b53a94538adfe6a03dd215ad983b9e61911dfa942e3d3930bf83f314b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
lg.php
cdn.firstimpression.io/delivery/ 		1 B
456 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=67472&campaignid=35&zoneid=110722&dt=1&_fiid=A7&cb=85846393
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
server
nginx/1.20.0
x-amz-cf-pop
FRA50-C1
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
XLpTi4gy94aD9JCyy6VKAIhyNWc8hsaAccDMJ7MnZ4IsHF8XTiH0PA==
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
expires
0
bundle.js
auth.instiengage.com/auth/ Frame 48CE 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
z9_dsDhFEXvmKWuBLcY14W3grjGzZbNe
content-encoding
br
last-modified
Fri, 11 Feb 2022 18:07:15 GMT
server
AmazonS3
age
297
etag
W/"9bea1145c763a33ae96eac3f3997743f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
date
Fri, 29 Apr 2022 09:30:19 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
wOzY4VdOCtsAcKipzqDD3Wi4a7Gao6NZl5RZPJSwRh_9ndjcc2TSTA==
activeview
pagead2.googlesyndication.com/pcs/ Frame 8C97 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYf5irOmZqv_zlkd2hp3KZm81gNz0uWkUbPgruQOQaz6hvkWPKA6HOl5I8bDGaz5Wat9DfEEUJgp31JAYZVh6ms42ZQfmCZiO-Biv8wdNVkhkq656v&sig=Cg0ArKJSzB-_vOFWMMZKEAE&id=lidar2&mcvt=1338&p=428,1161,678,1461&mtos=1338,1338,1338,1338,1338&tos=1338,0,0,0,0&v=20220427&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=713581990&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651224912026&rpt=1260&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6510
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONC_AvqVDQEDibuRT-AZ5M&google_cver=1
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONC_AvqVDQEDibuRT-AZ5M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEMDLzegCGODkscQBMAE&v=APEucNUkFK6K7dLzC7L_5tjcM0ZOwJtIKMyxQVl2AkivBRDOd6ghWudRFqsd_Xof3elu8cV_0C_s6ZDAWt4k1yG5FWmsmhKv0RiqgjmMcIf9GNkyWAmNHjNbHUWmkfLhkM6tgdrhCpprkSBpIhhIEq9QI4S0JO2-1duykfmzmg6AIHVqrRyptuc
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Apr 2022 09:35:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 29 Apr 2022 09:35:15 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONC_AvqVDQEDibuRT-AZ5M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6510
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmuxUs.OnojhGGWNUnpngwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONC_AvqVDQEDibuRT-AZ5M&google_cver=1&google_hm=2
43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONC_AvqVDQEDibuRT-AZ5M&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEMDLzegCGODkscQBMAE&v=APEucNUkFK6K7dLzC7L_5tjcM0ZOwJtIKMyxQVl2AkivBRDOd6ghWudRFqsd_Xof3elu8cV_0C_s6ZDAWt4k1yG5FWmsmhKv0RiqgjmMcIf9GNkyWAmNHjNbHUWmkfLhkM6tgdrhCpprkSBpIhhIEq9QI4S0JO2-1duykfmzmg6AIHVqrRyptuc
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Apr 2022 09:35:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 29 Apr 2022 09:35:15 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONC_AvqVDQEDibuRT-AZ5M&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6510
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKp8dvY5AnTc7TXP4l78R_Q&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKp8dvY5AnTc7TXP4l78R_Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEMDLzegCGODkscQBMAE&v=APEucNUkFK6K7dLzC7L_5tjcM0ZOwJtIKMyxQVl2AkivBRDOd6ghWudRFqsd_Xof3elu8cV_0C_s6ZDAWt4k1yG5FWmsmhKv0RiqgjmMcIf9GNkyWAmNHjNbHUWmkfLhkM6tgdrhCpprkSBpIhhIEq9QI4S0JO2-1duykfmzmg6AIHVqrRyptuc
Protocol
HTTP/1.1
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Apr 2022 09:35:15 GMT
X-Proxy-Origin
217.138.196.102; 217.138.196.102; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8511142f-38fc-4fd4-a7f4-8d4c14f22abb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKp8dvY5AnTc7TXP4l78R_Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6510
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMzUyNjUwMDEwODY5NjA4OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMzUyNjUwMDEwODY5NjA4OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEMDLzegCGODkscQBMAE&v=APEucNUkFK6K7dLzC7L_5tjcM0ZOwJtIKMyxQVl2AkivBRDOd6ghWudRFqsd_Xof3elu8cV_0C_s6ZDAWt4k1yG5FWmsmhKv0RiqgjmMcIf9GNkyWAmNHjNbHUWmkfLhkM6tgdrhCpprkSBpIhhIEq9QI4S0JO2-1duykfmzmg6AIHVqrRyptuc
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Apr 2022 09:35:15 GMT
X-Proxy-Origin
217.138.196.102; 217.138.196.102; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e024cadc-403e-475c-a1bf-bc67befa04a4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMzUyNjUwMDEwODY5NjA4OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=890441945&e=e&n=2708278622448457&aid=53T65BNiEei3kAY3v_uBow&amp=0&at=1&c=-1&ccp=0&cp=0&d=0&eb=1&ed=9&emi=1ftj3vr1tczm&i=0&id=5fywZp8i&lid=q7x5azd1t137&lsa=set&mt=1&pbd=1&pbr=1&pgi=1dpe4dfl5u0l&ph=1&pid=ZoPFXSjg&pii=0&pl=0&plc=4&pli=1wdb78q1oedp&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&pu=https%3A%2F%2Fwww.staradvertiser.com%2F&pv=8.25.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Enhance%20your%20home%20with%20Windows%20Hawaii&tv=3.39.0&vb=0&vi=0&vl=90&wd=0&ab=0&cae=0&cb=0&cdid=partners-video-ads&cme=0&dd=0&fed=025uSCQm&flc=0&fv=&ga=1&lng=en-US&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2F5fywZp8i.m3u8&pbc=0&pd=1&pdr=&plng=en-US&plt=3050&pni=0&po=0&pogt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&sp=0&st=1290&sa=1651224909792
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-served-by
cache-mxp6967-MXP
x-cache
MISS
x-cache-hits
0
/
geoip.insticator.com/json/ Frame 5E3B 		240 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.11.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-11-137.compute-1.amazonaws.com
Software
/
Resource Hash
9e85dc0f7699e0a1ff54678b058435f14f7b041dfbc0001e44c1accca0b7efc1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 29 Apr 2022 09:35:14 GMT
access-control-allow-credentials
true
x-database-date
Fri, 29 Apr 2022 02:43:04 GMT
content-length
240
vary
Origin
content-type
application/json
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ Frame 5E3B 		334 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5200:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf8023810adc288c1dae107fc94548921a8039516477360bbc5093861f75290f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
Umjdkh_UzTQC5k_MBoD.eVF6TW9QP8FE
content-encoding
br
last-modified
Wed, 27 Apr 2022 16:52:59 GMT
server
AmazonS3
age
59678
etag
W/"0b9951514e942738af6dd5c85ef87602"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
date
Thu, 28 Apr 2022 17:00:37 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
D5heExaixRCzPtxcPmAIkWSrhE1dPcD57hfa2wIfgzto-0PK2KgH_g==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ Frame 5E3B 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 20:41:28 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-31c24-5db4d56343065"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=95246
accept-ranges
bytes
content-type
text/javascript
content-length
63950
expires
Sat, 30 Apr 2022 12:02:40 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame 5E3B 		72 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e030f694f0db805c9991886ad55ad45628b1e63c573d7a74215af6fc8a43c9a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:14 GMT
Content-Encoding
gzip
Age
498
X-Cache
HIT
Connection
keep-alive
Content-Length
17804
x-amz-id-2
ngsPa5H5jyyMDpQg3Z3a04tcOH+4d2WJerU9nAnjClTb+VWmk+zRpsg/rUiaT4TTjtElsyzjkYs=
X-Served-By
cache-lcy19249-LCY
Last-Modified
Fri, 29 Apr 2022 07:53:39 GMT
Server
AmazonS3
X-Timer
S1651224915.842637,VS0,VE0
ETag
"4b051371f87eb37f9e8389542cb05806"
x-amz-request-id
KY9CDK6SRE2G0F0T
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
27
/
geoip.insticator.com/json/ Frame 3222 		240 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.11.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-11-137.compute-1.amazonaws.com
Software
/
Resource Hash
9e85dc0f7699e0a1ff54678b058435f14f7b041dfbc0001e44c1accca0b7efc1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 29 Apr 2022 09:35:14 GMT
access-control-allow-credentials
true
x-database-date
Thu, 28 Apr 2022 16:07:29 GMT
content-length
240
vary
Origin
content-type
application/json
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ Frame 3222 		334 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5200:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf8023810adc288c1dae107fc94548921a8039516477360bbc5093861f75290f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
Umjdkh_UzTQC5k_MBoD.eVF6TW9QP8FE
content-encoding
br
last-modified
Wed, 27 Apr 2022 16:52:59 GMT
server
AmazonS3
age
59678
etag
W/"0b9951514e942738af6dd5c85ef87602"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
date
Thu, 28 Apr 2022 17:00:37 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
MNDQ8Tw3BqOTsXXBqRSggXW4Ye2SmYhg3WGDj0U3DQ-mCNRsneymgw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ Frame 3222 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 20:41:28 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-31c24-5db4d56343065"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=95246
accept-ranges
bytes
content-type
text/javascript
content-length
63950
expires
Sat, 30 Apr 2022 12:02:40 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame 3222 		72 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e030f694f0db805c9991886ad55ad45628b1e63c573d7a74215af6fc8a43c9a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:14 GMT
Content-Encoding
gzip
Age
498
X-Cache
HIT
Connection
keep-alive
Content-Length
17804
x-amz-id-2
ngsPa5H5jyyMDpQg3Z3a04tcOH+4d2WJerU9nAnjClTb+VWmk+zRpsg/rUiaT4TTjtElsyzjkYs=
X-Served-By
cache-lcy19249-LCY
Last-Modified
Fri, 29 Apr 2022 07:53:39 GMT
Server
AmazonS3
X-Timer
S1651224915.874955,VS0,VE0
ETag
"4b051371f87eb37f9e8389542cb05806"
x-amz-request-id
KY9CDK6SRE2G0F0T
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
28
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1429 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww&u=%7CzTp3kVNQobBeWaVJs7DeNUC6NI0BQ0R5ZFeuKtp5Rnw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdmjbN-pVanZKpeyPCW9n_GeNVO1CFH1rDBmh2JqM1spQT5uTde_7LxAQAaYWgJ_M7GY-UvH_dN0RPnTjcmM_nYfNCNd9DHiP3pAUInCaNwOrfxUMfdox3EoF63tiEpMEGviXZdgBsMdQmi3CnoDrNaPdGCc_4v3xMLuEkFWGjZanjGi1ktqIcz7GrXIz92fLb3N5OxAthUp_l42DM2JeobfQbfVN8n7p14u7N4O-u4pw_1pJOtWYItcmEO44SMJC1rM7CKPLJ-ENOEBqq3ecFFDNwmS6eyJI8WBk-ay59AWOHyKbPQliAW_O3gZTee2NlKaMp9K8al92UCBpjBzLQnkPbH9F6RI5EunTymXXQjuHr4Cq_kXRqtLA_Ia2xoykXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHOQ_TrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv67-4Lj4wd-aDEv2asaVi8Arx_SsK0pSAOtFINTB21xQIcWKXU8arW7fDgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Lc_rIBiAirvBeievzCHp7qCxMkg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:14 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1429 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww&u=%7CzTp3kVNQobBeWaVJs7DeNUC6NI0BQ0R5ZFeuKtp5Rnw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdmjbN-pVanZKpeyPCW9n_GeNVO1CFH1rDBmh2JqM1spQT5uTde_7LxAQAaYWgJ_M7GY-UvH_dN0RPnTjcmM_nYfNCNd9DHiP3pAUInCaNwOrfxUMfdox3EoF63tiEpMEGviXZdgBsMdQmi3CnoDrNaPdGCc_4v3xMLuEkFWGjZanjGi1ktqIcz7GrXIz92fLb3N5OxAthUp_l42DM2JeobfQbfVN8n7p14u7N4O-u4pw_1pJOtWYItcmEO44SMJC1rM7CKPLJ-ENOEBqq3ecFFDNwmS6eyJI8WBk-ay59AWOHyKbPQliAW_O3gZTee2NlKaMp9K8al92UCBpjBzLQnkPbH9F6RI5EunTymXXQjuHr4Cq_kXRqtLA_Ia2xoykXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHOQ_TrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv67-4Lj4wd-aDEv2asaVi8Arx_SsK0pSAOtFINTB21xQIcWKXU8arW7fDgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Lc_rIBiAirvBeievzCHp7qCxMkg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:14 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1429 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww&u=%7CzTp3kVNQobBeWaVJs7DeNUC6NI0BQ0R5ZFeuKtp5Rnw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdmjbN-pVanZKpeyPCW9n_GeNVO1CFH1rDBmh2JqM1spQT5uTde_7LxAQAaYWgJ_M7GY-UvH_dN0RPnTjcmM_nYfNCNd9DHiP3pAUInCaNwOrfxUMfdox3EoF63tiEpMEGviXZdgBsMdQmi3CnoDrNaPdGCc_4v3xMLuEkFWGjZanjGi1ktqIcz7GrXIz92fLb3N5OxAthUp_l42DM2JeobfQbfVN8n7p14u7N4O-u4pw_1pJOtWYItcmEO44SMJC1rM7CKPLJ-ENOEBqq3ecFFDNwmS6eyJI8WBk-ay59AWOHyKbPQliAW_O3gZTee2NlKaMp9K8al92UCBpjBzLQnkPbH9F6RI5EunTymXXQjuHr4Cq_kXRqtLA_Ia2xoykXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHOQ_TrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv67-4Lj4wd-aDEv2asaVi8Arx_SsK0pSAOtFINTB21xQIcWKXU8arW7fDgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Lc_rIBiAirvBeievzCHp7qCxMkg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 24 Apr 2023 09:35:15 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 1429 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww&u=%7CzTp3kVNQobBeWaVJs7DeNUC6NI0BQ0R5ZFeuKtp5Rnw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdmjbN-pVanZKpeyPCW9n_GeNVO1CFH1rDBmh2JqM1spQT5uTde_7LxAQAaYWgJ_M7GY-UvH_dN0RPnTjcmM_nYfNCNd9DHiP3pAUInCaNwOrfxUMfdox3EoF63tiEpMEGviXZdgBsMdQmi3CnoDrNaPdGCc_4v3xMLuEkFWGjZanjGi1ktqIcz7GrXIz92fLb3N5OxAthUp_l42DM2JeobfQbfVN8n7p14u7N4O-u4pw_1pJOtWYItcmEO44SMJC1rM7CKPLJ-ENOEBqq3ecFFDNwmS6eyJI8WBk-ay59AWOHyKbPQliAW_O3gZTee2NlKaMp9K8al92UCBpjBzLQnkPbH9F6RI5EunTymXXQjuHr4Cq_kXRqtLA_Ia2xoykXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHOQ_TrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv67-4Lj4wd-aDEv2asaVi8Arx_SsK0pSAOtFINTB21xQIcWKXU8arW7fDgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Lc_rIBiAirvBeievzCHp7qCxMkg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 24 Apr 2023 09:35:15 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 1429 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=43fDHxUhAoSvYRrmZQizuaOXY8reOJAqGTollJPQ7EsBwgi2Ga-pPAqW3IzJ0FMGLejBJRZh1RDQWuwdQzlYSRqDpaYeUBIquzZ9FaN5Q456BU7d7oK-lzPXVNe_uoreQJMMTSvIjxBXwrrHklYRliFi6NcYjgobc9I_M1NTnXiQbVaqzUrihGXKAIBJDMXJ5aIRMODY8LKAazL165bLXTzS7kCn53O1qwtWiA-0K9se74PS50tlQMTog4BXkMmN6iAqbjCRN7Wyq84x0KKaN-X7TSgUnz_ZlHqQ0oJ6v8W86GxSimyCqE-Erac4E2L-4XQ1ZwCSHuoYLN5EZ4obUPSWxj3eOcQLIvVh9nq_akR7m7-_2O0DzvMI8EuU-3qiCi1xd1-h608twOLixfFPHd-OWOGf5QOGe6X61oHgZyY9OCeWOA0ujAqkrhA4URp_0MK2Uw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww&u=%7CzTp3kVNQobBeWaVJs7DeNUC6NI0BQ0R5ZFeuKtp5Rnw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdmjbN-pVanZKpeyPCW9n_GeNVO1CFH1rDBmh2JqM1spQT5uTde_7LxAQAaYWgJ_M7GY-UvH_dN0RPnTjcmM_nYfNCNd9DHiP3pAUInCaNwOrfxUMfdox3EoF63tiEpMEGviXZdgBsMdQmi3CnoDrNaPdGCc_4v3xMLuEkFWGjZanjGi1ktqIcz7GrXIz92fLb3N5OxAthUp_l42DM2JeobfQbfVN8n7p14u7N4O-u4pw_1pJOtWYItcmEO44SMJC1rM7CKPLJ-ENOEBqq3ecFFDNwmS6eyJI8WBk-ay59AWOHyKbPQliAW_O3gZTee2NlKaMp9K8al92UCBpjBzLQnkPbH9F6RI5EunTymXXQjuHr4Cq_kXRqtLA_Ia2xoykXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHOQ_TrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv67-4Lj4wd-aDEv2asaVi8Arx_SsK0pSAOtFINTB21xQIcWKXU8arW7fDgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Lc_rIBiAirvBeievzCHp7qCxMkg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:14 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3295986
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
f495cdda31bb4f789730f59dc146613a_image_ad_728x90.png
static.criteo.net/design/dt/20983/220316/ Frame 1429 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/20983/220316/f495cdda31bb4f789730f59dc146613a_image_ad_728x90.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww&u=%7CzTp3kVNQobBeWaVJs7DeNUC6NI0BQ0R5ZFeuKtp5Rnw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdmjbN-pVanZKpeyPCW9n_GeNVO1CFH1rDBmh2JqM1spQT5uTde_7LxAQAaYWgJ_M7GY-UvH_dN0RPnTjcmM_nYfNCNd9DHiP3pAUInCaNwOrfxUMfdox3EoF63tiEpMEGviXZdgBsMdQmi3CnoDrNaPdGCc_4v3xMLuEkFWGjZanjGi1ktqIcz7GrXIz92fLb3N5OxAthUp_l42DM2JeobfQbfVN8n7p14u7N4O-u4pw_1pJOtWYItcmEO44SMJC1rM7CKPLJ-ENOEBqq3ecFFDNwmS6eyJI8WBk-ay59AWOHyKbPQliAW_O3gZTee2NlKaMp9K8al92UCBpjBzLQnkPbH9F6RI5EunTymXXQjuHr4Cq_kXRqtLA_Ia2xoykXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHOQ_TrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv67-4Lj4wd-aDEv2asaVi8Arx_SsK0pSAOtFINTB21xQIcWKXU8arW7fDgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Lc_rIBiAirvBeievzCHp7qCxMkg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b80b524658ffc9c51ac8c392e6904606f33f687765bae4f62d2ca8bd935ce344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
last-modified
Wed, 16 Mar 2022 13:52:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6231ebb7-8fe5"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
36837
expires
Mon, 24 Apr 2023 09:35:15 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1D71 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlgIu_1TAA_mI7qrN9Y_ukA8rot-rQ&u=%7CzTp3kVNQobBzwbEtTGqAp4dMG7XgnQLhiBe0jVjwCpw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdgbhHCq5nd1Ut8AA593fWnMo4JbnJ3iLElszPy-7Yvw82zKbzagfikWFik4hib1LDXJ3CcA3Dk5gq1c3yqehXemzZPTs1jAX3Vq3Fowu_6g_ld1ATw33oNUgBqQfGH4RUN_xElwWGSygTeMDQW3R98b672C8xgyPZTpsFjjqJm4JgzHw6rCRx0xui0mgF_b39b_T6Yh9MJK-GB8HlBEnVepCMkWC5W916UBgwpDgyM9uSJK9svrzy18u5Q-w65QXXWip56CqgcvBldOC9roC3-82Oeh-258J6SZgZY5rFpGHopGEwJqO4Xe7zL8sCeKly8YQR6r1R6W9KoowoLhAZBDfAjU-gP6oeX7o1cbiBj_P7_khSVj4wPxvp6A8fvKOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__y0TrFrYtjMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9APjnZUphhybTMx4ctvcGwr2S2q8KB87i6IkaBnunCE3NtajwkGokv0FsgL9hxGZgR5PTRFjtgtdlthDvd9eLKJsguOWml4FP7E40LP71BOtrRqSTbvDMcZ4Fyuqh86d2D6p10loMWWAyElr0KtBJoJnGuWTtGjshTUbOcc--TAjgWh9d-Il4eeNGP_MjG3qWIJT2PtyH4Zu0SmlS2hYnPMiyM_g_VRA-3RKA8Ij7PjugOf5mSniK2-DkW7Ol55bB9JTfCS8OznP3BdBF6I377NgM9AfR-wuFPFThcu0jBQ7k3-bmG21sbwg98LzvuZqTnIIVmPpsATNwzerNzLGM7lZ-WmPHbmDc7gBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1xhA_HoOjn_B0pfGRLtRDR4cfKEg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:14 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1D71 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlgIu_1TAA_mI7qrN9Y_ukA8rot-rQ&u=%7CzTp3kVNQobBzwbEtTGqAp4dMG7XgnQLhiBe0jVjwCpw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdgbhHCq5nd1Ut8AA593fWnMo4JbnJ3iLElszPy-7Yvw82zKbzagfikWFik4hib1LDXJ3CcA3Dk5gq1c3yqehXemzZPTs1jAX3Vq3Fowu_6g_ld1ATw33oNUgBqQfGH4RUN_xElwWGSygTeMDQW3R98b672C8xgyPZTpsFjjqJm4JgzHw6rCRx0xui0mgF_b39b_T6Yh9MJK-GB8HlBEnVepCMkWC5W916UBgwpDgyM9uSJK9svrzy18u5Q-w65QXXWip56CqgcvBldOC9roC3-82Oeh-258J6SZgZY5rFpGHopGEwJqO4Xe7zL8sCeKly8YQR6r1R6W9KoowoLhAZBDfAjU-gP6oeX7o1cbiBj_P7_khSVj4wPxvp6A8fvKOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__y0TrFrYtjMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9APjnZUphhybTMx4ctvcGwr2S2q8KB87i6IkaBnunCE3NtajwkGokv0FsgL9hxGZgR5PTRFjtgtdlthDvd9eLKJsguOWml4FP7E40LP71BOtrRqSTbvDMcZ4Fyuqh86d2D6p10loMWWAyElr0KtBJoJnGuWTtGjshTUbOcc--TAjgWh9d-Il4eeNGP_MjG3qWIJT2PtyH4Zu0SmlS2hYnPMiyM_g_VRA-3RKA8Ij7PjugOf5mSniK2-DkW7Ol55bB9JTfCS8OznP3BdBF6I377NgM9AfR-wuFPFThcu0jBQ7k3-bmG21sbwg98LzvuZqTnIIVmPpsATNwzerNzLGM7lZ-WmPHbmDc7gBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1xhA_HoOjn_B0pfGRLtRDR4cfKEg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:14 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1D71 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlgIu_1TAA_mI7qrN9Y_ukA8rot-rQ&u=%7CzTp3kVNQobBzwbEtTGqAp4dMG7XgnQLhiBe0jVjwCpw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdgbhHCq5nd1Ut8AA593fWnMo4JbnJ3iLElszPy-7Yvw82zKbzagfikWFik4hib1LDXJ3CcA3Dk5gq1c3yqehXemzZPTs1jAX3Vq3Fowu_6g_ld1ATw33oNUgBqQfGH4RUN_xElwWGSygTeMDQW3R98b672C8xgyPZTpsFjjqJm4JgzHw6rCRx0xui0mgF_b39b_T6Yh9MJK-GB8HlBEnVepCMkWC5W916UBgwpDgyM9uSJK9svrzy18u5Q-w65QXXWip56CqgcvBldOC9roC3-82Oeh-258J6SZgZY5rFpGHopGEwJqO4Xe7zL8sCeKly8YQR6r1R6W9KoowoLhAZBDfAjU-gP6oeX7o1cbiBj_P7_khSVj4wPxvp6A8fvKOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__y0TrFrYtjMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9APjnZUphhybTMx4ctvcGwr2S2q8KB87i6IkaBnunCE3NtajwkGokv0FsgL9hxGZgR5PTRFjtgtdlthDvd9eLKJsguOWml4FP7E40LP71BOtrRqSTbvDMcZ4Fyuqh86d2D6p10loMWWAyElr0KtBJoJnGuWTtGjshTUbOcc--TAjgWh9d-Il4eeNGP_MjG3qWIJT2PtyH4Zu0SmlS2hYnPMiyM_g_VRA-3RKA8Ij7PjugOf5mSniK2-DkW7Ol55bB9JTfCS8OznP3BdBF6I377NgM9AfR-wuFPFThcu0jBQ7k3-bmG21sbwg98LzvuZqTnIIVmPpsATNwzerNzLGM7lZ-WmPHbmDc7gBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1xhA_HoOjn_B0pfGRLtRDR4cfKEg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 24 Apr 2023 09:35:15 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 1D71 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlgIu_1TAA_mI7qrN9Y_ukA8rot-rQ&u=%7CzTp3kVNQobBzwbEtTGqAp4dMG7XgnQLhiBe0jVjwCpw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdgbhHCq5nd1Ut8AA593fWnMo4JbnJ3iLElszPy-7Yvw82zKbzagfikWFik4hib1LDXJ3CcA3Dk5gq1c3yqehXemzZPTs1jAX3Vq3Fowu_6g_ld1ATw33oNUgBqQfGH4RUN_xElwWGSygTeMDQW3R98b672C8xgyPZTpsFjjqJm4JgzHw6rCRx0xui0mgF_b39b_T6Yh9MJK-GB8HlBEnVepCMkWC5W916UBgwpDgyM9uSJK9svrzy18u5Q-w65QXXWip56CqgcvBldOC9roC3-82Oeh-258J6SZgZY5rFpGHopGEwJqO4Xe7zL8sCeKly8YQR6r1R6W9KoowoLhAZBDfAjU-gP6oeX7o1cbiBj_P7_khSVj4wPxvp6A8fvKOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__y0TrFrYtjMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9APjnZUphhybTMx4ctvcGwr2S2q8KB87i6IkaBnunCE3NtajwkGokv0FsgL9hxGZgR5PTRFjtgtdlthDvd9eLKJsguOWml4FP7E40LP71BOtrRqSTbvDMcZ4Fyuqh86d2D6p10loMWWAyElr0KtBJoJnGuWTtGjshTUbOcc--TAjgWh9d-Il4eeNGP_MjG3qWIJT2PtyH4Zu0SmlS2hYnPMiyM_g_VRA-3RKA8Ij7PjugOf5mSniK2-DkW7Ol55bB9JTfCS8OznP3BdBF6I377NgM9AfR-wuFPFThcu0jBQ7k3-bmG21sbwg98LzvuZqTnIIVmPpsATNwzerNzLGM7lZ-WmPHbmDc7gBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1xhA_HoOjn_B0pfGRLtRDR4cfKEg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 24 Apr 2023 09:35:15 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 1D71 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zPrZ4RUhAoSvYRrmZQizuaOXY8pCp42R8RHrwdWYW9yqLMHKqKIci6Bn6a8i0aIpXQ1PmESpglqWlZf2wLkG0TyAeN9fjCetGd5RE2L3zqghkLvhfL9khKYtcO27fN2KAZz7pHoiEQOLgC2QImgPkCCWruT-Z3Ul85g-JOZv07I4idTylKXaqSMN5Vq8tLpaWmANo6m8-hcYxsuNOwwBGNZzcd9uxkP2NiBCk1mN3XCUkpQ_WjerDSuDdMOmk4Nzo9qrQZoANbxxrdmnNTo1ifsz14M8EUBP66mIHTMQSSuj4JavgrHDJKj1dAQBxZSA5HGHiadJq4k9b-VH2AAIrGJAUahHun9AH86-j5p9tyFKeVIUY88xXV-SsagnuppqS-aFlKbe5LPfioL7nXLZ10OTTjCdQiq5f-mkIxA3yp1W67Gm82aiN_LyUerhgtIgJkUaIw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlgIu_1TAA_mI7qrN9Y_ukA8rot-rQ&u=%7CzTp3kVNQobBzwbEtTGqAp4dMG7XgnQLhiBe0jVjwCpw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdgbhHCq5nd1Ut8AA593fWnMo4JbnJ3iLElszPy-7Yvw82zKbzagfikWFik4hib1LDXJ3CcA3Dk5gq1c3yqehXemzZPTs1jAX3Vq3Fowu_6g_ld1ATw33oNUgBqQfGH4RUN_xElwWGSygTeMDQW3R98b672C8xgyPZTpsFjjqJm4JgzHw6rCRx0xui0mgF_b39b_T6Yh9MJK-GB8HlBEnVepCMkWC5W916UBgwpDgyM9uSJK9svrzy18u5Q-w65QXXWip56CqgcvBldOC9roC3-82Oeh-258J6SZgZY5rFpGHopGEwJqO4Xe7zL8sCeKly8YQR6r1R6W9KoowoLhAZBDfAjU-gP6oeX7o1cbiBj_P7_khSVj4wPxvp6A8fvKOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__y0TrFrYtjMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9APjnZUphhybTMx4ctvcGwr2S2q8KB87i6IkaBnunCE3NtajwkGokv0FsgL9hxGZgR5PTRFjtgtdlthDvd9eLKJsguOWml4FP7E40LP71BOtrRqSTbvDMcZ4Fyuqh86d2D6p10loMWWAyElr0KtBJoJnGuWTtGjshTUbOcc--TAjgWh9d-Il4eeNGP_MjG3qWIJT2PtyH4Zu0SmlS2hYnPMiyM_g_VRA-3RKA8Ij7PjugOf5mSniK2-DkW7Ol55bB9JTfCS8OznP3BdBF6I377NgM9AfR-wuFPFThcu0jBQ7k3-bmG21sbwg98LzvuZqTnIIVmPpsATNwzerNzLGM7lZ-WmPHbmDc7gBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1xhA_HoOjn_B0pfGRLtRDR4cfKEg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:14 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3130978
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
f495cdda31bb4f789730f59dc146613a_image_ad_728x90.png
static.criteo.net/design/dt/20983/220316/ Frame 1D71 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/20983/220316/f495cdda31bb4f789730f59dc146613a_image_ad_728x90.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlgIu_1TAA_mI7qrN9Y_ukA8rot-rQ&u=%7CzTp3kVNQobBzwbEtTGqAp4dMG7XgnQLhiBe0jVjwCpw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdgbhHCq5nd1Ut8AA593fWnMo4JbnJ3iLElszPy-7Yvw82zKbzagfikWFik4hib1LDXJ3CcA3Dk5gq1c3yqehXemzZPTs1jAX3Vq3Fowu_6g_ld1ATw33oNUgBqQfGH4RUN_xElwWGSygTeMDQW3R98b672C8xgyPZTpsFjjqJm4JgzHw6rCRx0xui0mgF_b39b_T6Yh9MJK-GB8HlBEnVepCMkWC5W916UBgwpDgyM9uSJK9svrzy18u5Q-w65QXXWip56CqgcvBldOC9roC3-82Oeh-258J6SZgZY5rFpGHopGEwJqO4Xe7zL8sCeKly8YQR6r1R6W9KoowoLhAZBDfAjU-gP6oeX7o1cbiBj_P7_khSVj4wPxvp6A8fvKOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__y0TrFrYtjMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9APjnZUphhybTMx4ctvcGwr2S2q8KB87i6IkaBnunCE3NtajwkGokv0FsgL9hxGZgR5PTRFjtgtdlthDvd9eLKJsguOWml4FP7E40LP71BOtrRqSTbvDMcZ4Fyuqh86d2D6p10loMWWAyElr0KtBJoJnGuWTtGjshTUbOcc--TAjgWh9d-Il4eeNGP_MjG3qWIJT2PtyH4Zu0SmlS2hYnPMiyM_g_VRA-3RKA8Ij7PjugOf5mSniK2-DkW7Ol55bB9JTfCS8OznP3BdBF6I377NgM9AfR-wuFPFThcu0jBQ7k3-bmG21sbwg98LzvuZqTnIIVmPpsATNwzerNzLGM7lZ-WmPHbmDc7gBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1xhA_HoOjn_B0pfGRLtRDR4cfKEg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b80b524658ffc9c51ac8c392e6904606f33f687765bae4f62d2ca8bd935ce344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
last-modified
Wed, 16 Mar 2022 13:52:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6231ebb7-8fe5"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
36837
expires
Mon, 24 Apr 2023 09:35:15 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame D063 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlYIu_1TAA_mI_Fu2FqZZLwwtzlDXA&u=%7CzTp3kVNQobA7KSPq5JJ0BNpvENGD5z%2BzvSpEconUcIg%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdk6CJzhjh6Fnec1oKLdeDn3nEXPbRtT1xc9UdPgszQ9h2REdlZQ3Itm62cG7dhjthD3at5zAUtw1upsCRYKAnhpUkmb_HqYnTKsI5Be1Ei2a3S3Mzh2Ovy5Wf9Z7yv4UaEJWLP-cM29TVDFlRD2xNeYdIwql2CkkeWkaAFKenXzbLEV7bSBi_2_zNUloOk2cpAos3H3NGg6XW3U9IeoAq1_eAt0a8sBYc6GkZJHvUMg2x9K536smOkNkb1GFloUIX4TO6mj65rh17FnOV6BzBhYLH5nDkN5Dg5p9moeGxWDN_EFhHQyeRQ3eCfyarK0wk7NItlbSDzPuhsejIyh3iwKUWJlqISW5YyYILjek6QVOzLdS_Cer5I6NHRSVfwjo5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp3suTrFrYtbMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9D77uA2nkm8JiJ7am-OqWbe7YOdFPepYsFPqM2bM-JBpLZpJ799C7ZN5LNPsP6GIVMcjZ7ydrSc3p5PNyKPwm2hSzug-n1ewiM1Xv23mB-s0kxboLQAfnfD_zpnzFEV_luK4UagwI8bZ7x-X2dniXbGCtpWXJ6w3fTXXHraNtzKXvPdULMx8zceEACjDIXrgIYY9dNwLbSUaX1njE2xvZjgm48Np7lNOyYT6kgl60-V3RmMz8u8ZJKWWZHeQZRdE1tLwdRES10-YpxHCParq72K-XpXAhtUCwtYFtFm-tFbWZEJimh2pFP7RS5WjDR6grPE-FSxU_r7llF_Evx2KZCLoWhD5zWo8QjgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QAoEBFiwHTwTw3Njis6IhGyY9lw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:14 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame D063 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlYIu_1TAA_mI_Fu2FqZZLwwtzlDXA&u=%7CzTp3kVNQobA7KSPq5JJ0BNpvENGD5z%2BzvSpEconUcIg%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdk6CJzhjh6Fnec1oKLdeDn3nEXPbRtT1xc9UdPgszQ9h2REdlZQ3Itm62cG7dhjthD3at5zAUtw1upsCRYKAnhpUkmb_HqYnTKsI5Be1Ei2a3S3Mzh2Ovy5Wf9Z7yv4UaEJWLP-cM29TVDFlRD2xNeYdIwql2CkkeWkaAFKenXzbLEV7bSBi_2_zNUloOk2cpAos3H3NGg6XW3U9IeoAq1_eAt0a8sBYc6GkZJHvUMg2x9K536smOkNkb1GFloUIX4TO6mj65rh17FnOV6BzBhYLH5nDkN5Dg5p9moeGxWDN_EFhHQyeRQ3eCfyarK0wk7NItlbSDzPuhsejIyh3iwKUWJlqISW5YyYILjek6QVOzLdS_Cer5I6NHRSVfwjo5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp3suTrFrYtbMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9D77uA2nkm8JiJ7am-OqWbe7YOdFPepYsFPqM2bM-JBpLZpJ799C7ZN5LNPsP6GIVMcjZ7ydrSc3p5PNyKPwm2hSzug-n1ewiM1Xv23mB-s0kxboLQAfnfD_zpnzFEV_luK4UagwI8bZ7x-X2dniXbGCtpWXJ6w3fTXXHraNtzKXvPdULMx8zceEACjDIXrgIYY9dNwLbSUaX1njE2xvZjgm48Np7lNOyYT6kgl60-V3RmMz8u8ZJKWWZHeQZRdE1tLwdRES10-YpxHCParq72K-XpXAhtUCwtYFtFm-tFbWZEJimh2pFP7RS5WjDR6grPE-FSxU_r7llF_Evx2KZCLoWhD5zWo8QjgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QAoEBFiwHTwTw3Njis6IhGyY9lw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:14 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D063 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlYIu_1TAA_mI_Fu2FqZZLwwtzlDXA&u=%7CzTp3kVNQobA7KSPq5JJ0BNpvENGD5z%2BzvSpEconUcIg%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdk6CJzhjh6Fnec1oKLdeDn3nEXPbRtT1xc9UdPgszQ9h2REdlZQ3Itm62cG7dhjthD3at5zAUtw1upsCRYKAnhpUkmb_HqYnTKsI5Be1Ei2a3S3Mzh2Ovy5Wf9Z7yv4UaEJWLP-cM29TVDFlRD2xNeYdIwql2CkkeWkaAFKenXzbLEV7bSBi_2_zNUloOk2cpAos3H3NGg6XW3U9IeoAq1_eAt0a8sBYc6GkZJHvUMg2x9K536smOkNkb1GFloUIX4TO6mj65rh17FnOV6BzBhYLH5nDkN5Dg5p9moeGxWDN_EFhHQyeRQ3eCfyarK0wk7NItlbSDzPuhsejIyh3iwKUWJlqISW5YyYILjek6QVOzLdS_Cer5I6NHRSVfwjo5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp3suTrFrYtbMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9D77uA2nkm8JiJ7am-OqWbe7YOdFPepYsFPqM2bM-JBpLZpJ799C7ZN5LNPsP6GIVMcjZ7ydrSc3p5PNyKPwm2hSzug-n1ewiM1Xv23mB-s0kxboLQAfnfD_zpnzFEV_luK4UagwI8bZ7x-X2dniXbGCtpWXJ6w3fTXXHraNtzKXvPdULMx8zceEACjDIXrgIYY9dNwLbSUaX1njE2xvZjgm48Np7lNOyYT6kgl60-V3RmMz8u8ZJKWWZHeQZRdE1tLwdRES10-YpxHCParq72K-XpXAhtUCwtYFtFm-tFbWZEJimh2pFP7RS5WjDR6grPE-FSxU_r7llF_Evx2KZCLoWhD5zWo8QjgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QAoEBFiwHTwTw3Njis6IhGyY9lw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 24 Apr 2023 09:35:15 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame D063 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlYIu_1TAA_mI_Fu2FqZZLwwtzlDXA&u=%7CzTp3kVNQobA7KSPq5JJ0BNpvENGD5z%2BzvSpEconUcIg%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdk6CJzhjh6Fnec1oKLdeDn3nEXPbRtT1xc9UdPgszQ9h2REdlZQ3Itm62cG7dhjthD3at5zAUtw1upsCRYKAnhpUkmb_HqYnTKsI5Be1Ei2a3S3Mzh2Ovy5Wf9Z7yv4UaEJWLP-cM29TVDFlRD2xNeYdIwql2CkkeWkaAFKenXzbLEV7bSBi_2_zNUloOk2cpAos3H3NGg6XW3U9IeoAq1_eAt0a8sBYc6GkZJHvUMg2x9K536smOkNkb1GFloUIX4TO6mj65rh17FnOV6BzBhYLH5nDkN5Dg5p9moeGxWDN_EFhHQyeRQ3eCfyarK0wk7NItlbSDzPuhsejIyh3iwKUWJlqISW5YyYILjek6QVOzLdS_Cer5I6NHRSVfwjo5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp3suTrFrYtbMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9D77uA2nkm8JiJ7am-OqWbe7YOdFPepYsFPqM2bM-JBpLZpJ799C7ZN5LNPsP6GIVMcjZ7ydrSc3p5PNyKPwm2hSzug-n1ewiM1Xv23mB-s0kxboLQAfnfD_zpnzFEV_luK4UagwI8bZ7x-X2dniXbGCtpWXJ6w3fTXXHraNtzKXvPdULMx8zceEACjDIXrgIYY9dNwLbSUaX1njE2xvZjgm48Np7lNOyYT6kgl60-V3RmMz8u8ZJKWWZHeQZRdE1tLwdRES10-YpxHCParq72K-XpXAhtUCwtYFtFm-tFbWZEJimh2pFP7RS5WjDR6grPE-FSxU_r7llF_Evx2KZCLoWhD5zWo8QjgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QAoEBFiwHTwTw3Njis6IhGyY9lw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 24 Apr 2023 09:35:15 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame D063 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=NVs8ShUhAoSvYRrmZQizuaOXY8pE6hb-7Ae_meOO_3nbgkioDMyYFyM8sjqLiPf8N4zHOjWJ-_9b1TR8v-VvXWBhXawk0JZ-8kltVr_hSbvCsLWcjDbjhFzgfyC_kBU8m_xmQTeku3QfJY6ziLeLiOePaq_C4BlZcqBTTrFzjT8PilOIDySH2f20FcHUWRi12X0c6kS4XwJJoJ7jIMmlt3BsS9stdBr-QdVLWiZs2Tc3kDA9FNEiQ2G1pWJw4bFjc3fAjpZ9MY8kkgYEGndw3KUn0rsTwZ22ccgK-pI_cm67z-vKOGfYr-t_MpCP65H9R8HPiC2gONY_SGglHakkn0uKAWbHUc_X-kP38uZjOEtlOBErFg_v6_Mf5FZYlX74xOfstXSC0o5rQp3EJLDgEg_05QBZkyJ-wKAYtfuIGwpR41yjDJpTbdagqjksqZvW92Yoyg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlYIu_1TAA_mI_Fu2FqZZLwwtzlDXA&u=%7CzTp3kVNQobA7KSPq5JJ0BNpvENGD5z%2BzvSpEconUcIg%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdk6CJzhjh6Fnec1oKLdeDn3nEXPbRtT1xc9UdPgszQ9h2REdlZQ3Itm62cG7dhjthD3at5zAUtw1upsCRYKAnhpUkmb_HqYnTKsI5Be1Ei2a3S3Mzh2Ovy5Wf9Z7yv4UaEJWLP-cM29TVDFlRD2xNeYdIwql2CkkeWkaAFKenXzbLEV7bSBi_2_zNUloOk2cpAos3H3NGg6XW3U9IeoAq1_eAt0a8sBYc6GkZJHvUMg2x9K536smOkNkb1GFloUIX4TO6mj65rh17FnOV6BzBhYLH5nDkN5Dg5p9moeGxWDN_EFhHQyeRQ3eCfyarK0wk7NItlbSDzPuhsejIyh3iwKUWJlqISW5YyYILjek6QVOzLdS_Cer5I6NHRSVfwjo5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp3suTrFrYtbMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9D77uA2nkm8JiJ7am-OqWbe7YOdFPepYsFPqM2bM-JBpLZpJ799C7ZN5LNPsP6GIVMcjZ7ydrSc3p5PNyKPwm2hSzug-n1ewiM1Xv23mB-s0kxboLQAfnfD_zpnzFEV_luK4UagwI8bZ7x-X2dniXbGCtpWXJ6w3fTXXHraNtzKXvPdULMx8zceEACjDIXrgIYY9dNwLbSUaX1njE2xvZjgm48Np7lNOyYT6kgl60-V3RmMz8u8ZJKWWZHeQZRdE1tLwdRES10-YpxHCParq72K-XpXAhtUCwtYFtFm-tFbWZEJimh2pFP7RS5WjDR6grPE-FSxU_r7llF_Evx2KZCLoWhD5zWo8QjgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QAoEBFiwHTwTw3Njis6IhGyY9lw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:14 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1871715
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
f495cdda31bb4f789730f59dc146613a_image_ad_728x90.png
static.criteo.net/design/dt/20983/220316/ Frame D063 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/20983/220316/f495cdda31bb4f789730f59dc146613a_image_ad_728x90.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlYIu_1TAA_mI_Fu2FqZZLwwtzlDXA&u=%7CzTp3kVNQobA7KSPq5JJ0BNpvENGD5z%2BzvSpEconUcIg%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdk6CJzhjh6Fnec1oKLdeDn3nEXPbRtT1xc9UdPgszQ9h2REdlZQ3Itm62cG7dhjthD3at5zAUtw1upsCRYKAnhpUkmb_HqYnTKsI5Be1Ei2a3S3Mzh2Ovy5Wf9Z7yv4UaEJWLP-cM29TVDFlRD2xNeYdIwql2CkkeWkaAFKenXzbLEV7bSBi_2_zNUloOk2cpAos3H3NGg6XW3U9IeoAq1_eAt0a8sBYc6GkZJHvUMg2x9K536smOkNkb1GFloUIX4TO6mj65rh17FnOV6BzBhYLH5nDkN5Dg5p9moeGxWDN_EFhHQyeRQ3eCfyarK0wk7NItlbSDzPuhsejIyh3iwKUWJlqISW5YyYILjek6QVOzLdS_Cer5I6NHRSVfwjo5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp3suTrFrYtbMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9D77uA2nkm8JiJ7am-OqWbe7YOdFPepYsFPqM2bM-JBpLZpJ799C7ZN5LNPsP6GIVMcjZ7ydrSc3p5PNyKPwm2hSzug-n1ewiM1Xv23mB-s0kxboLQAfnfD_zpnzFEV_luK4UagwI8bZ7x-X2dniXbGCtpWXJ6w3fTXXHraNtzKXvPdULMx8zceEACjDIXrgIYY9dNwLbSUaX1njE2xvZjgm48Np7lNOyYT6kgl60-V3RmMz8u8ZJKWWZHeQZRdE1tLwdRES10-YpxHCParq72K-XpXAhtUCwtYFtFm-tFbWZEJimh2pFP7RS5WjDR6grPE-FSxU_r7llF_Evx2KZCLoWhD5zWo8QjgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QAoEBFiwHTwTw3Njis6IhGyY9lw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b80b524658ffc9c51ac8c392e6904606f33f687765bae4f62d2ca8bd935ce344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
last-modified
Wed, 16 Mar 2022 13:52:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6231ebb7-8fe5"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
36837
expires
Mon, 24 Apr 2023 09:35:15 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4E94 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:14 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 4E94 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:14 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4E94 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 24 Apr 2023 09:35:15 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 4E94 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 24 Apr 2023 09:35:15 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 4E94 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ifKrslZkgDPC5WJMmO5TN-9cqlj1c0HaPZ59uyhiDhheT7IwWUyhtZV2D932FkxIpOtsBFBNPKBTRWdQlkFFLPYRVE8NHOrPkBsge_vYvQj2xq7KozkzRFAKTEsdH1RnPr0NrE7iyVgynBGxC_8_ILZGZE_PozfToSl0t8_Pyx-ch-dIMHGXbzwbFuMiOHYa3pF5C8UFsasK-RuTqlZ8Vj-0rmJxq26CI9VLvL2rzy9nJCZQSVAVqf0pBD0RZXSX_8Oe2gHz1m_WnBPihtCpZdsbvv1c14SdoKvctFyJ15_JPWCQucG-AvZRXIqd17uQO6vpmj2xLOYwDySYA_Nkjp3WsRHMZMxXrA9p5MaeDDWnlmpU2BkeXI52QEq1VW86MALxWH330xKIxhYFLObBoLMVqXSySpR-dXcf5Czy3J2ObNd7yJwN-Lw0Wxa16aT7eQJBCA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:14 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4431259
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 01DB 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 22:12:07 GMT
x-content-type-options
nosniff
age
213788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28276
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 22:12:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 87C2 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstqsajlcAyCgQB3AnkV_MYx2lEWU0XHc4epIhSFWSQwLu-cBGrJHooZkdTaIbBaMLjfouAUV6IGs83B8bg7nz82Z4mpdHm62dCl-IqLL3VHw7H4Vop9f42tgWn4adiBe5WLQjSMsFFlJTVrdlQhiK-KZniQnfBFJbmRyN8JouV7Hra8fb3IZBzdRodlnVCVLd8izmncJY3NeWkBXfYElfq1R5WOkKLF3Lu4CALSX2_jgnFgz2DExuwOzSU5OyvW1D0ziFzyNclzu7t5mgerovJSpOgDc-5wbsIbryv2vgLF2qW7Qrv0pEdPY3zHIqsWaxnu0UHTVDbjXoskBrDFBX5JX7NetzFa1l_6elV-qarkcqJZ6TEnsysj8QVVdU7ZUatYlQtis7pRoLZORBWTLkCV4--Cuf5U7gAQ6SRpyhdIzRcfPn2LGtXL4_wZIqECSqK_sPxsixN1H4IuBdn4xMB5Aw2dsQ62fnxAvvwXWDyU4QFOoTypNAuVw0WJ82BrkqP5FxXWKBGezYpphetb5nKQ0R6D4wDdNk22BAwtT_Zwjeg48oXZzsjOW8jy94rWpSx8LRQChenc-AMpX955BV7xKhgXIqNXCJ4bZecKGRRthBPzvHOdT_LDYb9XOpVPhV1sXe_RiokF3NscClHQZIxU7C3s4kI9vYUfNTOssxL2FTPSGpapRG5Sqj-F5mFXBkZVW1TpZE8PZdai6_RBUPgUXMli09pn0jlYcMqe4mPz1wJi1blNb5FiXXRtfwZrtNhXpETlYftQjx7S8JaTzkMBf1Y4om-B0xKjUz5QE3Gf5b0BLRrBqAzHr1wl-NR52mK1Cg674W4f7usdxwGARxD9iAXRR2jQv1jn2qu6P6y1LTGhkDca4pTenD4LKATxOpELuG3ES1AAZrY3suODEnmd9pOWMqlFD61fSrQ_SuxgT7MWZrRA8l0nJteXnltdfZI7TJqfvDzjToO-gxMrPGZTc8To3E0ldGsSos8zeL_a25acuIic3RVZOKaWM2WMWyeZQKgiPxoe0pcRaa5tMRXzABWXZeK87-USnr3foLUznwDXSZIoiHY7C5a-vM-C7iR5wHda7iVJmoHSIdQIGmfqnBwpNS0GI_P4nAQ3lRH2UUOJitea8U8_p8RljT2YrGSLwpE6KOUY5isE4v_g3YcM1AXHM4LapBtW&sai=AMfl-YSF1vouZB_-PA5KHp_sNMjRW2ISAark07rVYIxMOLcG8EPvSwNDFdGIfcZKxzEm4ssyt8WD3_GpllBPFnT8fJ943MJwPBhJ5F8jdRU4T74cS83ZXrRhliKBZSMxU7Gig1wM5uKxq_vir5l-c6gyDR695pljGkQ35NTgY3eBslZwfuTc7ZClWTr9iEQtGZHUDUoFUkDetGpygdL-fwXoCY3MhkJscYoQX8FTWy7efVTpfSGJU6fmq7rEgFk-qCa8zCDlL664YcB9nmx_LGuyd_ajb507dseMlvOdV_S1pkls56FA4OxzDVp2_SaASoNyenpBp0oCUtezOeaK_9j1TXMXjW0SnKi6sLlGuJB3A7MqFpEQD_TQuIqhAL2Up6SlWqw2gGvgrllKfdu6zLLSrFA&sig=Cg0ArKJSzOb5pBmYIKTPEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=668&vt=11&dtpt=667&dett=2&cstd=0&cisv=r20220427.43154&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
diberp-tcx-v4.29.0-v2.js
americanhometownmedia.com/static/ 		337 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 02:59:06 GMT
content-encoding
gzip
age
2442969
x-guploader-uploadid
ADPycduUWG_Yj3tGX64yE6NEobUtLLsTSsVggnoQ356y8rT8POkFoZhekmxopTGegaI8z1H4fDQBjrME1sIVpey9fn0gRoPlXQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106099
last-modified
Thu, 04 Mar 2021 16:18:32 GMT
server
UploadServer
etag
"02c7b9ff3fbd84a1b8d93e95e255b626"
vary
Accept-Encoding, Origin
x-goog-hash
crc32c=2R6v6g==, md5=Ase5/z+9hKG42T6V4lW2Jg==
x-goog-generation
1614874712638160
cache-control
public, max-age=31536000
x-goog-stored-content-length
106099
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 01 Apr 2023 02:59:06 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 2FE2 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 22:12:07 GMT
x-content-type-options
nosniff
age
213788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28276
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 22:12:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 3108 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:47 GMT
5599698912944845917
s0.2mdn.net/simgad/ Frame 3108 		361 KB
361 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5599698912944845917
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b230f3d61a83636d45f6dc7e0f2315f76fbcfc597dc032f452c3cf7b523efc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 20:38:54 GMT
x-content-type-options
nosniff
age
219381
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
369728
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 01:35:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 20:38:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame 3108 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:27:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3108 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsukd0FpNiqc0w3_qIKOWvv6gBMYJz_G7sFnGjogat_AeW09MCz6gxdC-NJTGjAR7DgODPT2geBGv5K_kbi4MjiyEo9rO7wNmkcQOUoN-6T-psxneCLpvcdoLslIftZ_6S9L_alU4yuARFDaLtYYf2YRPsuObekRgnWIfcbDhgjsW26KWA1JARxL1b1dVmypJF62R375kexhyl7vPeU2h74wR0PEQ7f6e0fO-zRr5LoeZY4OPAvitnNVSB5MHl27cP9Qcxa2ucIkr5QC3d99sVshW0peMJc3oqbo8glsuxiOwzv5Yq70winLlKcJYKF4ijtLGzcM3EtbOdJzFwNzC76tM-6T8ASZaGn15sP1-BThHSi-3B2YyIUzKX3AuJZDYItFNr3OSTgahcPCDoboDr-Tl_in2iw8SUQpd_Nppc-BKa5GMcmYBMueC_xEFJD3DpGlWYA2s961ToeMhCmXfKTZI3_slf9MPhXWJbz_Tq64incAqmcGcZnH-Z7iLRYQ226VOd77CxrtfaLI_6J0m1osSLbJNW86ib-t4KNj0m-xLoYbCagFGC8c138VL1EGezk1LBixsbJ9u7yXx55Avd_IfrH67NF6jDoE2LnvGvsVoP2uA1Ps1772V9Ae9zMtswR5704tvwQ82LudLnzjhjcSVwqXzNDIEVzR7V2soZDiwmOamKO7Qq74Ywbx2bq4koUzR7io1Mi40t6zHvjv8sIkKgMWS7d_VOITDTR41dZxAsv9vuldTH5YnEithDJC9vbnF3GpPs_sXF9CUiGDZ54MmtLLRj7V_P6Usxnxm21T5hlxm2BPlatYDe5dLnvfYpgtEF6aw3T7Mb2GqeBQInugRfRD-BOTpMgag5bkl5czoGqRJrkWdBmt-QVrHRNFuyp8whPfmN_J7Q7Tu9cZf8iIxeXjAPEndzO3-y-zKlbtpgx_xmEmNB9VjgG7rN4ozaKabARrCXvSjcMLdNCw8OONB2iGniu7hh6myRKemx3ojlJR2KUffCyZZNLtdw0I0lg22N0_h0kp81dFsZ31WENEh7Rd8sn0_jPmS8T8fLVkpH4XNJ7Aw5N99zoH6XQ87IBFrYR_tuNoVriyFBuWHSyBeEDJMmLbDTd_XYPWW3Jz9jK2Bk4xQPem2A6QfUYGqnioIcygSgQpbakxZ9YgRb-Bp-7gawM_3df5N1E9ZoBBkxiCm0BoD1UG8qwToKxFjAQVhxBdskbJ6IMOPOY6-2rCRzIy5g9Zmz942MBNwVHDS2udUzjT-fEhZhIBWgC2qFSAvtgdMa9tHOCf1orqkfpprdupR0Ak_CWfNbLKQ-pV1kQRbuZ6&sai=AMfl-YQmgeOAYdqwcbZ2r6NUajcENKgf6XwCI6q5-EzBix5i8eTeRKaGk-h5eBeZ_a889x6Blk1G1siwlXpdAU47XaZ0k2Nslk6HLrBeH6gXdkMOMv6an5HtKK6qIz4jWMhjUBUvJlRgk3ZwVrSZ0OlFGiqpGfRHKWieKYsH5Ipg2wHjgRb6IYq-epNtSEhE8kP7jwfutqOpSzdagqG_e2iO92kWR2S1qQY8S84IJ6kvbVuI_0wSaQ&sig=Cg0ArKJSzGBvHgGYJfJjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220427.22071&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-NH_Hb7jfVcuPGuUlBcBhKdR9B2mkZGNMyVnnzHM0w1trDRBJLDwByA3FTyULxPA2djSbtdu-V8HjGqbuQuhD82La8Q&cry=1&dbm_d=AKAmf-AV0hpkJUecEa8vADD-SPALvotp-5VyEpw8lV6b743tCX-JTi3xq9umZ3FKh-ri0cUz80m9v7rTvCRufOQJ_49Jz3WfDRNFVl4ogqGf5JwBP5BKAraV-UZ7z36FtedC_Dp_Yvpeome-sX_J5fsAh24ajASMxNPWN7pN5nk9-8zSMcVaX0_Wj8xBq6esLDXXa8PNVqArHAFpuGH2MCccjAMY7MHZU4xyBYPzVgdoPpguwj0Cjl6VLG1KFAACdCq7oRcGN9mFOMFMfv_ahWq_d18aiIrgcecb8eB_7Tv9sAxaY5iX9SnEQtm8AI6xahjiyN6su2p7RX5jmzbn3TjoL4tjoOwQUTGekTXJTiiu8yQQka63UXAwFLDqTpVhxfNkOGbkHfHQcZFHOEh6jUfn3q24KBVOJaYHUKYchJRuFvjn1gEpvLZ1MABJyLK8q4cw5qUupIViOExNrq9pTXVVoq0CVfOigFvnFdLK2alfCBSKus_7b_62EzotN5PE0ZXYUmRpaU35gR20XM6PARc1BI7D-s95o_DXeZla6v4VYhUsIFnS-GMwaT-Wc4leZY1UbRqCQ-PH9nF4F0jQJ96VmEogjxdmaoigPbE7Q3FoUfK6hNUcgU54cZDvPbZrg0Ixxu0-aLfWVaU2g5CuDtGiUlphgy1nHqog5ZW5dKD8lgNHAIfNnmTbu-0rHCwzvvPDCRUPwnAnC25A1bl0iSMAzdYBPJQrDnFGI-utVlMqPVXH3ISxmfMf9zYpRNElESdysGoPXDcnaJO9HZbFx-HpZGftMhMEkdXGrXWMCjwgH7AmL5e07u02obahZxvZR4iol_mcElMAVlCuBY5AH5SbjlJ0qdGKILForME7B0KQajzVExHpXWa8iB30KeN1_FylD9iTCjea5-dSxSOfAV17CdrY-2EETwGLACm1mEROqu6FIBEDxWd5ryLaS-jo7cx1sTUH4_7BFG0u2htH2z4fWn7UJcmCSdtGPqeBArEkbkeicRRC_TAkbYrCaPSOB_-KI_i7PkKO9tg1WRPZUAYq8DmXNsLoYaewAI0Em1U5K-EMSsZ_a0dSvMRisqOiWrdSotYHBVhy13VDDDGptSlCzOZjzLvKKZ9Q9Mu5FUOTzxq_YRTqkfJPoCoHcIYkXmPo-vGyo4MyHnvsizDSzbjhtdGEEpNsurcLUBudDnYQkoGpBx22AqOfEkSAjpq8QSIkb7pQpY0Jt_YX8yp__U0KTOhkJqd9GNMJOdXvjiOWmamAzmBhh0gdniwDV-7PvuPPf5PejNhG_3Rif-2DCwjE5BqHIUgB3qN0RGdR0iUZjS1rLT3isaTfHJXzkZC3_pxOOJKit0wAtBYcnyttIupOVnJiwbTszNg7uhIS5rMzimxZ5wVY3w9-d1DFO_4pJv1inzVfrd0KXR3DhmH5IOQT6b6n1moiJFeloJN0xWlCZIP5gZsSLKGtBCcTR_s0ERbIToWltX21RVI19drhAFVqo43ieSLsEiNqUEsTghSZ232OIvChzz5uP5aKbPjMi6ilXIOqm0b1kkLhlheoqBuW7jSpabgmVFJ6N6KGoH7OLCTvvsUVAABaSK7gQlPN9OaasZuLgGKZI797SUeGLMfn6KVRiKe0LSWIexsqAYeoDJh0eG0KMdA34NR77ihp3L5sN1i3yYWgXZi9uwEveRLyxlXlMssGUrkdoqH1hUdwySUJfslLTdmd9VHuvi70_e8B8tnKkfLCaY8uPEN8SvUQDzs3vO-fFgqa8XCx_al2_eyP6R7Gr2jtCEMuL9a3rAerY4q8X9zmAE1-htNj62SSAgJmLV8Dc672yere1oPy6jKENbSl8EUTqNCmCW0kvD3QgQUA1-avOlt_42s2uSqHV1xpjtWTEizQPF4XmlmdySsdVmCmwZ0XbHFs4NuDb7AURzuHLGEmdoJaCyrLtNcygaT97U4e8QYrwkrNkwnxzOMqoD8eEzXaWO1vwawNNbGxB_eE3P3K4YSQn14IQxTKkAWJT2J14X5ifVHS8ZVvnu_f9aPFWaqYomqfaxum3N1R4sd-9lQjRcv6VAbIeNpUQR7NEhhA_cdKIp4OiOGjRZikOi8wlFJX2efACRfrFJxVbxGRdWe-Tt8DDxciPV-BlNBzGWOHOydPwKzkB98SDazBumMw7tDD8Orcw79rpn3JJp-AeiSQlEV9ABdWcV3vA_6ERYN3HR6DR-kvtq85xKmp3FveN8lVjqgjickinvUenz-KWm5vTqCp4MVwJc05Eaqzl_xSK8YM9qKzA4-2hyTTIOXEGeYAeW6ymW2mvGZRr8CQwPVyB908QyUISVHpPtX7GjjW7VQ0SFBWruIqKAJCiGKN94tRO-grnV_TtNnFeGrklSQgKYe6xemOMebPq0mJyup4EQ_smgI4_aOn2j279mU7AarlncR5fdEhJ5QIFg1oFPfMh_lXjxdGHAbrmx_1UGaXeKJibnXHxO7pGAXLBPJjuPSvYWxagXXntc3wwoBwT443ui4i81Q1YdB9g5W6GRHz-nJ-XAiiyDgwGIKAaraIVquG7mtAqmHyKIp7M3wGqt7PmkqdYEQZrDYGBcCgxUhGt9g1R9xQDyI83Tx5u64if9JO6_L3EUbIUFHwOo-Ivi-381rquV4RgRREpQ3Ibi7zJwFLvS1yTiW6MyyLYIyVE5SooeCDmd3HiFwD6Kc43PA_W_WA3pLfe53pZXDXWXb9Vaa3zjNt1oB2rvNq9tLH0uLUePcL5BKMlaRuSxVsjtLaaLuXc3IGtWtvl4hxxbXbARsYPetv5EH4_xp5tLViSc2u_yZbFw4yonJl10TP1qlKEdKPF38QTWJyrCqdJsmaY6BlPUuYhtrIVd3ihNrnTeFeTBAmRZw3MKWWnd2fCEpNF5ecqY4XjoB6C0uqnoWEf_64dAxVJS7uICGrg5YA-ofusSbqg2VUbUVUjYprT9f9Jil3EGW5UVTmPSFM2diMA2Ov5AurnswozAWCkuqxueMd2MwgItrgPNE7YTG9AgTrH8zy1FySUXE0afWDWXTImv21g6cCrRRZhLvUeor5ZCO6c3eYUPLFoiW-1j_8R7a0RPR5YSO4EUXbBU44V7-8FiSDCDflBJ2V3BcDXpW0YFIeTYjzXvej3eL6IscMhfcxy1YCcEHma3F_JGc58oMiOTwq5eDfi1N9-LXK1mHqtiE&cid=CAASJeRoaAwZcCwgIMrB9_s0GMnBkARskRn7fhD7Tnn4xLu2-yC9xaM&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 29 Apr 2022 09:35:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3108 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233649
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 16:41:06 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame A601 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:25:19 GMT
content-encoding
gzip
age
595
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
095K6T3NB79CGQG4Z6RK
etag
4abd427e43cd6822329a2c05539e321f
vary
Accept-Encoding
x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
5DBCLIMpaRk810tc6sy7CTLlcOYBA0ry977dPmv6hfxztAkPZUw_cQ==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 1B9C 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:25:19 GMT
content-encoding
gzip
age
595
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
095K6T3NB79CGQG4Z6RK
etag
4abd427e43cd6822329a2c05539e321f
vary
Accept-Encoding
x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
9APh0-BoEHfEEP12HT-fzccqZTIEVWAruYTyCAYR1zyPORHKced9lA==
truncated
/ Frame 65A2 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e56464c792e6d5d87d73ab24cf31ea116d993f84a191846183803462fb9c7f1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
all
csm.eu.criteo.net/ Frame 1429 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=eK-rkCCe63pgJS8m4IJag35X8gHL_pLtTYORLtOJaCXq3wNdcxEIU5Z46kK_UNG-ra8P8CU1w-DlkJkJemCJimeeESl4zddAEnSvTDD7obm00gJ0hEn65p-3ihJxwFfmSrOsojdLommBV_O4U_iRWcivtCClbpHsPjVKq7IV0Z_5BAeWofmYhHkneKRDYZAhpoGrsZ3YXnWReZFUTBI7M8bm3Xy9ogUO5mdZlJDTzQGi_oKpEHi66nNjaFOsCDtOaI_h0bIHdNqJur_K&sds=2&rev=81333&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww&u=%7CzTp3kVNQobBeWaVJs7DeNUC6NI0BQ0R5ZFeuKtp5Rnw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdmjbN-pVanZKpeyPCW9n_GeNVO1CFH1rDBmh2JqM1spQT5uTde_7LxAQAaYWgJ_M7GY-UvH_dN0RPnTjcmM_nYfNCNd9DHiP3pAUInCaNwOrfxUMfdox3EoF63tiEpMEGviXZdgBsMdQmi3CnoDrNaPdGCc_4v3xMLuEkFWGjZanjGi1ktqIcz7GrXIz92fLb3N5OxAthUp_l42DM2JeobfQbfVN8n7p14u7N4O-u4pw_1pJOtWYItcmEO44SMJC1rM7CKPLJ-ENOEBqq3ecFFDNwmS6eyJI8WBk-ay59AWOHyKbPQliAW_O3gZTee2NlKaMp9K8al92UCBpjBzLQnkPbH9F6RI5EunTymXXQjuHr4Cq_kXRqtLA_Ia2xoykXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHOQ_TrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv67-4Lj4wd-aDEv2asaVi8Arx_SsK0pSAOtFINTB21xQIcWKXU8arW7fDgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Lc_rIBiAirvBeievzCHp7qCxMkg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Apr 2022 09:35:14 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1429 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww&u=%7CzTp3kVNQobBeWaVJs7DeNUC6NI0BQ0R5ZFeuKtp5Rnw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdmjbN-pVanZKpeyPCW9n_GeNVO1CFH1rDBmh2JqM1spQT5uTde_7LxAQAaYWgJ_M7GY-UvH_dN0RPnTjcmM_nYfNCNd9DHiP3pAUInCaNwOrfxUMfdox3EoF63tiEpMEGviXZdgBsMdQmi3CnoDrNaPdGCc_4v3xMLuEkFWGjZanjGi1ktqIcz7GrXIz92fLb3N5OxAthUp_l42DM2JeobfQbfVN8n7p14u7N4O-u4pw_1pJOtWYItcmEO44SMJC1rM7CKPLJ-ENOEBqq3ecFFDNwmS6eyJI8WBk-ay59AWOHyKbPQliAW_O3gZTee2NlKaMp9K8al92UCBpjBzLQnkPbH9F6RI5EunTymXXQjuHr4Cq_kXRqtLA_Ia2xoykXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHOQ_TrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv67-4Lj4wd-aDEv2asaVi8Arx_SsK0pSAOtFINTB21xQIcWKXU8arW7fDgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Lc_rIBiAirvBeievzCHp7qCxMkg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:15 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1429 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww&u=%7CzTp3kVNQobBeWaVJs7DeNUC6NI0BQ0R5ZFeuKtp5Rnw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdmjbN-pVanZKpeyPCW9n_GeNVO1CFH1rDBmh2JqM1spQT5uTde_7LxAQAaYWgJ_M7GY-UvH_dN0RPnTjcmM_nYfNCNd9DHiP3pAUInCaNwOrfxUMfdox3EoF63tiEpMEGviXZdgBsMdQmi3CnoDrNaPdGCc_4v3xMLuEkFWGjZanjGi1ktqIcz7GrXIz92fLb3N5OxAthUp_l42DM2JeobfQbfVN8n7p14u7N4O-u4pw_1pJOtWYItcmEO44SMJC1rM7CKPLJ-ENOEBqq3ecFFDNwmS6eyJI8WBk-ay59AWOHyKbPQliAW_O3gZTee2NlKaMp9K8al92UCBpjBzLQnkPbH9F6RI5EunTymXXQjuHr4Cq_kXRqtLA_Ia2xoykXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHOQ_TrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv67-4Lj4wd-aDEv2asaVi8Arx_SsK0pSAOtFINTB21xQIcWKXU8arW7fDgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Lc_rIBiAirvBeievzCHp7qCxMkg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:15 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 37C0 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtWG9KWrleknI8YNwaqJ2TV0n4Rd2eWderLGHnxVptfosShYpypM7mOJVcFXltegXs8cYuQ75kWQeaRO33yzm8yY7FmQ&cry=1&dbm_d=AKAmf-D9kIs-QoFMK5n9L48OFuoBfhcZWYJfgrzoEgUWq5LqC_TEGIqX7YLYYvJXLafhfiS9k5O7x4GHh_qZhlGhcDBR8VXittGsx7_YLL_3Y6bAUPkNvRaN9CM0s2bCX8o7mo3aed8xgGS3RQyORYbfqHUhGl_OrMYHh2bToaNDNPZxPb4R3UIYgWV8WYrnQpiyiI5hWo64sg_kiw7yQulgAOWXCMZYhD5j_rYgBGGiLHaYwxxRMFWP0hLq_gSSIuzaCCC4lSv_D0F4GUCVxa2ud3hOt3YCF8_cRoJBqZvjDXSdK0Bzk94Ayr3KAK8iY6JLTIRDpnonF4y0PCDyeGU4JuCVWJkWV43BDq5aiMNAO9lkRQcBFbukZ4XaEwtIGql4AwFHHitzwBXfjthcoslsNzZLiSIvgt66PH3fwV10DZJ5lObo04WzPoZD1DhgqIruNo8mLLjHTMLUySNarKgJZ4HcOxibLNJ6Z6rQzol8JqTiLgcOLXMfhfqPV_rTSEP_WgFgi8vPj2Nsm1qncp0DhSzdk_OoAh67AZQZgPP1IU-P7TP8aQt_83kgmtACUFxwhT8SXyY4yGvenZiOmJnPGrhu1JE0gMyYkKB6ZB-4VSamA4HJFcRff8zflnohB1_6OEiGt2FPdBdeANQX_mLscPxxtcFjgn4CneSuVXiM7M_bqDvPOdU0L0oqZoTGRyAOZUS59eHHTbfd9hnEYokOQ3QioYzrqRYfa4rsisHZu1ih50Xzg0UeHqG88V8NZWp3vznngPsOPrGMOQDkfYvMyDfg6vDbwZAcQYdJ6UcV933KrPzNSOmaSI8ozqQT8KYhukNrYtXuwl1obJtDl5Umk1pQff1yHwbIZ8ByMZZxrf_McEC4KyuzvF-713MFyHP7Qixq4M9FtNyWuRe3mUaA2c1Z6dlqlDT_abCH_bT_v80Mi00wr9Xn-zTUUfGyevhY7Wbq8S26lsx1NdMvYYm65upb2KhciQ-3Az0NAywBWxtfqSMWpTj22cGq8GnPkbAUthJE3IDWCoNnl8eYkzJ8qPGXJJhUeYFZRFJ82Lth0gUVlvbAM3Y17ShVsBlgnGuqJGRuSuK0OsqwDi0RLTwprV-ruZFU0AmO8Yqnu86esxoqU5NM8SqHjzWkvjUKfbDLf0EaaI3Uao4P7VJIa4ufl-yHmnnJQXqjVf_zl21xbMjGdZ8xkV12KIm7D2WwzixRHSEbUD33dueMU0TM_ylIOw6P6HfK1rkkKDAjJ14MI3Yv65iUC9ds2gFzVOwUGFqqpZjsGQ2uzeM6O6_Oo_pQO5jDjBTAauYdy_hivA9FFtN_m2puzKHIdg-FzwrRAwrH9VBPIWEVk99Ri2pOwGrxuqlwTZc3-9J08UGf-A5enxrBWd5ErSz4lNL4s1c-VP7-Rp97Rld9SGAUAlVZj7c8LqYodjawDFYeMkDnyERdoyBR2wA6g4NCT1Hf5RBlj3370I8c6SJw8GXY8Mr0RKOmu4huXMrUX8Y5AY0KDrkIjw9Z_Eh5ugTU1jiBYq1pCNH_nQeUv_iPvFP0W3EDWHDpAodtiwg2udSGG2MsTodbn6hFccTFwPasbVRMGxY0ARyo2Kwkc5l538vl1el8QbAlZMfT6Wu5Fy1yfQomIlMwNgrDPr64ZrosJ7Jno9cuZ-M8YXWfW7WL8UPQdgPWRKX10GfA8zGKttQHZmm4DXKX17BpSWomW0iq6h7S5XkOqr2gHmtAOJi2GLp0b3mirM_mZ2RB_3uDpa-PaB4WtA3q30gCE3vNsBr52kLHAnf_43hS8Euzvx3fJAocYVEog2WygHO6tS8har_ZS2zHIr2r2_6JMCiDzcHumfafEntoS5gm3Do1KHzxWLFbSdldryPIJrgFEfr_Sc-kHbGCKpNuUnm5QMBmBJmEguL_nNeu3XFtitip9dnjZfVJgCGxkXNnZp1FBckDkZKQ1jkUMjyJ7F_b5wLnymLxHQVSX91mOJF1on0c5Qg708dtWNeJz5Q18z1tA8q5dc0U2rdrdNmwi9bsBdOOzE4OLDfZGB7GU7YSdJHFj4l7sG8RJh37zrlK32SQpGKUUXYsdPqPREhPK0nrHDABAJLtgmZQTHQQhbs5TFygOHmNeZOD82m716w5WUgOFa3nlrvWGDWvtVm6x7AJadEoddB4J8M_-hqPUQxtaEU7JGF5ZjntgavW1xPB739AwLItd7n0xbKv7_IdDKtLmrFm9AZDH2JT-fbN5C-GRcTkyp3IQtjsUoLbCeV-uS8MZHckEnFHstrCAupXDP8Wl3XULbbDfGqHCpbLJr8f3c2-v8KEQK-jIO-GUFBWjcnEbLvIKxDVlvGXiia5HaM1YrT4uEun16Nk2FZjrzKx54YNQ6aVbr5GVcT6ZWegRDjPQaRTtSyh_YXM1ZK_3AXb3opzC37mm1LNQaqh4271ShISiFsVA5DhMdJgqG22rsavf9Zki1qMCxxMxQ2_7UbsaF-L-pJXma_kpXuIE6eXoEOWHGEBpZcnlbJnztHyLnLz6csNwr_GrW2Popx2KcnTSN4id1-uNFie0SjVP1TMrdzFQJwuJlQNwl6_iWO1eMp8_ym-OtC50hvzR-1ymaMCpK6HoEi5f9jzJGdIKteY3K8KKSJnuy4D96RrE-zJVGzpVSFfqdaamHdOnHg1gNiA5tXP95uiQoPMppFIMBYC7yDIwyOZFQzscFo_gQyTD4A_KBW5JOOw5BVDJO_nN6HgwgSwkCRZBqsqs-iMuEtLorQTsvbqWLFlGP6dV_4oLzIxIxSLNmtsXxDOnwOegMYGHq__odSyT3fe-kufuyW53PnYVVSfK-QuBcFrLOYLVM3xyT3SyfOgJxbVzATXaxz0K_ehvI8yZMOm918gJgZfwsn8ZIucupuyJlHXZOveSBXI3FvjqSZ0lORW-if1ncBpLM9VYmikJ88Rd7aPpjutWHC9AsaV_WZQLkAJjlXr1X1mHLp4HobgJQbHk3HxfjBO8TG7SN_MSXCobBmKlcDmQhVoX59Cd1DSGYjLaaxv-ukXRSm7YE_usyq3b5ijbx1f6s4eDLbWtxondEKbkHFJ9lRabjh-XLNFWEEtu3r64LWB2X8FFDz4ai3xS53_e0I9_EPZ-K_UgJTNkTfvmSuYfkhqL4bFa2JMKacsQxttDfvs5UFF-BApSM441duSphWiooKwpvln4R4t-dHjIFGrE6kUhPz4NWT7vTdBcwPclRr3iNufMxv73XtxtEJvlKFCN_gXvnZQcQCTmhSH03xPEMPlYFdIRD-ooX_Wk7X7ICEUwaf-1A9z9-FT-As3-3iamkokeIZ7VKdX_s1GsL3dJVR7K_nW&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:47 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame 37C0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtWG9KWrleknI8YNwaqJ2TV0n4Rd2eWderLGHnxVptfosShYpypM7mOJVcFXltegXs8cYuQ75kWQeaRO33yzm8yY7FmQ&cry=1&dbm_d=AKAmf-D9kIs-QoFMK5n9L48OFuoBfhcZWYJfgrzoEgUWq5LqC_TEGIqX7YLYYvJXLafhfiS9k5O7x4GHh_qZhlGhcDBR8VXittGsx7_YLL_3Y6bAUPkNvRaN9CM0s2bCX8o7mo3aed8xgGS3RQyORYbfqHUhGl_OrMYHh2bToaNDNPZxPb4R3UIYgWV8WYrnQpiyiI5hWo64sg_kiw7yQulgAOWXCMZYhD5j_rYgBGGiLHaYwxxRMFWP0hLq_gSSIuzaCCC4lSv_D0F4GUCVxa2ud3hOt3YCF8_cRoJBqZvjDXSdK0Bzk94Ayr3KAK8iY6JLTIRDpnonF4y0PCDyeGU4JuCVWJkWV43BDq5aiMNAO9lkRQcBFbukZ4XaEwtIGql4AwFHHitzwBXfjthcoslsNzZLiSIvgt66PH3fwV10DZJ5lObo04WzPoZD1DhgqIruNo8mLLjHTMLUySNarKgJZ4HcOxibLNJ6Z6rQzol8JqTiLgcOLXMfhfqPV_rTSEP_WgFgi8vPj2Nsm1qncp0DhSzdk_OoAh67AZQZgPP1IU-P7TP8aQt_83kgmtACUFxwhT8SXyY4yGvenZiOmJnPGrhu1JE0gMyYkKB6ZB-4VSamA4HJFcRff8zflnohB1_6OEiGt2FPdBdeANQX_mLscPxxtcFjgn4CneSuVXiM7M_bqDvPOdU0L0oqZoTGRyAOZUS59eHHTbfd9hnEYokOQ3QioYzrqRYfa4rsisHZu1ih50Xzg0UeHqG88V8NZWp3vznngPsOPrGMOQDkfYvMyDfg6vDbwZAcQYdJ6UcV933KrPzNSOmaSI8ozqQT8KYhukNrYtXuwl1obJtDl5Umk1pQff1yHwbIZ8ByMZZxrf_McEC4KyuzvF-713MFyHP7Qixq4M9FtNyWuRe3mUaA2c1Z6dlqlDT_abCH_bT_v80Mi00wr9Xn-zTUUfGyevhY7Wbq8S26lsx1NdMvYYm65upb2KhciQ-3Az0NAywBWxtfqSMWpTj22cGq8GnPkbAUthJE3IDWCoNnl8eYkzJ8qPGXJJhUeYFZRFJ82Lth0gUVlvbAM3Y17ShVsBlgnGuqJGRuSuK0OsqwDi0RLTwprV-ruZFU0AmO8Yqnu86esxoqU5NM8SqHjzWkvjUKfbDLf0EaaI3Uao4P7VJIa4ufl-yHmnnJQXqjVf_zl21xbMjGdZ8xkV12KIm7D2WwzixRHSEbUD33dueMU0TM_ylIOw6P6HfK1rkkKDAjJ14MI3Yv65iUC9ds2gFzVOwUGFqqpZjsGQ2uzeM6O6_Oo_pQO5jDjBTAauYdy_hivA9FFtN_m2puzKHIdg-FzwrRAwrH9VBPIWEVk99Ri2pOwGrxuqlwTZc3-9J08UGf-A5enxrBWd5ErSz4lNL4s1c-VP7-Rp97Rld9SGAUAlVZj7c8LqYodjawDFYeMkDnyERdoyBR2wA6g4NCT1Hf5RBlj3370I8c6SJw8GXY8Mr0RKOmu4huXMrUX8Y5AY0KDrkIjw9Z_Eh5ugTU1jiBYq1pCNH_nQeUv_iPvFP0W3EDWHDpAodtiwg2udSGG2MsTodbn6hFccTFwPasbVRMGxY0ARyo2Kwkc5l538vl1el8QbAlZMfT6Wu5Fy1yfQomIlMwNgrDPr64ZrosJ7Jno9cuZ-M8YXWfW7WL8UPQdgPWRKX10GfA8zGKttQHZmm4DXKX17BpSWomW0iq6h7S5XkOqr2gHmtAOJi2GLp0b3mirM_mZ2RB_3uDpa-PaB4WtA3q30gCE3vNsBr52kLHAnf_43hS8Euzvx3fJAocYVEog2WygHO6tS8har_ZS2zHIr2r2_6JMCiDzcHumfafEntoS5gm3Do1KHzxWLFbSdldryPIJrgFEfr_Sc-kHbGCKpNuUnm5QMBmBJmEguL_nNeu3XFtitip9dnjZfVJgCGxkXNnZp1FBckDkZKQ1jkUMjyJ7F_b5wLnymLxHQVSX91mOJF1on0c5Qg708dtWNeJz5Q18z1tA8q5dc0U2rdrdNmwi9bsBdOOzE4OLDfZGB7GU7YSdJHFj4l7sG8RJh37zrlK32SQpGKUUXYsdPqPREhPK0nrHDABAJLtgmZQTHQQhbs5TFygOHmNeZOD82m716w5WUgOFa3nlrvWGDWvtVm6x7AJadEoddB4J8M_-hqPUQxtaEU7JGF5ZjntgavW1xPB739AwLItd7n0xbKv7_IdDKtLmrFm9AZDH2JT-fbN5C-GRcTkyp3IQtjsUoLbCeV-uS8MZHckEnFHstrCAupXDP8Wl3XULbbDfGqHCpbLJr8f3c2-v8KEQK-jIO-GUFBWjcnEbLvIKxDVlvGXiia5HaM1YrT4uEun16Nk2FZjrzKx54YNQ6aVbr5GVcT6ZWegRDjPQaRTtSyh_YXM1ZK_3AXb3opzC37mm1LNQaqh4271ShISiFsVA5DhMdJgqG22rsavf9Zki1qMCxxMxQ2_7UbsaF-L-pJXma_kpXuIE6eXoEOWHGEBpZcnlbJnztHyLnLz6csNwr_GrW2Popx2KcnTSN4id1-uNFie0SjVP1TMrdzFQJwuJlQNwl6_iWO1eMp8_ym-OtC50hvzR-1ymaMCpK6HoEi5f9jzJGdIKteY3K8KKSJnuy4D96RrE-zJVGzpVSFfqdaamHdOnHg1gNiA5tXP95uiQoPMppFIMBYC7yDIwyOZFQzscFo_gQyTD4A_KBW5JOOw5BVDJO_nN6HgwgSwkCRZBqsqs-iMuEtLorQTsvbqWLFlGP6dV_4oLzIxIxSLNmtsXxDOnwOegMYGHq__odSyT3fe-kufuyW53PnYVVSfK-QuBcFrLOYLVM3xyT3SyfOgJxbVzATXaxz0K_ehvI8yZMOm918gJgZfwsn8ZIucupuyJlHXZOveSBXI3FvjqSZ0lORW-if1ncBpLM9VYmikJ88Rd7aPpjutWHC9AsaV_WZQLkAJjlXr1X1mHLp4HobgJQbHk3HxfjBO8TG7SN_MSXCobBmKlcDmQhVoX59Cd1DSGYjLaaxv-ukXRSm7YE_usyq3b5ijbx1f6s4eDLbWtxondEKbkHFJ9lRabjh-XLNFWEEtu3r64LWB2X8FFDz4ai3xS53_e0I9_EPZ-K_UgJTNkTfvmSuYfkhqL4bFa2JMKacsQxttDfvs5UFF-BApSM441duSphWiooKwpvln4R4t-dHjIFGrE6kUhPz4NWT7vTdBcwPclRr3iNufMxv73XtxtEJvlKFCN_gXvnZQcQCTmhSH03xPEMPlYFdIRD-ooX_Wk7X7ICEUwaf-1A9z9-FT-As3-3iamkokeIZ7VKdX_s1GsL3dJVR7K_nW&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:27:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 37C0 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuo-Cs6jOJ10XOQDVqZCdl1cDzqnZJz0S1vZCpyCquxptLJ3WX679N1mywvGWawDWVE-UNIRf8f4W0uvrr0hah9ri5h3TYarSwQAp7Yqn8Q-wvQyFG-BQLu4B_NtkxgK468eBYtVABeRZBr7ziX81_Bgt8yLarz6qnD-OIyb7Ai4i7MbCdAJUlbBrso6icu81uVb_ic4vDGI7Qe-bn9wl6PjeGsx66F4pmXpw93Z6HN1COGc8z38hlRMGkk8KK8uCZF3HF7bvpeHDsOTweHl6wUOt0XLInGRr1sMiiODgSGQTtB8HxviFPrrKYZqjwre5KoygpoWVCOZ2Lg9jD8HI58452FWiEIOzbZzNk5GSP05Ef_QGY64CYN6zkRoUS_UxQReJ0FlyIF88SlyyY0SKlQsD25CQP3XuiQs9jCgIzNDYiwfjfmQgLFLaCEVBbD6kzolyD-LoJX5CIjzXWjBYxvAy085wMzeHwAdvfjwCjKxUfYl1O0bPFSTaqE6xTWOT4uqmbFbI1CmG3ZyIqIxsaeFfePj2pLmKIH7q6UtheqTqL_liAp8wTAKhzROYJeY0Y-YPwhXxurgsv7FGuIObYzO9JwjGvaLZy1_tWt8eZHpX3mSRipfAfPn_4FSZouq7JCE9DerBRKnJVwoF5Il7CGBXj5uEiQnY62Oyb7HWTSbJy8_JaLScQpGbpzItEMV1GtDQRURZSHQj2BUf8jvvl5KhE2DqPT99HTXJMIn03DrSqwSz-6bWp0CUdYpuKaO8qiNWefn_M2uA5w4UY-3HNz4TttJnYJW1nGqoXD-ygR_7hY138j4YpuR8orIYQAmt7FHC5cAPtUc8ReEDT2BMtOYgo5lG_IBtsX7JnBbdB5oTQlY2-J1hrJA7lL7gtvlvjzZUyCLrqELJzx0Q2i19U67oYVcZQPAukzttjACbmCCyiLJl_9eKe-UrCJaY6gKbzCdseHpnncHBpa12xnT84QZxg6eo34ShpEzbc7NcUS82Vz41hCi5hr63uhFyvT3ilBMEQwlbUHUllCevzGPqKQR2JfTV011J6Uva8yznkCrV7wv800_9skKbcqgSsMECd5a9dVUfxDtXpW8z8_yuP8Fz3cNsuBHd68TJ0vWvWfBESqF_HBFviGFJg7Mie-Ci1PMmxdReb6ve9P4bqVso5oan9-n5BmXX7ELFADQWiBrZ2W6ouSTJvcaf8qR4SMM-i8j7XtpZePGyV-iNSV3A&sai=AMfl-YT9fTKbqAPJsT7GkmFuKe36OjKSJTvnOphTETgQAL3Z0OzezgmwvfF9yNOx5qM7vgloP0auBs6JwXGW9QCXXQa3XqJFywNxA-owN20u2CX3SqcDKUI018HpVzqppl7HZn22CtY7uWERQyCleh57LfIrupUbFlRJfopNCtcr7ESmYzLrbCqMPy-JaZQjjIGw_Z9HocelisA8pF4Pvu7fT7geqTfZGyTeipPCHvKxTaYquB7R3IYtLuzWFSSLg7OGF2MiHWiQEFc&sig=Cg0ArKJSzNTWMnRdiv-CEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220427.48389&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtWG9KWrleknI8YNwaqJ2TV0n4Rd2eWderLGHnxVptfosShYpypM7mOJVcFXltegXs8cYuQ75kWQeaRO33yzm8yY7FmQ&cry=1&dbm_d=AKAmf-D9kIs-QoFMK5n9L48OFuoBfhcZWYJfgrzoEgUWq5LqC_TEGIqX7YLYYvJXLafhfiS9k5O7x4GHh_qZhlGhcDBR8VXittGsx7_YLL_3Y6bAUPkNvRaN9CM0s2bCX8o7mo3aed8xgGS3RQyORYbfqHUhGl_OrMYHh2bToaNDNPZxPb4R3UIYgWV8WYrnQpiyiI5hWo64sg_kiw7yQulgAOWXCMZYhD5j_rYgBGGiLHaYwxxRMFWP0hLq_gSSIuzaCCC4lSv_D0F4GUCVxa2ud3hOt3YCF8_cRoJBqZvjDXSdK0Bzk94Ayr3KAK8iY6JLTIRDpnonF4y0PCDyeGU4JuCVWJkWV43BDq5aiMNAO9lkRQcBFbukZ4XaEwtIGql4AwFHHitzwBXfjthcoslsNzZLiSIvgt66PH3fwV10DZJ5lObo04WzPoZD1DhgqIruNo8mLLjHTMLUySNarKgJZ4HcOxibLNJ6Z6rQzol8JqTiLgcOLXMfhfqPV_rTSEP_WgFgi8vPj2Nsm1qncp0DhSzdk_OoAh67AZQZgPP1IU-P7TP8aQt_83kgmtACUFxwhT8SXyY4yGvenZiOmJnPGrhu1JE0gMyYkKB6ZB-4VSamA4HJFcRff8zflnohB1_6OEiGt2FPdBdeANQX_mLscPxxtcFjgn4CneSuVXiM7M_bqDvPOdU0L0oqZoTGRyAOZUS59eHHTbfd9hnEYokOQ3QioYzrqRYfa4rsisHZu1ih50Xzg0UeHqG88V8NZWp3vznngPsOPrGMOQDkfYvMyDfg6vDbwZAcQYdJ6UcV933KrPzNSOmaSI8ozqQT8KYhukNrYtXuwl1obJtDl5Umk1pQff1yHwbIZ8ByMZZxrf_McEC4KyuzvF-713MFyHP7Qixq4M9FtNyWuRe3mUaA2c1Z6dlqlDT_abCH_bT_v80Mi00wr9Xn-zTUUfGyevhY7Wbq8S26lsx1NdMvYYm65upb2KhciQ-3Az0NAywBWxtfqSMWpTj22cGq8GnPkbAUthJE3IDWCoNnl8eYkzJ8qPGXJJhUeYFZRFJ82Lth0gUVlvbAM3Y17ShVsBlgnGuqJGRuSuK0OsqwDi0RLTwprV-ruZFU0AmO8Yqnu86esxoqU5NM8SqHjzWkvjUKfbDLf0EaaI3Uao4P7VJIa4ufl-yHmnnJQXqjVf_zl21xbMjGdZ8xkV12KIm7D2WwzixRHSEbUD33dueMU0TM_ylIOw6P6HfK1rkkKDAjJ14MI3Yv65iUC9ds2gFzVOwUGFqqpZjsGQ2uzeM6O6_Oo_pQO5jDjBTAauYdy_hivA9FFtN_m2puzKHIdg-FzwrRAwrH9VBPIWEVk99Ri2pOwGrxuqlwTZc3-9J08UGf-A5enxrBWd5ErSz4lNL4s1c-VP7-Rp97Rld9SGAUAlVZj7c8LqYodjawDFYeMkDnyERdoyBR2wA6g4NCT1Hf5RBlj3370I8c6SJw8GXY8Mr0RKOmu4huXMrUX8Y5AY0KDrkIjw9Z_Eh5ugTU1jiBYq1pCNH_nQeUv_iPvFP0W3EDWHDpAodtiwg2udSGG2MsTodbn6hFccTFwPasbVRMGxY0ARyo2Kwkc5l538vl1el8QbAlZMfT6Wu5Fy1yfQomIlMwNgrDPr64ZrosJ7Jno9cuZ-M8YXWfW7WL8UPQdgPWRKX10GfA8zGKttQHZmm4DXKX17BpSWomW0iq6h7S5XkOqr2gHmtAOJi2GLp0b3mirM_mZ2RB_3uDpa-PaB4WtA3q30gCE3vNsBr52kLHAnf_43hS8Euzvx3fJAocYVEog2WygHO6tS8har_ZS2zHIr2r2_6JMCiDzcHumfafEntoS5gm3Do1KHzxWLFbSdldryPIJrgFEfr_Sc-kHbGCKpNuUnm5QMBmBJmEguL_nNeu3XFtitip9dnjZfVJgCGxkXNnZp1FBckDkZKQ1jkUMjyJ7F_b5wLnymLxHQVSX91mOJF1on0c5Qg708dtWNeJz5Q18z1tA8q5dc0U2rdrdNmwi9bsBdOOzE4OLDfZGB7GU7YSdJHFj4l7sG8RJh37zrlK32SQpGKUUXYsdPqPREhPK0nrHDABAJLtgmZQTHQQhbs5TFygOHmNeZOD82m716w5WUgOFa3nlrvWGDWvtVm6x7AJadEoddB4J8M_-hqPUQxtaEU7JGF5ZjntgavW1xPB739AwLItd7n0xbKv7_IdDKtLmrFm9AZDH2JT-fbN5C-GRcTkyp3IQtjsUoLbCeV-uS8MZHckEnFHstrCAupXDP8Wl3XULbbDfGqHCpbLJr8f3c2-v8KEQK-jIO-GUFBWjcnEbLvIKxDVlvGXiia5HaM1YrT4uEun16Nk2FZjrzKx54YNQ6aVbr5GVcT6ZWegRDjPQaRTtSyh_YXM1ZK_3AXb3opzC37mm1LNQaqh4271ShISiFsVA5DhMdJgqG22rsavf9Zki1qMCxxMxQ2_7UbsaF-L-pJXma_kpXuIE6eXoEOWHGEBpZcnlbJnztHyLnLz6csNwr_GrW2Popx2KcnTSN4id1-uNFie0SjVP1TMrdzFQJwuJlQNwl6_iWO1eMp8_ym-OtC50hvzR-1ymaMCpK6HoEi5f9jzJGdIKteY3K8KKSJnuy4D96RrE-zJVGzpVSFfqdaamHdOnHg1gNiA5tXP95uiQoPMppFIMBYC7yDIwyOZFQzscFo_gQyTD4A_KBW5JOOw5BVDJO_nN6HgwgSwkCRZBqsqs-iMuEtLorQTsvbqWLFlGP6dV_4oLzIxIxSLNmtsXxDOnwOegMYGHq__odSyT3fe-kufuyW53PnYVVSfK-QuBcFrLOYLVM3xyT3SyfOgJxbVzATXaxz0K_ehvI8yZMOm918gJgZfwsn8ZIucupuyJlHXZOveSBXI3FvjqSZ0lORW-if1ncBpLM9VYmikJ88Rd7aPpjutWHC9AsaV_WZQLkAJjlXr1X1mHLp4HobgJQbHk3HxfjBO8TG7SN_MSXCobBmKlcDmQhVoX59Cd1DSGYjLaaxv-ukXRSm7YE_usyq3b5ijbx1f6s4eDLbWtxondEKbkHFJ9lRabjh-XLNFWEEtu3r64LWB2X8FFDz4ai3xS53_e0I9_EPZ-K_UgJTNkTfvmSuYfkhqL4bFa2JMKacsQxttDfvs5UFF-BApSM441duSphWiooKwpvln4R4t-dHjIFGrE6kUhPz4NWT7vTdBcwPclRr3iNufMxv73XtxtEJvlKFCN_gXvnZQcQCTmhSH03xPEMPlYFdIRD-ooX_Wk7X7ICEUwaf-1A9z9-FT-As3-3iamkokeIZ7VKdX_s1GsL3dJVR7K_nW&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 29 Apr 2022 09:35:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 37C0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtWG9KWrleknI8YNwaqJ2TV0n4Rd2eWderLGHnxVptfosShYpypM7mOJVcFXltegXs8cYuQ75kWQeaRO33yzm8yY7FmQ&cry=1&dbm_d=AKAmf-D9kIs-QoFMK5n9L48OFuoBfhcZWYJfgrzoEgUWq5LqC_TEGIqX7YLYYvJXLafhfiS9k5O7x4GHh_qZhlGhcDBR8VXittGsx7_YLL_3Y6bAUPkNvRaN9CM0s2bCX8o7mo3aed8xgGS3RQyORYbfqHUhGl_OrMYHh2bToaNDNPZxPb4R3UIYgWV8WYrnQpiyiI5hWo64sg_kiw7yQulgAOWXCMZYhD5j_rYgBGGiLHaYwxxRMFWP0hLq_gSSIuzaCCC4lSv_D0F4GUCVxa2ud3hOt3YCF8_cRoJBqZvjDXSdK0Bzk94Ayr3KAK8iY6JLTIRDpnonF4y0PCDyeGU4JuCVWJkWV43BDq5aiMNAO9lkRQcBFbukZ4XaEwtIGql4AwFHHitzwBXfjthcoslsNzZLiSIvgt66PH3fwV10DZJ5lObo04WzPoZD1DhgqIruNo8mLLjHTMLUySNarKgJZ4HcOxibLNJ6Z6rQzol8JqTiLgcOLXMfhfqPV_rTSEP_WgFgi8vPj2Nsm1qncp0DhSzdk_OoAh67AZQZgPP1IU-P7TP8aQt_83kgmtACUFxwhT8SXyY4yGvenZiOmJnPGrhu1JE0gMyYkKB6ZB-4VSamA4HJFcRff8zflnohB1_6OEiGt2FPdBdeANQX_mLscPxxtcFjgn4CneSuVXiM7M_bqDvPOdU0L0oqZoTGRyAOZUS59eHHTbfd9hnEYokOQ3QioYzrqRYfa4rsisHZu1ih50Xzg0UeHqG88V8NZWp3vznngPsOPrGMOQDkfYvMyDfg6vDbwZAcQYdJ6UcV933KrPzNSOmaSI8ozqQT8KYhukNrYtXuwl1obJtDl5Umk1pQff1yHwbIZ8ByMZZxrf_McEC4KyuzvF-713MFyHP7Qixq4M9FtNyWuRe3mUaA2c1Z6dlqlDT_abCH_bT_v80Mi00wr9Xn-zTUUfGyevhY7Wbq8S26lsx1NdMvYYm65upb2KhciQ-3Az0NAywBWxtfqSMWpTj22cGq8GnPkbAUthJE3IDWCoNnl8eYkzJ8qPGXJJhUeYFZRFJ82Lth0gUVlvbAM3Y17ShVsBlgnGuqJGRuSuK0OsqwDi0RLTwprV-ruZFU0AmO8Yqnu86esxoqU5NM8SqHjzWkvjUKfbDLf0EaaI3Uao4P7VJIa4ufl-yHmnnJQXqjVf_zl21xbMjGdZ8xkV12KIm7D2WwzixRHSEbUD33dueMU0TM_ylIOw6P6HfK1rkkKDAjJ14MI3Yv65iUC9ds2gFzVOwUGFqqpZjsGQ2uzeM6O6_Oo_pQO5jDjBTAauYdy_hivA9FFtN_m2puzKHIdg-FzwrRAwrH9VBPIWEVk99Ri2pOwGrxuqlwTZc3-9J08UGf-A5enxrBWd5ErSz4lNL4s1c-VP7-Rp97Rld9SGAUAlVZj7c8LqYodjawDFYeMkDnyERdoyBR2wA6g4NCT1Hf5RBlj3370I8c6SJw8GXY8Mr0RKOmu4huXMrUX8Y5AY0KDrkIjw9Z_Eh5ugTU1jiBYq1pCNH_nQeUv_iPvFP0W3EDWHDpAodtiwg2udSGG2MsTodbn6hFccTFwPasbVRMGxY0ARyo2Kwkc5l538vl1el8QbAlZMfT6Wu5Fy1yfQomIlMwNgrDPr64ZrosJ7Jno9cuZ-M8YXWfW7WL8UPQdgPWRKX10GfA8zGKttQHZmm4DXKX17BpSWomW0iq6h7S5XkOqr2gHmtAOJi2GLp0b3mirM_mZ2RB_3uDpa-PaB4WtA3q30gCE3vNsBr52kLHAnf_43hS8Euzvx3fJAocYVEog2WygHO6tS8har_ZS2zHIr2r2_6JMCiDzcHumfafEntoS5gm3Do1KHzxWLFbSdldryPIJrgFEfr_Sc-kHbGCKpNuUnm5QMBmBJmEguL_nNeu3XFtitip9dnjZfVJgCGxkXNnZp1FBckDkZKQ1jkUMjyJ7F_b5wLnymLxHQVSX91mOJF1on0c5Qg708dtWNeJz5Q18z1tA8q5dc0U2rdrdNmwi9bsBdOOzE4OLDfZGB7GU7YSdJHFj4l7sG8RJh37zrlK32SQpGKUUXYsdPqPREhPK0nrHDABAJLtgmZQTHQQhbs5TFygOHmNeZOD82m716w5WUgOFa3nlrvWGDWvtVm6x7AJadEoddB4J8M_-hqPUQxtaEU7JGF5ZjntgavW1xPB739AwLItd7n0xbKv7_IdDKtLmrFm9AZDH2JT-fbN5C-GRcTkyp3IQtjsUoLbCeV-uS8MZHckEnFHstrCAupXDP8Wl3XULbbDfGqHCpbLJr8f3c2-v8KEQK-jIO-GUFBWjcnEbLvIKxDVlvGXiia5HaM1YrT4uEun16Nk2FZjrzKx54YNQ6aVbr5GVcT6ZWegRDjPQaRTtSyh_YXM1ZK_3AXb3opzC37mm1LNQaqh4271ShISiFsVA5DhMdJgqG22rsavf9Zki1qMCxxMxQ2_7UbsaF-L-pJXma_kpXuIE6eXoEOWHGEBpZcnlbJnztHyLnLz6csNwr_GrW2Popx2KcnTSN4id1-uNFie0SjVP1TMrdzFQJwuJlQNwl6_iWO1eMp8_ym-OtC50hvzR-1ymaMCpK6HoEi5f9jzJGdIKteY3K8KKSJnuy4D96RrE-zJVGzpVSFfqdaamHdOnHg1gNiA5tXP95uiQoPMppFIMBYC7yDIwyOZFQzscFo_gQyTD4A_KBW5JOOw5BVDJO_nN6HgwgSwkCRZBqsqs-iMuEtLorQTsvbqWLFlGP6dV_4oLzIxIxSLNmtsXxDOnwOegMYGHq__odSyT3fe-kufuyW53PnYVVSfK-QuBcFrLOYLVM3xyT3SyfOgJxbVzATXaxz0K_ehvI8yZMOm918gJgZfwsn8ZIucupuyJlHXZOveSBXI3FvjqSZ0lORW-if1ncBpLM9VYmikJ88Rd7aPpjutWHC9AsaV_WZQLkAJjlXr1X1mHLp4HobgJQbHk3HxfjBO8TG7SN_MSXCobBmKlcDmQhVoX59Cd1DSGYjLaaxv-ukXRSm7YE_usyq3b5ijbx1f6s4eDLbWtxondEKbkHFJ9lRabjh-XLNFWEEtu3r64LWB2X8FFDz4ai3xS53_e0I9_EPZ-K_UgJTNkTfvmSuYfkhqL4bFa2JMKacsQxttDfvs5UFF-BApSM441duSphWiooKwpvln4R4t-dHjIFGrE6kUhPz4NWT7vTdBcwPclRr3iNufMxv73XtxtEJvlKFCN_gXvnZQcQCTmhSH03xPEMPlYFdIRD-ooX_Wk7X7ICEUwaf-1A9z9-FT-As3-3iamkokeIZ7VKdX_s1GsL3dJVR7K_nW&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233649
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 16:41:06 GMT
8004337442899602333
s0.2mdn.net/simgad/ Frame 37C0 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8004337442899602333
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c537635933bdb109235be95c56082b22bbb4e17e2b618cbb4ad7d783a807de4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 13:16:48 GMT
x-content-type-options
nosniff
age
332307
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22975
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 08:54:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 13:16:48 GMT
all
csm.eu.criteo.net/ Frame 1D71 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=tkEF4CCe63pgJS8m3v-wxwCkFa91hA9_5e2Fo9YVS6IBwb0kmTod2ZDCWkC7MgZ656jKQ2u8jsRxGvnq1i8RU6IBkYwkGdYm5e9BW91QqD5T-WN7QggXKTnMg-wL4NTfoA7YviKDHOvy2g6WRXpRp2UqDmHgKjUzRYIKiSUfmq5gqUwG973LswdUdnunupoc_JZCJ8OLPe4k56GiioOX33JtPDdvsRs1zdBsoNaofPuZ2s2QmYGloUTnlZKzeNryBslOn-P0-XVqXIzd&sds=2&rev=81333&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlgIu_1TAA_mI7qrN9Y_ukA8rot-rQ&u=%7CzTp3kVNQobBzwbEtTGqAp4dMG7XgnQLhiBe0jVjwCpw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdgbhHCq5nd1Ut8AA593fWnMo4JbnJ3iLElszPy-7Yvw82zKbzagfikWFik4hib1LDXJ3CcA3Dk5gq1c3yqehXemzZPTs1jAX3Vq3Fowu_6g_ld1ATw33oNUgBqQfGH4RUN_xElwWGSygTeMDQW3R98b672C8xgyPZTpsFjjqJm4JgzHw6rCRx0xui0mgF_b39b_T6Yh9MJK-GB8HlBEnVepCMkWC5W916UBgwpDgyM9uSJK9svrzy18u5Q-w65QXXWip56CqgcvBldOC9roC3-82Oeh-258J6SZgZY5rFpGHopGEwJqO4Xe7zL8sCeKly8YQR6r1R6W9KoowoLhAZBDfAjU-gP6oeX7o1cbiBj_P7_khSVj4wPxvp6A8fvKOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__y0TrFrYtjMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9APjnZUphhybTMx4ctvcGwr2S2q8KB87i6IkaBnunCE3NtajwkGokv0FsgL9hxGZgR5PTRFjtgtdlthDvd9eLKJsguOWml4FP7E40LP71BOtrRqSTbvDMcZ4Fyuqh86d2D6p10loMWWAyElr0KtBJoJnGuWTtGjshTUbOcc--TAjgWh9d-Il4eeNGP_MjG3qWIJT2PtyH4Zu0SmlS2hYnPMiyM_g_VRA-3RKA8Ij7PjugOf5mSniK2-DkW7Ol55bB9JTfCS8OznP3BdBF6I377NgM9AfR-wuFPFThcu0jBQ7k3-bmG21sbwg98LzvuZqTnIIVmPpsATNwzerNzLGM7lZ-WmPHbmDc7gBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1xhA_HoOjn_B0pfGRLtRDR4cfKEg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Apr 2022 09:35:15 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1D71 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlgIu_1TAA_mI7qrN9Y_ukA8rot-rQ&u=%7CzTp3kVNQobBzwbEtTGqAp4dMG7XgnQLhiBe0jVjwCpw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdgbhHCq5nd1Ut8AA593fWnMo4JbnJ3iLElszPy-7Yvw82zKbzagfikWFik4hib1LDXJ3CcA3Dk5gq1c3yqehXemzZPTs1jAX3Vq3Fowu_6g_ld1ATw33oNUgBqQfGH4RUN_xElwWGSygTeMDQW3R98b672C8xgyPZTpsFjjqJm4JgzHw6rCRx0xui0mgF_b39b_T6Yh9MJK-GB8HlBEnVepCMkWC5W916UBgwpDgyM9uSJK9svrzy18u5Q-w65QXXWip56CqgcvBldOC9roC3-82Oeh-258J6SZgZY5rFpGHopGEwJqO4Xe7zL8sCeKly8YQR6r1R6W9KoowoLhAZBDfAjU-gP6oeX7o1cbiBj_P7_khSVj4wPxvp6A8fvKOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__y0TrFrYtjMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9APjnZUphhybTMx4ctvcGwr2S2q8KB87i6IkaBnunCE3NtajwkGokv0FsgL9hxGZgR5PTRFjtgtdlthDvd9eLKJsguOWml4FP7E40LP71BOtrRqSTbvDMcZ4Fyuqh86d2D6p10loMWWAyElr0KtBJoJnGuWTtGjshTUbOcc--TAjgWh9d-Il4eeNGP_MjG3qWIJT2PtyH4Zu0SmlS2hYnPMiyM_g_VRA-3RKA8Ij7PjugOf5mSniK2-DkW7Ol55bB9JTfCS8OznP3BdBF6I377NgM9AfR-wuFPFThcu0jBQ7k3-bmG21sbwg98LzvuZqTnIIVmPpsATNwzerNzLGM7lZ-WmPHbmDc7gBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1xhA_HoOjn_B0pfGRLtRDR4cfKEg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:15 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1D71 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlgIu_1TAA_mI7qrN9Y_ukA8rot-rQ&u=%7CzTp3kVNQobBzwbEtTGqAp4dMG7XgnQLhiBe0jVjwCpw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdgbhHCq5nd1Ut8AA593fWnMo4JbnJ3iLElszPy-7Yvw82zKbzagfikWFik4hib1LDXJ3CcA3Dk5gq1c3yqehXemzZPTs1jAX3Vq3Fowu_6g_ld1ATw33oNUgBqQfGH4RUN_xElwWGSygTeMDQW3R98b672C8xgyPZTpsFjjqJm4JgzHw6rCRx0xui0mgF_b39b_T6Yh9MJK-GB8HlBEnVepCMkWC5W916UBgwpDgyM9uSJK9svrzy18u5Q-w65QXXWip56CqgcvBldOC9roC3-82Oeh-258J6SZgZY5rFpGHopGEwJqO4Xe7zL8sCeKly8YQR6r1R6W9KoowoLhAZBDfAjU-gP6oeX7o1cbiBj_P7_khSVj4wPxvp6A8fvKOFg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__y0TrFrYtjMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9APjnZUphhybTMx4ctvcGwr2S2q8KB87i6IkaBnunCE3NtajwkGokv0FsgL9hxGZgR5PTRFjtgtdlthDvd9eLKJsguOWml4FP7E40LP71BOtrRqSTbvDMcZ4Fyuqh86d2D6p10loMWWAyElr0KtBJoJnGuWTtGjshTUbOcc--TAjgWh9d-Il4eeNGP_MjG3qWIJT2PtyH4Zu0SmlS2hYnPMiyM_g_VRA-3RKA8Ij7PjugOf5mSniK2-DkW7Ol55bB9JTfCS8OznP3BdBF6I377NgM9AfR-wuFPFThcu0jBQ7k3-bmG21sbwg98LzvuZqTnIIVmPpsATNwzerNzLGM7lZ-WmPHbmDc7gBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1xhA_HoOjn_B0pfGRLtRDR4cfKEg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:15 GMT
all
csm.eu.criteo.net/ Frame D063 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=uAGUpCCe63pgJS8mTFgcf1rbmnFaZoLtvicwa73KERerQnW6TlS9amH9V8tcMZ2f7OGiJfmwHqzYjn1KNmRFIcAWmNIdHTieaw09CKuM6uC7YvCZBkEs_dtKV8Y3ejv9bU6zV9lvbMJiUXN3xt4d-PCBgGSDUWVYx-S2JCvs030VRQKaM2wffcaaREndTmLkSqwzWjtRxFna8R_RL-50zZDxJeE42tr2IFiMm-5cBxf0o8EuoVFwqtxarPwW_avzXlOtD6wo6y1KU6Cb&sds=2&rev=81333&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlYIu_1TAA_mI_Fu2FqZZLwwtzlDXA&u=%7CzTp3kVNQobA7KSPq5JJ0BNpvENGD5z%2BzvSpEconUcIg%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdk6CJzhjh6Fnec1oKLdeDn3nEXPbRtT1xc9UdPgszQ9h2REdlZQ3Itm62cG7dhjthD3at5zAUtw1upsCRYKAnhpUkmb_HqYnTKsI5Be1Ei2a3S3Mzh2Ovy5Wf9Z7yv4UaEJWLP-cM29TVDFlRD2xNeYdIwql2CkkeWkaAFKenXzbLEV7bSBi_2_zNUloOk2cpAos3H3NGg6XW3U9IeoAq1_eAt0a8sBYc6GkZJHvUMg2x9K536smOkNkb1GFloUIX4TO6mj65rh17FnOV6BzBhYLH5nDkN5Dg5p9moeGxWDN_EFhHQyeRQ3eCfyarK0wk7NItlbSDzPuhsejIyh3iwKUWJlqISW5YyYILjek6QVOzLdS_Cer5I6NHRSVfwjo5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp3suTrFrYtbMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9D77uA2nkm8JiJ7am-OqWbe7YOdFPepYsFPqM2bM-JBpLZpJ799C7ZN5LNPsP6GIVMcjZ7ydrSc3p5PNyKPwm2hSzug-n1ewiM1Xv23mB-s0kxboLQAfnfD_zpnzFEV_luK4UagwI8bZ7x-X2dniXbGCtpWXJ6w3fTXXHraNtzKXvPdULMx8zceEACjDIXrgIYY9dNwLbSUaX1njE2xvZjgm48Np7lNOyYT6kgl60-V3RmMz8u8ZJKWWZHeQZRdE1tLwdRES10-YpxHCParq72K-XpXAhtUCwtYFtFm-tFbWZEJimh2pFP7RS5WjDR6grPE-FSxU_r7llF_Evx2KZCLoWhD5zWo8QjgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QAoEBFiwHTwTw3Njis6IhGyY9lw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Apr 2022 09:35:15 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D063 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlYIu_1TAA_mI_Fu2FqZZLwwtzlDXA&u=%7CzTp3kVNQobA7KSPq5JJ0BNpvENGD5z%2BzvSpEconUcIg%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdk6CJzhjh6Fnec1oKLdeDn3nEXPbRtT1xc9UdPgszQ9h2REdlZQ3Itm62cG7dhjthD3at5zAUtw1upsCRYKAnhpUkmb_HqYnTKsI5Be1Ei2a3S3Mzh2Ovy5Wf9Z7yv4UaEJWLP-cM29TVDFlRD2xNeYdIwql2CkkeWkaAFKenXzbLEV7bSBi_2_zNUloOk2cpAos3H3NGg6XW3U9IeoAq1_eAt0a8sBYc6GkZJHvUMg2x9K536smOkNkb1GFloUIX4TO6mj65rh17FnOV6BzBhYLH5nDkN5Dg5p9moeGxWDN_EFhHQyeRQ3eCfyarK0wk7NItlbSDzPuhsejIyh3iwKUWJlqISW5YyYILjek6QVOzLdS_Cer5I6NHRSVfwjo5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp3suTrFrYtbMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9D77uA2nkm8JiJ7am-OqWbe7YOdFPepYsFPqM2bM-JBpLZpJ799C7ZN5LNPsP6GIVMcjZ7ydrSc3p5PNyKPwm2hSzug-n1ewiM1Xv23mB-s0kxboLQAfnfD_zpnzFEV_luK4UagwI8bZ7x-X2dniXbGCtpWXJ6w3fTXXHraNtzKXvPdULMx8zceEACjDIXrgIYY9dNwLbSUaX1njE2xvZjgm48Np7lNOyYT6kgl60-V3RmMz8u8ZJKWWZHeQZRdE1tLwdRES10-YpxHCParq72K-XpXAhtUCwtYFtFm-tFbWZEJimh2pFP7RS5WjDR6grPE-FSxU_r7llF_Evx2KZCLoWhD5zWo8QjgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QAoEBFiwHTwTw3Njis6IhGyY9lw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:15 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D063 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlYIu_1TAA_mI_Fu2FqZZLwwtzlDXA&u=%7CzTp3kVNQobA7KSPq5JJ0BNpvENGD5z%2BzvSpEconUcIg%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdk6CJzhjh6Fnec1oKLdeDn3nEXPbRtT1xc9UdPgszQ9h2REdlZQ3Itm62cG7dhjthD3at5zAUtw1upsCRYKAnhpUkmb_HqYnTKsI5Be1Ei2a3S3Mzh2Ovy5Wf9Z7yv4UaEJWLP-cM29TVDFlRD2xNeYdIwql2CkkeWkaAFKenXzbLEV7bSBi_2_zNUloOk2cpAos3H3NGg6XW3U9IeoAq1_eAt0a8sBYc6GkZJHvUMg2x9K536smOkNkb1GFloUIX4TO6mj65rh17FnOV6BzBhYLH5nDkN5Dg5p9moeGxWDN_EFhHQyeRQ3eCfyarK0wk7NItlbSDzPuhsejIyh3iwKUWJlqISW5YyYILjek6QVOzLdS_Cer5I6NHRSVfwjo5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp3suTrFrYtbMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9D77uA2nkm8JiJ7am-OqWbe7YOdFPepYsFPqM2bM-JBpLZpJ799C7ZN5LNPsP6GIVMcjZ7ydrSc3p5PNyKPwm2hSzug-n1ewiM1Xv23mB-s0kxboLQAfnfD_zpnzFEV_luK4UagwI8bZ7x-X2dniXbGCtpWXJ6w3fTXXHraNtzKXvPdULMx8zceEACjDIXrgIYY9dNwLbSUaX1njE2xvZjgm48Np7lNOyYT6kgl60-V3RmMz8u8ZJKWWZHeQZRdE1tLwdRES10-YpxHCParq72K-XpXAhtUCwtYFtFm-tFbWZEJimh2pFP7RS5WjDR6grPE-FSxU_r7llF_Evx2KZCLoWhD5zWo8QjgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QAoEBFiwHTwTw3Njis6IhGyY9lw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:15 GMT
img
pix.eu.criteo.net/img/ Frame 4E94 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40652&q=80&r=0&u=http%3A%2F%2Fwww.broraonline.com%2Fuk%2F..%2Fmedia%2Fcatalog%2Fproduct%2Fw%2Fp%2Fwpc775_e4206_1_1.jpg&v=3&w=400&s=CR90sZxRfZ2y7r4Ov8kwwk_6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bc111dcc5642aefd4f46aba66a155da8754233b1188d06e119e6bcff1a5d79ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:14 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10146
expires
Mon, 24 Apr 2023 09:35:15 GMT
all
csm.eu.criteo.net/ Frame 4E94 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=fRC3RiCe63pgJS8mzm0cqsyVMG350J6XqNz1lEJXg2CQmval4AZtkekCz_MmvEchMTA9aKT2_VZK2uvyqJyLRrgu5wmtlS5qLDJ6bCR51KV_lui8ma5jYqdjvB_kiCYPFtuUOuaZblaGnEHuUeovTZp9s-TSF_yqYMYvJjV_D1-OKtVdamQHtoR4MvpxxBBX6lIzcFfQdDVsXChl4ZVkij9C3TTWCJn9SFz6B7lgKmCw7u8fmPL9UyfRBR9j5Msu37KhyyHVsyg6WG6r&sds=2&rev=81333&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Apr 2022 09:35:14 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4E94 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:15 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4E94 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 09:35:15 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7FDE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
99045
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 06:04:30 GMT
expires
Fri, 28 Apr 2023 06:04:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
token
eua.instiengage.com/v1/auth/ Frame 7EBC 		864 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
10506d1f1da8a74b2f5e38e95866f9c415e72a980d4d4ea75a3ccfaeeac50daf

Request headers

Referer
https://auth.instiengage.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://auth.instiengage.com
date
Fri, 29 Apr 2022 09:35:15 GMT
access-control-allow-credentials
true
content-length
864
vary
Origin
content-type
application/json
token
eua.instiengage.com/v1/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://auth.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://auth.instiengage.com
access-control-max-age
3600
content-length
0
date
Fri, 29 Apr 2022 09:35:15 GMT
vary
Origin
token
eua.instiengage.com/v1/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://auth.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://auth.instiengage.com
access-control-max-age
3600
content-length
0
date
Fri, 29 Apr 2022 09:35:15 GMT
vary
Origin
token
eua.instiengage.com/v1/auth/ Frame 48CE 		864 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
2bf6486ab76fc6be7797b5810b256e35b847c75bc66d9b1abaf243aac3abe105

Request headers

Referer
https://auth.instiengage.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://auth.instiengage.com
date
Fri, 29 Apr 2022 09:35:15 GMT
access-control-allow-credentials
true
content-length
864
vary
Origin
content-type
application/json
truncated
/ Frame 87C2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d886bf499b8ec0fb3aae648c618393a9103c9fcd5fda682a15a1e31f2ad1254

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 3108 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsukd0FpNiqc0w3_qIKOWvv6gBMYJz_G7sFnGjogat_AeW09MCz6gxdC-NJTGjAR7DgODPT2geBGv5K_kbi4MjiyEo9rO7wNmkcQOUoN-6T-psxneCLpvcdoLslIftZ_6S9L_alU4yuARFDaLtYYf2YRPsuObekRgnWIfcbDhgjsW26KWA1JARxL1b1dVmypJF62R375kexhyl7vPeU2h74wR0PEQ7f6e0fO-zRr5LoeZY4OPAvitnNVSB5MHl27cP9Qcxa2ucIkr5QC3d99sVshW0peMJc3oqbo8glsuxiOwzv5Yq70winLlKcJYKF4ijtLGzcM3EtbOdJzFwNzC76tM-6T8ASZaGn15sP1-BThHSi-3B2YyIUzKX3AuJZDYItFNr3OSTgahcPCDoboDr-Tl_in2iw8SUQpd_Nppc-BKa5GMcmYBMueC_xEFJD3DpGlWYA2s961ToeMhCmXfKTZI3_slf9MPhXWJbz_Tq64incAqmcGcZnH-Z7iLRYQ226VOd77CxrtfaLI_6J0m1osSLbJNW86ib-t4KNj0m-xLoYbCagFGC8c138VL1EGezk1LBixsbJ9u7yXx55Avd_IfrH67NF6jDoE2LnvGvsVoP2uA1Ps1772V9Ae9zMtswR5704tvwQ82LudLnzjhjcSVwqXzNDIEVzR7V2soZDiwmOamKO7Qq74Ywbx2bq4koUzR7io1Mi40t6zHvjv8sIkKgMWS7d_VOITDTR41dZxAsv9vuldTH5YnEithDJC9vbnF3GpPs_sXF9CUiGDZ54MmtLLRj7V_P6Usxnxm21T5hlxm2BPlatYDe5dLnvfYpgtEF6aw3T7Mb2GqeBQInugRfRD-BOTpMgag5bkl5czoGqRJrkWdBmt-QVrHRNFuyp8whPfmN_J7Q7Tu9cZf8iIxeXjAPEndzO3-y-zKlbtpgx_xmEmNB9VjgG7rN4ozaKabARrCXvSjcMLdNCw8OONB2iGniu7hh6myRKemx3ojlJR2KUffCyZZNLtdw0I0lg22N0_h0kp81dFsZ31WENEh7Rd8sn0_jPmS8T8fLVkpH4XNJ7Aw5N99zoH6XQ87IBFrYR_tuNoVriyFBuWHSyBeEDJMmLbDTd_XYPWW3Jz9jK2Bk4xQPem2A6QfUYGqnioIcygSgQpbakxZ9YgRb-Bp-7gawM_3df5N1E9ZoBBkxiCm0BoD1UG8qwToKxFjAQVhxBdskbJ6IMOPOY6-2rCRzIy5g9Zmz942MBNwVHDS2udUzjT-fEhZhIBWgC2qFSAvtgdMa9tHOCf1orqkfpprdupR0Ak_CWfNbLKQ-pV1kQRbuZ6&sai=AMfl-YQmgeOAYdqwcbZ2r6NUajcENKgf6XwCI6q5-EzBix5i8eTeRKaGk-h5eBeZ_a889x6Blk1G1siwlXpdAU47XaZ0k2Nslk6HLrBeH6gXdkMOMv6an5HtKK6qIz4jWMhjUBUvJlRgk3ZwVrSZ0OlFGiqpGfRHKWieKYsH5Ipg2wHjgRb6IYq-epNtSEhE8kP7jwfutqOpSzdagqG_e2iO92kWR2S1qQY8S84IJ6kvbVuI_0wSaQ&sig=Cg0ArKJSzGBvHgGYJfJjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=524&vt=11&dtpt=523&dett=2&cstd=0&cisv=r20220427.22071&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-NH_Hb7jfVcuPGuUlBcBhKdR9B2mkZGNMyVnnzHM0w1trDRBJLDwByA3FTyULxPA2djSbtdu-V8HjGqbuQuhD82La8Q&cry=1&dbm_d=AKAmf-AV0hpkJUecEa8vADD-SPALvotp-5VyEpw8lV6b743tCX-JTi3xq9umZ3FKh-ri0cUz80m9v7rTvCRufOQJ_49Jz3WfDRNFVl4ogqGf5JwBP5BKAraV-UZ7z36FtedC_Dp_Yvpeome-sX_J5fsAh24ajASMxNPWN7pN5nk9-8zSMcVaX0_Wj8xBq6esLDXXa8PNVqArHAFpuGH2MCccjAMY7MHZU4xyBYPzVgdoPpguwj0Cjl6VLG1KFAACdCq7oRcGN9mFOMFMfv_ahWq_d18aiIrgcecb8eB_7Tv9sAxaY5iX9SnEQtm8AI6xahjiyN6su2p7RX5jmzbn3TjoL4tjoOwQUTGekTXJTiiu8yQQka63UXAwFLDqTpVhxfNkOGbkHfHQcZFHOEh6jUfn3q24KBVOJaYHUKYchJRuFvjn1gEpvLZ1MABJyLK8q4cw5qUupIViOExNrq9pTXVVoq0CVfOigFvnFdLK2alfCBSKus_7b_62EzotN5PE0ZXYUmRpaU35gR20XM6PARc1BI7D-s95o_DXeZla6v4VYhUsIFnS-GMwaT-Wc4leZY1UbRqCQ-PH9nF4F0jQJ96VmEogjxdmaoigPbE7Q3FoUfK6hNUcgU54cZDvPbZrg0Ixxu0-aLfWVaU2g5CuDtGiUlphgy1nHqog5ZW5dKD8lgNHAIfNnmTbu-0rHCwzvvPDCRUPwnAnC25A1bl0iSMAzdYBPJQrDnFGI-utVlMqPVXH3ISxmfMf9zYpRNElESdysGoPXDcnaJO9HZbFx-HpZGftMhMEkdXGrXWMCjwgH7AmL5e07u02obahZxvZR4iol_mcElMAVlCuBY5AH5SbjlJ0qdGKILForME7B0KQajzVExHpXWa8iB30KeN1_FylD9iTCjea5-dSxSOfAV17CdrY-2EETwGLACm1mEROqu6FIBEDxWd5ryLaS-jo7cx1sTUH4_7BFG0u2htH2z4fWn7UJcmCSdtGPqeBArEkbkeicRRC_TAkbYrCaPSOB_-KI_i7PkKO9tg1WRPZUAYq8DmXNsLoYaewAI0Em1U5K-EMSsZ_a0dSvMRisqOiWrdSotYHBVhy13VDDDGptSlCzOZjzLvKKZ9Q9Mu5FUOTzxq_YRTqkfJPoCoHcIYkXmPo-vGyo4MyHnvsizDSzbjhtdGEEpNsurcLUBudDnYQkoGpBx22AqOfEkSAjpq8QSIkb7pQpY0Jt_YX8yp__U0KTOhkJqd9GNMJOdXvjiOWmamAzmBhh0gdniwDV-7PvuPPf5PejNhG_3Rif-2DCwjE5BqHIUgB3qN0RGdR0iUZjS1rLT3isaTfHJXzkZC3_pxOOJKit0wAtBYcnyttIupOVnJiwbTszNg7uhIS5rMzimxZ5wVY3w9-d1DFO_4pJv1inzVfrd0KXR3DhmH5IOQT6b6n1moiJFeloJN0xWlCZIP5gZsSLKGtBCcTR_s0ERbIToWltX21RVI19drhAFVqo43ieSLsEiNqUEsTghSZ232OIvChzz5uP5aKbPjMi6ilXIOqm0b1kkLhlheoqBuW7jSpabgmVFJ6N6KGoH7OLCTvvsUVAABaSK7gQlPN9OaasZuLgGKZI797SUeGLMfn6KVRiKe0LSWIexsqAYeoDJh0eG0KMdA34NR77ihp3L5sN1i3yYWgXZi9uwEveRLyxlXlMssGUrkdoqH1hUdwySUJfslLTdmd9VHuvi70_e8B8tnKkfLCaY8uPEN8SvUQDzs3vO-fFgqa8XCx_al2_eyP6R7Gr2jtCEMuL9a3rAerY4q8X9zmAE1-htNj62SSAgJmLV8Dc672yere1oPy6jKENbSl8EUTqNCmCW0kvD3QgQUA1-avOlt_42s2uSqHV1xpjtWTEizQPF4XmlmdySsdVmCmwZ0XbHFs4NuDb7AURzuHLGEmdoJaCyrLtNcygaT97U4e8QYrwkrNkwnxzOMqoD8eEzXaWO1vwawNNbGxB_eE3P3K4YSQn14IQxTKkAWJT2J14X5ifVHS8ZVvnu_f9aPFWaqYomqfaxum3N1R4sd-9lQjRcv6VAbIeNpUQR7NEhhA_cdKIp4OiOGjRZikOi8wlFJX2efACRfrFJxVbxGRdWe-Tt8DDxciPV-BlNBzGWOHOydPwKzkB98SDazBumMw7tDD8Orcw79rpn3JJp-AeiSQlEV9ABdWcV3vA_6ERYN3HR6DR-kvtq85xKmp3FveN8lVjqgjickinvUenz-KWm5vTqCp4MVwJc05Eaqzl_xSK8YM9qKzA4-2hyTTIOXEGeYAeW6ymW2mvGZRr8CQwPVyB908QyUISVHpPtX7GjjW7VQ0SFBWruIqKAJCiGKN94tRO-grnV_TtNnFeGrklSQgKYe6xemOMebPq0mJyup4EQ_smgI4_aOn2j279mU7AarlncR5fdEhJ5QIFg1oFPfMh_lXjxdGHAbrmx_1UGaXeKJibnXHxO7pGAXLBPJjuPSvYWxagXXntc3wwoBwT443ui4i81Q1YdB9g5W6GRHz-nJ-XAiiyDgwGIKAaraIVquG7mtAqmHyKIp7M3wGqt7PmkqdYEQZrDYGBcCgxUhGt9g1R9xQDyI83Tx5u64if9JO6_L3EUbIUFHwOo-Ivi-381rquV4RgRREpQ3Ibi7zJwFLvS1yTiW6MyyLYIyVE5SooeCDmd3HiFwD6Kc43PA_W_WA3pLfe53pZXDXWXb9Vaa3zjNt1oB2rvNq9tLH0uLUePcL5BKMlaRuSxVsjtLaaLuXc3IGtWtvl4hxxbXbARsYPetv5EH4_xp5tLViSc2u_yZbFw4yonJl10TP1qlKEdKPF38QTWJyrCqdJsmaY6BlPUuYhtrIVd3ihNrnTeFeTBAmRZw3MKWWnd2fCEpNF5ecqY4XjoB6C0uqnoWEf_64dAxVJS7uICGrg5YA-ofusSbqg2VUbUVUjYprT9f9Jil3EGW5UVTmPSFM2diMA2Ov5AurnswozAWCkuqxueMd2MwgItrgPNE7YTG9AgTrH8zy1FySUXE0afWDWXTImv21g6cCrRRZhLvUeor5ZCO6c3eYUPLFoiW-1j_8R7a0RPR5YSO4EUXbBU44V7-8FiSDCDflBJ2V3BcDXpW0YFIeTYjzXvej3eL6IscMhfcxy1YCcEHma3F_JGc58oMiOTwq5eDfi1N9-LXK1mHqtiE&cid=CAASJeRoaAwZcCwgIMrB9_s0GMnBkARskRn7fhD7Tnn4xLu2-yC9xaM&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame 2EAC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 09:33:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 37C0 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuo-Cs6jOJ10XOQDVqZCdl1cDzqnZJz0S1vZCpyCquxptLJ3WX679N1mywvGWawDWVE-UNIRf8f4W0uvrr0hah9ri5h3TYarSwQAp7Yqn8Q-wvQyFG-BQLu4B_NtkxgK468eBYtVABeRZBr7ziX81_Bgt8yLarz6qnD-OIyb7Ai4i7MbCdAJUlbBrso6icu81uVb_ic4vDGI7Qe-bn9wl6PjeGsx66F4pmXpw93Z6HN1COGc8z38hlRMGkk8KK8uCZF3HF7bvpeHDsOTweHl6wUOt0XLInGRr1sMiiODgSGQTtB8HxviFPrrKYZqjwre5KoygpoWVCOZ2Lg9jD8HI58452FWiEIOzbZzNk5GSP05Ef_QGY64CYN6zkRoUS_UxQReJ0FlyIF88SlyyY0SKlQsD25CQP3XuiQs9jCgIzNDYiwfjfmQgLFLaCEVBbD6kzolyD-LoJX5CIjzXWjBYxvAy085wMzeHwAdvfjwCjKxUfYl1O0bPFSTaqE6xTWOT4uqmbFbI1CmG3ZyIqIxsaeFfePj2pLmKIH7q6UtheqTqL_liAp8wTAKhzROYJeY0Y-YPwhXxurgsv7FGuIObYzO9JwjGvaLZy1_tWt8eZHpX3mSRipfAfPn_4FSZouq7JCE9DerBRKnJVwoF5Il7CGBXj5uEiQnY62Oyb7HWTSbJy8_JaLScQpGbpzItEMV1GtDQRURZSHQj2BUf8jvvl5KhE2DqPT99HTXJMIn03DrSqwSz-6bWp0CUdYpuKaO8qiNWefn_M2uA5w4UY-3HNz4TttJnYJW1nGqoXD-ygR_7hY138j4YpuR8orIYQAmt7FHC5cAPtUc8ReEDT2BMtOYgo5lG_IBtsX7JnBbdB5oTQlY2-J1hrJA7lL7gtvlvjzZUyCLrqELJzx0Q2i19U67oYVcZQPAukzttjACbmCCyiLJl_9eKe-UrCJaY6gKbzCdseHpnncHBpa12xnT84QZxg6eo34ShpEzbc7NcUS82Vz41hCi5hr63uhFyvT3ilBMEQwlbUHUllCevzGPqKQR2JfTV011J6Uva8yznkCrV7wv800_9skKbcqgSsMECd5a9dVUfxDtXpW8z8_yuP8Fz3cNsuBHd68TJ0vWvWfBESqF_HBFviGFJg7Mie-Ci1PMmxdReb6ve9P4bqVso5oan9-n5BmXX7ELFADQWiBrZ2W6ouSTJvcaf8qR4SMM-i8j7XtpZePGyV-iNSV3A&sai=AMfl-YT9fTKbqAPJsT7GkmFuKe36OjKSJTvnOphTETgQAL3Z0OzezgmwvfF9yNOx5qM7vgloP0auBs6JwXGW9QCXXQa3XqJFywNxA-owN20u2CX3SqcDKUI018HpVzqppl7HZn22CtY7uWERQyCleh57LfIrupUbFlRJfopNCtcr7ESmYzLrbCqMPy-JaZQjjIGw_Z9HocelisA8pF4Pvu7fT7geqTfZGyTeipPCHvKxTaYquB7R3IYtLuzWFSSLg7OGF2MiHWiQEFc&sig=Cg0ArKJSzNTWMnRdiv-CEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=314&vt=11&dtpt=313&dett=2&cstd=0&cisv=r20220427.48389&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtWG9KWrleknI8YNwaqJ2TV0n4Rd2eWderLGHnxVptfosShYpypM7mOJVcFXltegXs8cYuQ75kWQeaRO33yzm8yY7FmQ&cry=1&dbm_d=AKAmf-D9kIs-QoFMK5n9L48OFuoBfhcZWYJfgrzoEgUWq5LqC_TEGIqX7YLYYvJXLafhfiS9k5O7x4GHh_qZhlGhcDBR8VXittGsx7_YLL_3Y6bAUPkNvRaN9CM0s2bCX8o7mo3aed8xgGS3RQyORYbfqHUhGl_OrMYHh2bToaNDNPZxPb4R3UIYgWV8WYrnQpiyiI5hWo64sg_kiw7yQulgAOWXCMZYhD5j_rYgBGGiLHaYwxxRMFWP0hLq_gSSIuzaCCC4lSv_D0F4GUCVxa2ud3hOt3YCF8_cRoJBqZvjDXSdK0Bzk94Ayr3KAK8iY6JLTIRDpnonF4y0PCDyeGU4JuCVWJkWV43BDq5aiMNAO9lkRQcBFbukZ4XaEwtIGql4AwFHHitzwBXfjthcoslsNzZLiSIvgt66PH3fwV10DZJ5lObo04WzPoZD1DhgqIruNo8mLLjHTMLUySNarKgJZ4HcOxibLNJ6Z6rQzol8JqTiLgcOLXMfhfqPV_rTSEP_WgFgi8vPj2Nsm1qncp0DhSzdk_OoAh67AZQZgPP1IU-P7TP8aQt_83kgmtACUFxwhT8SXyY4yGvenZiOmJnPGrhu1JE0gMyYkKB6ZB-4VSamA4HJFcRff8zflnohB1_6OEiGt2FPdBdeANQX_mLscPxxtcFjgn4CneSuVXiM7M_bqDvPOdU0L0oqZoTGRyAOZUS59eHHTbfd9hnEYokOQ3QioYzrqRYfa4rsisHZu1ih50Xzg0UeHqG88V8NZWp3vznngPsOPrGMOQDkfYvMyDfg6vDbwZAcQYdJ6UcV933KrPzNSOmaSI8ozqQT8KYhukNrYtXuwl1obJtDl5Umk1pQff1yHwbIZ8ByMZZxrf_McEC4KyuzvF-713MFyHP7Qixq4M9FtNyWuRe3mUaA2c1Z6dlqlDT_abCH_bT_v80Mi00wr9Xn-zTUUfGyevhY7Wbq8S26lsx1NdMvYYm65upb2KhciQ-3Az0NAywBWxtfqSMWpTj22cGq8GnPkbAUthJE3IDWCoNnl8eYkzJ8qPGXJJhUeYFZRFJ82Lth0gUVlvbAM3Y17ShVsBlgnGuqJGRuSuK0OsqwDi0RLTwprV-ruZFU0AmO8Yqnu86esxoqU5NM8SqHjzWkvjUKfbDLf0EaaI3Uao4P7VJIa4ufl-yHmnnJQXqjVf_zl21xbMjGdZ8xkV12KIm7D2WwzixRHSEbUD33dueMU0TM_ylIOw6P6HfK1rkkKDAjJ14MI3Yv65iUC9ds2gFzVOwUGFqqpZjsGQ2uzeM6O6_Oo_pQO5jDjBTAauYdy_hivA9FFtN_m2puzKHIdg-FzwrRAwrH9VBPIWEVk99Ri2pOwGrxuqlwTZc3-9J08UGf-A5enxrBWd5ErSz4lNL4s1c-VP7-Rp97Rld9SGAUAlVZj7c8LqYodjawDFYeMkDnyERdoyBR2wA6g4NCT1Hf5RBlj3370I8c6SJw8GXY8Mr0RKOmu4huXMrUX8Y5AY0KDrkIjw9Z_Eh5ugTU1jiBYq1pCNH_nQeUv_iPvFP0W3EDWHDpAodtiwg2udSGG2MsTodbn6hFccTFwPasbVRMGxY0ARyo2Kwkc5l538vl1el8QbAlZMfT6Wu5Fy1yfQomIlMwNgrDPr64ZrosJ7Jno9cuZ-M8YXWfW7WL8UPQdgPWRKX10GfA8zGKttQHZmm4DXKX17BpSWomW0iq6h7S5XkOqr2gHmtAOJi2GLp0b3mirM_mZ2RB_3uDpa-PaB4WtA3q30gCE3vNsBr52kLHAnf_43hS8Euzvx3fJAocYVEog2WygHO6tS8har_ZS2zHIr2r2_6JMCiDzcHumfafEntoS5gm3Do1KHzxWLFbSdldryPIJrgFEfr_Sc-kHbGCKpNuUnm5QMBmBJmEguL_nNeu3XFtitip9dnjZfVJgCGxkXNnZp1FBckDkZKQ1jkUMjyJ7F_b5wLnymLxHQVSX91mOJF1on0c5Qg708dtWNeJz5Q18z1tA8q5dc0U2rdrdNmwi9bsBdOOzE4OLDfZGB7GU7YSdJHFj4l7sG8RJh37zrlK32SQpGKUUXYsdPqPREhPK0nrHDABAJLtgmZQTHQQhbs5TFygOHmNeZOD82m716w5WUgOFa3nlrvWGDWvtVm6x7AJadEoddB4J8M_-hqPUQxtaEU7JGF5ZjntgavW1xPB739AwLItd7n0xbKv7_IdDKtLmrFm9AZDH2JT-fbN5C-GRcTkyp3IQtjsUoLbCeV-uS8MZHckEnFHstrCAupXDP8Wl3XULbbDfGqHCpbLJr8f3c2-v8KEQK-jIO-GUFBWjcnEbLvIKxDVlvGXiia5HaM1YrT4uEun16Nk2FZjrzKx54YNQ6aVbr5GVcT6ZWegRDjPQaRTtSyh_YXM1ZK_3AXb3opzC37mm1LNQaqh4271ShISiFsVA5DhMdJgqG22rsavf9Zki1qMCxxMxQ2_7UbsaF-L-pJXma_kpXuIE6eXoEOWHGEBpZcnlbJnztHyLnLz6csNwr_GrW2Popx2KcnTSN4id1-uNFie0SjVP1TMrdzFQJwuJlQNwl6_iWO1eMp8_ym-OtC50hvzR-1ymaMCpK6HoEi5f9jzJGdIKteY3K8KKSJnuy4D96RrE-zJVGzpVSFfqdaamHdOnHg1gNiA5tXP95uiQoPMppFIMBYC7yDIwyOZFQzscFo_gQyTD4A_KBW5JOOw5BVDJO_nN6HgwgSwkCRZBqsqs-iMuEtLorQTsvbqWLFlGP6dV_4oLzIxIxSLNmtsXxDOnwOegMYGHq__odSyT3fe-kufuyW53PnYVVSfK-QuBcFrLOYLVM3xyT3SyfOgJxbVzATXaxz0K_ehvI8yZMOm918gJgZfwsn8ZIucupuyJlHXZOveSBXI3FvjqSZ0lORW-if1ncBpLM9VYmikJ88Rd7aPpjutWHC9AsaV_WZQLkAJjlXr1X1mHLp4HobgJQbHk3HxfjBO8TG7SN_MSXCobBmKlcDmQhVoX59Cd1DSGYjLaaxv-ukXRSm7YE_usyq3b5ijbx1f6s4eDLbWtxondEKbkHFJ9lRabjh-XLNFWEEtu3r64LWB2X8FFDz4ai3xS53_e0I9_EPZ-K_UgJTNkTfvmSuYfkhqL4bFa2JMKacsQxttDfvs5UFF-BApSM441duSphWiooKwpvln4R4t-dHjIFGrE6kUhPz4NWT7vTdBcwPclRr3iNufMxv73XtxtEJvlKFCN_gXvnZQcQCTmhSH03xPEMPlYFdIRD-ooX_Wk7X7ICEUwaf-1A9z9-FT-As3-3iamkokeIZ7VKdX_s1GsL3dJVR7K_nW&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F949 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
13291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 05:53:44 GMT
etag
48472445140208031
expires
Sat, 30 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame 271E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 09:33:35 GMT
truncated
/ Frame 3108 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d05e043b5c85e5938506c0f498705cce97b5e2d8652f53925b03f210786f6dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/ Frame 5E3B 		191 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c1cd74e1bae371d24605770bb65b81c31ffebf43e45ff01b535b23bea87f4da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:15 GMT
Content-Encoding
gzip
Age
454
X-Cache
HIT
Connection
keep-alive
Content-Length
62095
x-amz-id-2
Q1FwX3P+hehSVQ9dDk70PkvYp+yVV0IYn7DIpcgPYlb2DVZzOliMPX/ECV+/ARXMlyTJH8JkWdg=
X-Served-By
cache-lcy19249-LCY
Last-Modified
Tue, 26 Apr 2022 13:52:54 GMT
Server
AmazonS3
X-Timer
S1651224916.859366,VS0,VE0
ETag
"50304451ea6cf0b5d1ffef391681a6b2"
x-amz-request-id
4XG7YQKXX066V7P6
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
473
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=7O7MSF8zcVUlMkJzblElMkIxMUclMkJua3BOWDZtd29JUURUVDBxbTlNcmFVNE1yV1hub3VuVEpJaFVoYVhReDNPN0NMMnRRQk1xQjN4ZXFhVzc2a3I4JTJGdEdjcVZMTkVGVjJjQW00ZG0zR3IxbkQxVFZCZGxOSklneExLMFdvT0dLMVZQSW56ZFlx&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 29 Apr 2022 09:35:15 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1212
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 3222
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=7O7MSF8zcVUlMkJzblElMkIxMUclMkJua3BOWDZtd29JUURUVDBxbTlNcmFVNE1yV1h...
  • https://mug.criteo.com/sid?cpp=0l-Sx3x0OEQzc1M3ZStmYUpFOEl0SklmUkdwUVA0N0Y5TVdkaVlkcEJFQUhZRVRLUFdpclZyaGZCdVBGWDFLdGQ4S3dGVk5pbXZVeWlzR1JHQndTVG9JM2ZrUSt3UkdLRXJHS0tQaFBJSW9BcFlObzFpT1BMY0drekpHOU...
355 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0l-Sx3x0OEQzc1M3ZStmYUpFOEl0SklmUkdwUVA0N0Y5TVdkaVlkcEJFQUhZRVRLUFdpclZyaGZCdVBGWDFLdGQ4S3dGVk5pbXZVeWlzR1JHQndTVG9JM2ZrUSt3UkdLRXJHS0tQaFBJSW9BcFlObzFpT1BMY0drekpHOUpjZjhhU1lVbVRmbitCMDcvUEhSSUM4VEovVGNnTithYVlmZWZZb1pjSnJONU5UOFROZFhOUUl1czgydlpHMTI3QnJ4MUZSbmtoWW5XMXlVZlp2bGVTVThYRHdtUEZJSUcveng3bTZvVWxhT3hMNXNuVHI4LzdwMHh6TTFKMjN2U3lJd1JNNElafA&cppv=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d95ea93159f388c7cd3432cc02ccd0a9b11b12427e42f31783f2ddfa4bc5d0f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:15 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2735
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:15 GMT
location
https://mug.criteo.com/sid?cpp=0l-Sx3x0OEQzc1M3ZStmYUpFOEl0SklmUkdwUVA0N0Y5TVdkaVlkcEJFQUhZRVRLUFdpclZyaGZCdVBGWDFLdGQ4S3dGVk5pbXZVeWlzR1JHQndTVG9JM2ZrUSt3UkdLRXJHS0tQaFBJSW9BcFlObzFpT1BMY0drekpHOUpjZjhhU1lVbVRmbitCMDcvUEhSSUM4VEovVGNnTithYVlmZWZZb1pjSnJONU5UOFROZFhOUUl1czgydlpHMTI3QnJ4MUZSbmtoWW5XMXlVZlp2bGVTVThYRHdtUEZJSUcveng3bTZvVWxhT3hMNXNuVHI4LzdwMHh6TTFKMjN2U3lJd1JNNElafA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1456
content-length
509
expires
0
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ Frame 3222 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-127.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d71e8cbdb53102b681f51bb059059ea3eb93148b75426a076f6c9206620b1008

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 02:14:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 10:50:53 GMT
server
AmazonS3
age
26438
etag
W/"25bd9a6d37c4f9fe771763986ea8b6cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
EGQWlQ.lK.8OAVRMOQEmijL6oEDuzu3E
via
1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
iJQZq0Ojt9oPf1GQ6SUTfVSqRXD_FVL4DCzoNMaJn0BpJgJgzcN2PQ==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=7O7MSF8zcVUlMkJzblElMkIxMUclMkJua3BOWDZtd29JUURUVDBxbTlNcmFVNE1yV1hub3VuVEpJaFVoYVhReDNPN0NMMnRRQk1xQjN4ZXFhVzc2a3I4JTJGdEdjcVZMTkVGVjJjQW00ZG0zR3IxbkQxVFZCZGxOSklneExLMFdvT0dLMVZQSW56ZFlx&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 29 Apr 2022 09:35:14 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1274
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 5E3B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=7O7MSF8zcVUlMkJzblElMkIxMUclMkJua3BOWDZtd29JUURUVDBxbTlNcmFVNE1yV1h...
  • https://mug.criteo.com/sid?cpp=ES0Bc3xUTWM3RWIwT0NTb1NYUHIvR2FSanMvZzVkN1FwTGhMWkpjM1o0WXhhMjllTzNoOVBSNWt5RjZVck9MQ3VuM3craUZrdkV0Zm94alR4aFFVMDNDM29kK2YvcnJmQ3dxTUtSOHdtTkdaRFdRMWlrTVVSdnlpMlppcT...
360 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ES0Bc3xUTWM3RWIwT0NTb1NYUHIvR2FSanMvZzVkN1FwTGhMWkpjM1o0WXhhMjllTzNoOVBSNWt5RjZVck9MQ3VuM3craUZrdkV0Zm94alR4aFFVMDNDM29kK2YvcnJmQ3dxTUtSOHdtTkdaRFdRMWlrTVVSdnlpMlppcTNxUk9WUGV2K05IbmNPTkV0dUNjRmI3bTh5MFV3NnFwZHJ1ZkVBZG5aRHNuRk1KTG5QeURPRjJXQjR1cW1hd2pJd0IxRUFKU0R5V2pSSGdwZlY2Y1JUcWlzT3J6T2dHam1WWWhrbWkxUmMzTzBKd25uUWFaejFTSVM1dWwyNDd0NlIyYUJnbkNqfA&cppv=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
000435bad3dc341068418388d59f80a704c6db6f271421e9aeb9c5689ce4f2c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:15 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2801
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:15 GMT
location
https://mug.criteo.com/sid?cpp=ES0Bc3xUTWM3RWIwT0NTb1NYUHIvR2FSanMvZzVkN1FwTGhMWkpjM1o0WXhhMjllTzNoOVBSNWt5RjZVck9MQ3VuM3craUZrdkV0Zm94alR4aFFVMDNDM29kK2YvcnJmQ3dxTUtSOHdtTkdaRFdRMWlrTVVSdnlpMlppcTNxUk9WUGV2K05IbmNPTkV0dUNjRmI3bTh5MFV3NnFwZHJ1ZkVBZG5aRHNuRk1KTG5QeURPRjJXQjR1cW1hd2pJd0IxRUFKU0R5V2pSSGdwZlY2Y1JUcWlzT3J6T2dHam1WWWhrbWkxUmMzTzBKd25uUWFaejFTSVM1dWwyNDd0NlIyYUJnbkNqfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1688
content-length
509
expires
0
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ Frame 5E3B 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-127.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d71e8cbdb53102b681f51bb059059ea3eb93148b75426a076f6c9206620b1008

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 02:14:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 10:50:53 GMT
server
AmazonS3
age
26438
etag
W/"25bd9a6d37c4f9fe771763986ea8b6cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
EGQWlQ.lK.8OAVRMOQEmijL6oEDuzu3E
via
1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
uJMmKB83d7KGBAuGioZ5Fb3IOWiSe09wv4hYjSvYPy_SGryyZy93DQ==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/ Frame 3222 		191 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c1cd74e1bae371d24605770bb65b81c31ffebf43e45ff01b535b23bea87f4da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:15 GMT
Content-Encoding
gzip
Age
454
X-Cache
HIT
Connection
keep-alive
Content-Length
62095
x-amz-id-2
Q1FwX3P+hehSVQ9dDk70PkvYp+yVV0IYn7DIpcgPYlb2DVZzOliMPX/ECV+/ARXMlyTJH8JkWdg=
X-Served-By
cache-lcy19249-LCY
Last-Modified
Tue, 26 Apr 2022 13:52:54 GMT
Server
AmazonS3
X-Timer
S1651224916.898754,VS0,VE0
ETag
"50304451ea6cf0b5d1ffef391681a6b2"
x-amz-request-id
4XG7YQKXX066V7P6
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
475
config
c.amazon-adsystem.com/cdn/prod/ Frame A601 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e4e330b75bce30e11721b1a4d4afc02a6ec19bd2b9c9e5cf8106ad097e402b8c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 04:28:53 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
age
18381
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-length
1945
x-amz-cf-id
eDItFgpjM1hLNVUYtBpEmDtMS2RA9JHPBQcqkbQZpphFnYCuhsY0Mw==
bid
c.amazon-adsystem.com/e/dtb/ Frame A601 		23 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=HmA7LzC7MBenL&cb=0&ws=0x0&v=7.75.0&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_728x90_1%22%7D%5D&cfgv=1&schain=1.0%2C1!insticator.com%2C0eda47e1-3a3f-4444-8ab9-a525f4133e8d%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
NJ5T2Z7BWA6K67K1Y6NJ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
mb103sR2jgaYTPCc1eYQOyoBWJrnyaBFCITalqoqEYuoWeckjEhc1w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A601 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
28370
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Fri, 29 Apr 2022 01:42:26 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
G43VdUJJjqcmAX97Zrbeyf1DXEFq8fTmdVgIEL8LaPkIhkLXczRYIg==
config
c.amazon-adsystem.com/cdn/prod/ Frame 1B9C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e4e330b75bce30e11721b1a4d4afc02a6ec19bd2b9c9e5cf8106ad097e402b8c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 04:28:53 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
age
18381
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-length
1945
x-amz-cf-id
DFbXJ_AjB1RSu8KY3N_OvtkryHoVHsVKHNhc3gFh_fyT3QoHcDm_iw==
bid
c.amazon-adsystem.com/e/dtb/ Frame 1B9C 		23 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=bn3bWwP8XpuZV&cb=0&ws=0x0&v=7.75.0&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_3%22%7D%5D&cfgv=1&schain=1.0%2C1!insticator.com%2C0eda47e1-3a3f-4444-8ab9-a525f4133e8d%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:15 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
2X1J53RPPFFR7N0CXAS7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
wEaALhJ8tmqtW8NwWgRzNzNVK3H_-Ggv73iNfA3faWb4TDaWHIritw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 1B9C 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
28370
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Fri, 29 Apr 2022 01:42:26 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
5WZHzqYE3G1Xzu4zHXR8Gy4gGoxNEOHPm-emxGJr0fM0ISaJCMyykw==
truncated
/ Frame 37C0 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d4a8b3f073b714f473f11682687745c8bede6e0cccc2b027fe5693e7d213422

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
ats.js
ats.rlcdn.com/ Frame A601 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
17702
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Fri, 29 Apr 2022 04:47:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
6pLFtSOEcvRrwTeAF-p-6fTH7N1YMnDLxSsDdc-ECrcQkjo2wRJ0gg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame A601 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Fri, 29 Apr 2022 09:50:16 GMT
config.js
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ Frame A601 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d240fae19e970dbdc7adca2b14dde7f8765f2242ce7d03fc22e139dca38dabb4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:16 GMT
Content-Encoding
gzip
Age
2328
X-Cache
HIT
Connection
keep-alive
Content-Length
13226
x-amz-id-2
HeLY/XswPCj7/kqEz4Gw3jvyJLVsR7ZyxXku2wbCEblOhUSu9WBVWwB2F15UUq04JrN+87lMPX0=
X-Served-By
cache-lcy19249-LCY
Last-Modified
Fri, 29 Apr 2022 06:28:23 GMT
Server
AmazonS3
X-Timer
S1651224916.039196,VS0,VE0
ETag
"21c1c055a96b89bbc576d4042e188eba"
x-amz-request-id
PPT2RRM0C07FK6Z0
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
110
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame A601 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:18:55 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
rbx1
content-disposition
attachment;filename="id5-api.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
11181
x-request-id
330040040
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1801 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
99046
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 06:04:30 GMT
expires
Fri, 28 Apr 2023 06:04:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ats.js
ats.rlcdn.com/ Frame 1B9C 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
17702
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Fri, 29 Apr 2022 04:47:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
iQ1D69J95P74p-s_O8DOkGraowi3twu4E_sClSwwBrxehIFu0kh77w==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 1B9C 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Fri, 29 Apr 2022 09:50:16 GMT
config.js
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ Frame 1B9C 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d240fae19e970dbdc7adca2b14dde7f8765f2242ce7d03fc22e139dca38dabb4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:16 GMT
Content-Encoding
gzip
Age
2328
X-Cache
HIT
Connection
keep-alive
Content-Length
13226
x-amz-id-2
HeLY/XswPCj7/kqEz4Gw3jvyJLVsR7ZyxXku2wbCEblOhUSu9WBVWwB2F15UUq04JrN+87lMPX0=
X-Served-By
cache-lcy19264-LCY
Last-Modified
Fri, 29 Apr 2022 06:28:23 GMT
Server
AmazonS3
X-Timer
S1651224916.046963,VS0,VE0
ETag
"21c1c055a96b89bbc576d4042e188eba"
x-amz-request-id
PPT2RRM0C07FK6Z0
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
83
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 1B9C 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:18:55 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
rbx1
content-disposition
attachment;filename="id5-api.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
11181
x-request-id
330040040
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0l-Sx3x0OEQzc1M3ZStmYUpFOEl0SklmUkdwUVA0N0Y5TVdkaVlkcEJFQUhZRVRLUFdpclZyaGZCdVBGWDFLdGQ4S3dGVk5pbXZVeWlzR1JHQndTVG9JM2ZrUSt3UkdLRXJHS0tQaFBJSW9BcFlObzFpT1BMY0drekpHOUpjZjhhU1lVbVRmbitCMDcvUEhSSUM4VEovVGNnTithYVlmZWZZb1pjSnJONU5UOFROZFhOUUl1czgydlpHMTI3QnJ4MUZSbmtoWW5XMXlVZlp2bGVTVThYRHdtUEZJSUcveng3bTZvVWxhT3hMNXNuVHI4LzdwMHh6TTFKMjN2U3lJd1JNNElafA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 29 Apr 2022 09:35:15 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
848
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ES0Bc3xUTWM3RWIwT0NTb1NYUHIvR2FSanMvZzVkN1FwTGhMWkpjM1o0WXhhMjllTzNoOVBSNWt5RjZVck9MQ3VuM3craUZrdkV0Zm94alR4aFFVMDNDM29kK2YvcnJmQ3dxTUtSOHdtTkdaRFdRMWlrTVVSdnlpMlppcTNxUk9WUGV2K05IbmNPTkV0dUNjRmI3bTh5MFV3NnFwZHJ1ZkVBZG5aRHNuRk1KTG5QeURPRjJXQjR1cW1hd2pJd0IxRUFKU0R5V2pSSGdwZlY2Y1JUcWlzT3J6T2dHam1WWWhrbWkxUmMzTzBKd25uUWFaejFTSVM1dWwyNDd0NlIyYUJnbkNqfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 29 Apr 2022 09:35:15 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
940
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7149 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
99046
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 06:04:30 GMT
expires
Fri, 28 Apr 2023 06:04:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5E3B 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
2dc47a73f81502d1fa622236090b445485f3a153e20e3f358af11932c3bbcd62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28748
x-xss-protection
0
server
sffe
etag
"1199 / 727 of 1000 / last-modified: 1651183562"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Apr 2022 09:35:16 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3222 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
df49b35ed9a124e990a699f6b0a2cc11060d5f7fd25c6f54babf2812f51d1c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28748
x-xss-protection
0
server
sffe
etag
"1199 / 597 of 1000 / last-modified: 1651183671"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Apr 2022 09:35:16 GMT
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame 7FDE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 09:33:35 GMT
dpixel
cms.quantserve.com/ Frame F949 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAuZjO45wni3XHNGpSTPjm4&google_cver=1&google_push=AYg5qPIKd153u-ebwYkSwkCjsfts1Ozc0FmLKSB_IkefOjxbAHTkt8EuDaOoglAPqcuR4M38GGbHcmgC-GhInzFMip1V2NHh66X0
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame F949 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEI9TX2ylM3lz1wMA6h1QDec&google_cver=1&google_push=AYg5qPJoguliB2Su321RI0CCqnmA-Bm2hi3_TkSe9h4I49Gc9RG0unMVAIXgxQUaV8ez7sQoI8_MKdoMxAqmtu0LWV9TaWGePU7C
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame F949
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECF3ipNEgl0r4pySGm5UTEI&google_cver=1&google_push=AYg5qPITeG_LZtjO4eXfXuIidXx3c5FzdXNk8MXvxyxAUaxjI_W5fDtUII0e6t4DNJgw8x7Rq3KcHl_GIFVu4QaBVEI8cD0kEqNh
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7FC55686B2FF4B83A59903DAAD9C4A27&google_push=AYg5qPITeG_LZtjO4eXfXuIidXx3c5FzdXNk8MXvxyxAUaxjI_W5fDtUII0e6t4DNJgw8x7Rq3KcHl_GIFVu4Qa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7FC55686B2FF4B83A59903DAAD9C4A27&google_push=AYg5qPITeG_LZtjO4eXfXuIidXx3c5FzdXNk8MXvxyxAUaxjI_W5fDtUII0e6t4DNJgw8x7Rq3KcHl_GIFVu4QaBVEI8cD0kEqNh
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 29 Apr 2022 09:35:16 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7FC55686B2FF4B83A59903DAAD9C4A27&google_push=AYg5qPITeG_LZtjO4eXfXuIidXx3c5FzdXNk8MXvxyxAUaxjI_W5fDtUII0e6t4DNJgw8x7Rq3KcHl_GIFVu4QaBVEI8cD0kEqNh
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 28 Apr 2022 09:35:16 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F949 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBps2eMwgHS0ijeJP0Ry7kE&google_cver=1&google_push=AYg5qPLL2o5s3PAUivq0D8NfEjgza0D2S_bseKjzLaDGEIjfZdZzvdrC936T7YsJi1CPolPNfzeXO54CClyXdaPXFcx6ZwgmjGw
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:15 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame F949
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGAMVZLCpqS6NGW7ZrUPKos&google_cver=1&google_push=AYg5qPIADzzYLWcXaOjyfsOT8bLPAkUMWnE83vE6w7HlLqJfvBQ0MCZbnkS1eJT96ImEBBgFOGnJwCtS9Ne...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIADzzYLWcXaOjyfsOT8bLPAkUMWnE83vE6w7HlLqJfvBQ0MCZbnkS1eJT96ImEBBgFOGnJwCtS9NewszuxJUsZRt0IkKav&google_hm=Ud6iYvleRo63xcGUm9Tjj2Y
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIADzzYLWcXaOjyfsOT8bLPAkUMWnE83vE6w7HlLqJfvBQ0MCZbnkS1eJT96ImEBBgFOGnJwCtS9NewszuxJUsZRt0IkKav&google_hm=Ud6iYvleRo63xcGUm9Tjj2Y
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:15 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIADzzYLWcXaOjyfsOT8bLPAkUMWnE83vE6w7HlLqJfvBQ0MCZbnkS1eJT96ImEBBgFOGnJwCtS9NewszuxJUsZRt0IkKav&google_hm=Ud6iYvleRo63xcGUm9Tjj2Y
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F949
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHJzhA9XuDYreBNUGpxnhGo&google_cver=1&google_push=AYg5qPJt92I9BEg6wJw3KWEglaHT0NFjPzKJYZ3ZgG2l78vpXeoxmd0nFt4O2AkxcUsjcPJbMxf_fjNz...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHJzhA9XuDYreBNUGpxnhGo&google_cver=1&google_push=AYg5qPJt92I9BEg6wJw3KWEglaHT0NFjPzKJYZ3ZgG2l78vpXeoxmd0nFt4O2AkxcUsjcPJbMxf...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjMxMDkzOTk3MDI4OTAxNjUzMg&google_push=AYg5qPJt92I9BEg6wJw3KWEglaHT0NFjPzKJYZ3ZgG2l78vpXeoxmd0nFt4O2AkxcUsjcPJbMxf_fj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjMxMDkzOTk3MDI4OTAxNjUzMg&google_push=AYg5qPJt92I9BEg6wJw3KWEglaHT0NFjPzKJYZ3ZgG2l78vpXeoxmd0nFt4O2AkxcUsjcPJbMxf_fjNzg7EsZzLjPoApsw9XdU0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjMxMDkzOTk3MDI4OTAxNjUzMg&google_push=AYg5qPJt92I9BEg6wJw3KWEglaHT0NFjPzKJYZ3ZgG2l78vpXeoxmd0nFt4O2AkxcUsjcPJbMxf_fjNzg7EsZzLjPoApsw9XdU0
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame F949
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESELoDIXSFRg29Akl9KBF2VCA&google_cver=1&google_push=AYg5qPJxZqG76Niy-axb7DhcqLXLyL2kH21SNyqFWnoid20q4fqfgbM1Q4eLglFYeAcPYleGYNHyllJfctVN-M2a_yadr5...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELoDIXSFRg29Akl9KBF2VCA&google_cver=1&google_push=AYg5qPJxZqG76Niy-axb7DhcqLXLyL2kH21SNyqFWnoid20q4fqfgbM1Q4eLglFYeAcPYleGYNHyllJfctVN-M2a...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1ofP53E0RuWZ2Jvq5k0kHw&google_push=AYg5qPJxZqG76Niy-axb7DhcqLXLyL2kH21SNyqFWnoid20q4fqfgbM1Q4eLglFYeAcPYleGYNHyllJfctVN-M2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1ofP53E0RuWZ2Jvq5k0kHw&google_push=AYg5qPJxZqG76Niy-axb7DhcqLXLyL2kH21SNyqFWnoid20q4fqfgbM1Q4eLglFYeAcPYleGYNHyllJfctVN-M2a_yadr5uUHnc
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1ofP53E0RuWZ2Jvq5k0kHw&google_push=AYg5qPJxZqG76Niy-axb7DhcqLXLyL2kH21SNyqFWnoid20q4fqfgbM1Q4eLglFYeAcPYleGYNHyllJfctVN-M2a_yadr5uUHnc
date
Fri, 29 Apr 2022 09:35:16 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame F949 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkTOAjTkm4xdhtwMRpS-nhU9okBN1zgwFESJ2Xnwu_bXLMXHGHSGu9VOwHXXROIfeSJViv
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/ Frame A601 		191 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c1cd74e1bae371d24605770bb65b81c31ffebf43e45ff01b535b23bea87f4da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:16 GMT
Content-Encoding
gzip
Age
454
X-Cache
HIT
Connection
keep-alive
Content-Length
62095
x-amz-id-2
Q1FwX3P+hehSVQ9dDk70PkvYp+yVV0IYn7DIpcgPYlb2DVZzOliMPX/ECV+/ARXMlyTJH8JkWdg=
X-Served-By
cache-lcy19264-LCY
Last-Modified
Tue, 26 Apr 2022 13:52:54 GMT
Server
AmazonS3
X-Timer
S1651224916.257980,VS0,VE0
ETag
"50304451ea6cf0b5d1ffef391681a6b2"
x-amz-request-id
4XG7YQKXX066V7P6
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
470
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/ Frame 1B9C 		191 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c1cd74e1bae371d24605770bb65b81c31ffebf43e45ff01b535b23bea87f4da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:16 GMT
Content-Encoding
gzip
Age
455
X-Cache
HIT
Connection
keep-alive
Content-Length
62095
x-amz-id-2
Q1FwX3P+hehSVQ9dDk70PkvYp+yVV0IYn7DIpcgPYlb2DVZzOliMPX/ECV+/ARXMlyTJH8JkWdg=
X-Served-By
cache-lcy19249-LCY
Last-Modified
Tue, 26 Apr 2022 13:52:54 GMT
Server
AmazonS3
X-Timer
S1651224916.262399,VS0,VE0
ETag
"50304451ea6cf0b5d1ffef391681a6b2"
x-amz-request-id
4XG7YQKXX066V7P6
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
476
e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
pagead2.googlesyndication.com/bg/ Frame 1801 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 21:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
42780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13654
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 21:42:16 GMT
e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
pagead2.googlesyndication.com/bg/ Frame 7149 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 21:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
42780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13654
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 21:42:16 GMT
pubads_impl_2022042501.js
securepubads.g.doubleclick.net/gpt/ Frame 5E3B 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
8cb22f26870c311e1d6970f8f0ac4d264e19016d39627a957f0184d16ad4bdd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:33:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126856
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 08:44:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 29 Apr 2023 09:33:32 GMT
pubads_impl_2022042701.js
securepubads.g.doubleclick.net/gpt/ Frame 3222 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067332
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
82d512d9de66d372be99b9169ce37787faaf6253487f07527aef39ce9651f11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 07:33:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127773
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 08:34:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 29 Apr 2023 07:33:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5E3B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5osmMzsAbTablp5l64iJSIST0QNWUyv2JwazAbrIe67cMEHY2d_EFESHu2DuyQj6kSqiQfZf-3m2RvEE0EiGNcy9bmsmG8ji_eDr8ovLlRjdHVF8K1p4slhIFxXEx_eyzk-m4ztxgOwx5MEX8F_eI8esI9ahaM8oKPBcquC8NOsRLouhwyKLpB4zqc7IK6701FUF9XXUKOuPET93U-4VNLx1BsBtLApDB35uw0AI50ANVtzflFSY0DmqJzf1SlYOs7BXw_sJ_8lqI9_GNpDWbE9qchWQontiv2dP9a3P2ezPDTK4YJM6SDHvFHnx--uJRHxR2-985KA&sai=AMfl-YSvFYavnU_DUuxAyYqNnnhKCL_o6ZgzNpTMhHsZRnccF6AGQRiGNJOOsAl4-TthqiOjp5KpK4x-245HeJorMlNSUfpZokRLRs7NrYQ1b2GjD78pTlFnC4xAp0VjErQ&sig=Cg0ArKJSzIBqF-XaLsijEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 29 Apr 2022 09:35:16 GMT
integrator.js
adservice.google.co.uk/adsid/ Frame 5E3B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5E3B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5E3B 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=54914158931145&correlator=462566495988789&eid=31067293&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fif&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=128770239&didk=570410212&sfv=1-0-38&ecs=20220429&fsapi=false&prev_scp=h%3D9%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cust_params=ip%3D0%26he%3D0&sc=1&cookie=ID%3D4b5d03e2bdf1bf4a-2279421087cd009e%3AT%3D1651224910%3AS%3DALNI_MaelgM5ar-xhWI8jai4nb7uuwmIFg&cdm=www.staradvertiser.com&abxe=1&dt=1651224916547&lmt=1651224916&dlt=1651224911821&idt=4651&biw=1600&bih=1200&isw=728&ish=90&adxs=436&adys=10999&ucis=3xys32xzztdf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&top=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1497013893.1651224909&ga_sid=1651224917&ga_hid=389464454&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8de5c161a42b795271aef4c46b0a9ac74a16aba86ad278f7c06fbf62f8a90515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9130
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5E3B 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05109c2176e4f67c3febe45e2803616227300b0e6d6499547a10970d59e85365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10565
x-xss-protection
0
container.html
13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 558A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:16 GMT
expires
Sat, 29 Apr 2023 09:35:16 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 65A2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfg827xGpzyBDuYLSkQiVHzFu8myYS5rMYFTyTkzkCdrUNbqmPaLsWRSpg9QHw5Q6eECReoW72mf7Yf7B09FBCiw&sig=Cg0ArKJSzG9ojElMXsJMEAE&id=lidar2&mcvt=1060&p=1020,1161,1110,1381&mtos=1060,1060,1060,1060,1060&tos=1060,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4116631529&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651224914261&rpt=1168&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3222 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwcop72fXTmawkQA5lvG2KIU4ve2gE-m-dMK6zEt4xgOLlISBPij2LhglDc5aZI5WWO8WBQAs3XV_jxD2D_2NOx4tmqi9E7EBheopvB2Yg6tnK775c7mXmC2fFAjtVuFMUVzH8A7395kYk0VAVpUZZERtcs0CJEK_4BkkrR2R5DVYb6JmRgN89LKr09MUh_SqW8QqPh-QI5UCwLEM5SA_-HxLnugvIpZuW6SYHczJ5H4sDqqq0UGG4WD6Nx-gjHXXPQLe0ok5guRvvof5IAZ42ows-UMwAK6UcYs2B-EEyC516fnKETMVp9yBhJi6mRqfMaHasLpm1&sai=AMfl-YS0LhZM0FX6C7gbWcDuLHiul8GY73RUCZAWzC2f6CaZ4LtxOLuOUr89N1Nq72EC_hv07wewbzoXT-XUf5KJMlPaaIWnwASlglLt-R4oLS9ctWA9nUC9I44THBf7bGA&sig=Cg0ArKJSzD9X4rNITjmbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 29 Apr 2022 09:35:16 GMT
integrator.js
adservice.google.co.uk/adsid/ Frame 3222 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3222 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3222 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=685003444754438&correlator=2109773541852562&eid=31064835%2C31065713%2C31067280%2C31067332%2C31065659&output=ldjh&gdfp_req=1&vrg=2022042701&ptt=17&impl=fif&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2933112504&didk=570410213&sfv=1-0-38&ecs=20220429&fsapi=false&prev_scp=h%3D9%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cust_params=ip%3D0%26he%3D0&sc=1&cookie=ID%3D4b5d03e2bdf1bf4a-2279421087cd009e%3AT%3D1651224910%3AS%3DALNI_MaelgM5ar-xhWI8jai4nb7uuwmIFg&cdm=www.staradvertiser.com&abxe=1&dt=1651224916589&lmt=1651224916&dlt=1651224912015&idt=4498&biw=1600&bih=1200&isw=300&ish=250&adxs=1161&adys=8113&ucis=czx48tqcmg9d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&top=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1497013893.1651224909&ga_sid=1651224917&ga_hid=1408996569&ga_fc=true&btvi=1&topics=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
69ec8726d2d34395ea2105c6fd253ac6884efb8b95578bf4ad3ed75aeb4767ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9417
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3222 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ec2946a760ad11af1762d0c7734e0cbe8dd55b227caa3fa1fed0583863580dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10564
x-xss-protection
0
container.html
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 092D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:16 GMT
expires
Sat, 29 Apr 2023 09:35:16 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5E3B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3222 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FDE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAkEPTrFrYt7MIdP67_UPo8y_gAUAAAAAOAHgBAI&bg=!ISKlImbNAAZNIUvJbSE7ACkAdvg8Wq2-evDvHQza14hyKy7QH2jlvfG824FEqpMpmHXgHQXLvuit1gIAAAF2UgAAAAJoAQeZAyD7Am8gcRlaqUR5mxh4oPLedXyuP8ZCKn5CKwEKa6FdCmVnRb9VtsQi77U0oyPcd_N-hRmyOqdpv4uexRJRQ0RPDmvipi4zEt-ZgwYx8nWGgpy0XXvs9BoWP7iJAhQSJU15pC5VTwZfspLUcyJcJ3EC_vw--1VMVDIqOkXyI0dOb3mt2xrtUc3n4Yr6rQI0VKwUl7R8h_VOdxdiJfUI5Rl2H3Ex9wwImWcBBFFon_LzDc9g-zvhFNQPK-J-LLzYAGfjA2HzHgodyEJjxOZ3VP-YpEbaKo_lKI8Cwc5jZacnny5IlpFonG2QyzzsTSue9Ww-JSxiaZXqPfb3JlVBzHUMHScmGNUvZuSYvABa4dwa7zf7efqo7LooZUmjJtV2DHhzvbqIYzQjf-TZj4emW0Bg9krl0wmvXRDI_P5_po8d3Eafjl1gGEDHLES8OigostoKM2dVD1y50wreGfjdVN7QnNuXY87R7S-VfO5dajdABT2Z3Cb3i5ccajquOaVk2YTzJYiHD6venzh7ZzkYLjiyGoyrIv2LV9lstDxFAjeV4zVewmxcuKO2d9xERMHDgbH_Is9_ifgkkwAS3fgoFZ22ypAsNjl8zBSKErP0RPka5pdNoCraYM7bxe8VgPGYEuRaPHzvRgftiH7Kh5Yk4a2OZk066qimxsUDAcoby2dc67BKO5w9p30bR1UsDa7y3Rm8kaMQoFUg1WCJ7G6uyyQHjNgJlaPi94mGlB7Cm5L6wN6hiON6tPOhnFpGlBFFzGcqlgXPGXkWLYKROMsXgR_wCdYLgSnL4ntGTC1r-G3iaXoFcUolhFxheR-_uwWwseARSwXtTqYVU8AAkxPM8LHJpzUFqblhPH8CaYVCozlVjlHzq0sO9Vf0mmgN3TZhsOp22W93VBfJRh2jiJ1NiRm6ZQ0C7viXmlHV530yn1EhHV-HVpCVfH9rWJD_xV-TfnG-NoX27pkgY7jmd3mnWfYSqtTH99JAYwjzQz5moKAN5EHcd06gwJ5_LpgLxep2E7qR2u7OIgqvoYNNdoobNDo6pabqh_TEH9FZXw7Q_IeF-Q
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042601&st=env
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36380d5d2236d8da0d105b6de1bf9c6098fc832c12b62a2d88158560b17575bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10583
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2FE2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CogMzTrFrYtPMIdP67_UPo8y_gAXh4OHqafnV7uTrD4OmstHrARABILmOkB9gu4aAgNAKoAGr68jFA8gBCakCorsHpF_4tD7gAgCoAwGqBJYCT9CcpLcnKjIC26s4VLzr547vMOZnba84-IvI4wCZco5R-KJizgVbOyFtO2Mf8pIgJ9Lz0MfxV1IwcZb5OVJrLmoma_pxyJjgLES6EijqTPVpV_1b9KQrLYR16ozmaZTUfYd0Cmd0AgciIGxWax9V1VljwbHUwI0GxUvkMffE2NFycFZB1Ly7KbciGyUwlnAzSL5QDaG_mG_-8irj1G6OUWgme4rqy_AxaLNn8cwBYWkbYDn6H05ShYDYaJWIwmdw4wBhyt8dGUJ_0UUwTbbORloq3_o6XYQyvFxOYZrHnEH17lJtkVs9LwdkpdLs3MF9O8LYx2a6l7xzSJIehG5kXn-hP5oaClOgQmQ99UpuIftnR9IqHWLABK3w7pLuA-AEAaAGLoAHguuzMKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEN31BdIICQiI4YBwEAEYHYAKA8gLAZgM4aquqYMEuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi0zMjM4NTU1MjE4NTg4NDM5GLGzDA&sigh=XPJXodnmPrQ&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 2FE2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueju04Uf81N8kD7nWjE72GjPgnL831yCMBDFd52IXU0nAYYOoeKOvQsY1JLKW2qRgFufhti3-qoaNauf_IS95P2E67DwOybAabE9pexHBKFm6mKjiXIP6ALEE5&sai=AMfl-YQ7-cPa7iM2LnkaCREZET9E6-d_OC09TD3h3yail2r7HXn_uwm3sLZB_51Ey5fb5pnZ0UCWPKMsdMXgOeQNus6QqOYqH84iDeNx27bJsMglcXEROQQuEl-M_52XmEo&sig=Cg0ArKJSzCLiEZeD6k7mEAE&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE&id=lidar2&mcvt=1022&p=78,140,178,440&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=415600777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1651224911800&rpt=3929&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 01DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZisHTrFrYtHMIdP67_UPo8y_gAXh4OHqafnV7uTrD4OmstHrARABILmOkB9gu4aAgNAKoAGr68jFA8gBCakCorsHpF_4tD7gAgCoAwGqBJMCT9BI_YevD73-wzvgKSQeBCwys_j1dogFGAC7mJgldMVvbcP5meksQsKq2X76v1JC3I5KKNPMDtMvMBxA62E_KnoLeSj-L0DmLkQDadT1bn-QF32kFYSWf7w5EKW2eYg-aqsudlQW5tXNPwiA_mLzeA_gXJpe1HzZBvi8w7vaDurXMoHDgttXyDCnbWAgm69ywuVWtsZZ5emOBhSiDo-ifHo0AexuuDugVm3Cle4etEVsdehJuSNMYiu0nU51BKbxkciwlaxD6ZOGRWl-82pdtIbTOYpyCGWghz1S80Nz4aOqi_KrlivhCZRk8QtxcBgmnlbq0fjpX3drF0Fr7ZwnZaeZArnlaKf_gTee7ZkiGmINnszABK3w7pLuA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeC67MwqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQx6EF0ggJCIjhgHAQARgdgAoDyAsBmAzhqq6pgwS4E4ME2BMO0BUBgBcBshceChwIABIUcHViLTMyMzg1NTUyMTg1ODg0MzkYsbMM&sigh=DkeJh6kTfvY&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 01DB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPFQfot1unXPzQlFaTieCHtr9byk1NAK8MiWUhuHD68Uworxm97IZwahNoSQ947OijxfOw0JkSHP_-cOiEXSQklyJhmQ3XrCK2qryWSkTEaUlvcQAJMzJURnMrSSLIuHO1ZtBQKBy4tWLlYry_uAmMS2sVyxyImjmE26g8&sai=AMfl-YQbggWgBTJPmvCq2RxTamFaNiKvW5tB0BkOMKzuF6dlrCooQtNwHGZvSjspk1JullMKbquFcFKdddRVHNivgznS1NZg5xMBKw0tYP-MR-Pzsl2QW06pBChsrEaKIlA&sig=Cg0ArKJSzEEeU1cz_kJ4EAE&cid=CAQSPgCNIrLMEQLx3LFlfW_AXqsqn_ycInnHVvm7b0zePJgjFlMCEiNyGX37WGesdrQB35DVorOOsIzvk9BywhkIGAE&id=lidar2&mcvt=1023&p=78,1159,178,1459&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=323572193&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1651224911718&rpt=3991&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9851 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:34:33 GMT
expires
Sat, 29 Apr 2023 09:34:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EAD8 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
60c3a58af679c4bc4b4997ebd21bdd8c10673d4969e8776f44b0d9e93b0c283f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-d/4ndYos4InQ7+9NJj+TuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-d/4ndYos4InQ7+9NJj+TuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:16 GMT
expires
Fri, 29 Apr 2022 09:35:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
all
csm.eu.criteo.net/ Frame 4E94 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=fRC3RiCe63pgJS8mzm0cqsyVMG350J6XqNz1lEJXg2CQmval4AZtkekCz_MmvEchMTA9aKT2_VZK2uvyqJyLRrgu5wmtlS5qLDJ6bCR51KV_lui8ma5jYqdjvB_kiCYPFtuUOuaZblaGnEHuUeovTZp9s-TSF_yqYMYvJjV_D1-OKtVdamQHtoR4MvpxxBBX6lIzcFfQdDVsXChl4ZVkij9C3TTWCJn9SFz6B7lgKmCw7u8fmPL9UyfRBR9j5Msu37KhyyHVsyg6WG6r&sds=2&rev=81333&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Apr 2022 09:35:16 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1801 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_IdvUbFrYq2PMbKDlQf52a-wCQAAAAA4AeAEAg&bg=!YWKlYibNAAZNIUvJbSE7ACkAdvg8Wk5Qi54-NbnBJDHvq8-N98Dguummi4j0rD_AoM7HaaZi1F6XzwIAAAFPUgAAAANoAQeZAyNfmfHAdlkDGzFds7hCY6AYsYcQNoQiG2rRhdGbbwPR9iadXyOo-65aoAUtteo3T-S4ZXxDIQn4ejkMAOnlTDi609NO667jzMP6tHC9l_4xPQQZDYH2wTm0bhGYzOtuBwumteM-DJ6Knb_289nFlN5POBv7dZFhUA9LhjtWYQAJOjwz5LiZDZ4e2c81gYPpaSysJOhQ5L3MRAKoWxyVDUFJAm3dpcz7xJnQwSrj_lyle2KbHXoxeWePhYsGIExa3WiMsxrzVD4mN7yKXKz3av0fBChnNqZddOK_MmNmdEVQDvuEB3ztr4HWD0KsT08aJSl-Hlenf_AHYmgbSTmIqEb4h96uyeQDoQ8IRlIR_JcfW-bbn8HdyhFkmnIxOBxuHyYQgo-QM2w6dAL46rQoCfrzi8QyO7eJQferZ7-1WCCGcUjWTMpErEDdwewDY8hKSUlZM5uciD6sQ9Vl35MmSTmpb5OYrYPu1W2zJD3NJE71JjDraR9rs0SSH1CFs7UldiCleqstd6LZCTzOP0T27idbtjErM5lE4o5NENpf8c7Iqnro23ohKVRPjcaCygCVwhkQs5-2HIDI-Bf4x-ZccNGSnnDJkGorB1k8pIKWkne5OhycGZVEEnXwtko9OXX5z4ce9P_TxD6cNYOA4NIWLXzlBzo_ReYGtUATOGABD18l2f5ll_Ga1NYk2u7pLLlxSqH1xaOyoKcU_-gzoS7NoveXyE6kI4qS5ROfxlDKO6o2evIx3JUtajbXRJFsaGgZMzqxVk14tDCxU62HXlN7lSnlatJGrJ-C8lAVuxHaPDrqOyEz-FDaOAvZ5RMq88bT3CA6Tv93jHcEqcdfTcJTGp8IoTBdSoV0fVMs3u11ALv1X3vAAyIP-O_-QXtuKo2vB_nMjsOJBe00pCRlQ4YQrEDcnJJaOpWrjQCNz4vtzLpIgZ5GoP5alvyIU5VyhMyHHqaG0GHQcXR8Rec8dSqBJQLQ1nYiuTSvTAkgHG6iNbnAYYnrInfZHzjn0RawGqkS-eyZxBYORrlr56LMgQ0VWYqvi_fmElfK0nQ4l71fvF0OZKwg2g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD6E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:34:33 GMT
expires
Sat, 29 Apr 2023 09:34:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 950C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5f9d65febebe313988dfbe57683d9e72e634e9a2a94c2dc1a978895e66b40a25
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Iltp4i6pzIv2RAn/6OK46A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Iltp4i6pzIv2RAn/6OK46A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:16 GMT
expires
Fri, 29 Apr 2022 09:35:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7149 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJMfBUrFrYq6nGI2Q7_UP1uef8AUAAAAAOAHgBAI&bg=!NDelN3PNAAZNIUvJbSE7ACkAdvg8Wj82t2EirdwiW5ULG8YkTDiKw7dHaaPJqyzLC_ucQJ4lYv9vCgIAAAFsUgAAAAJoAQeZAzOSIVOFiFeeVqtk4C5kgj-bqrzMM9sZJNI3LJ_aVCm9lCcvB4Vo6LHB6fKRG1sQsBW2D7H5EQ4OD0JX2plci5KYZcJuqyb5Qs1sH15I2mUX72JPItOXLcZKqYiid_sZGyXpA-R9-lXYfP2FgO04NrONJrNu2y4itP6_O2hRy7N68cECBsdwvzTSP9qubeWQmudGcX2MZ0VCbepYo8qxSv4gHjuzo7d__oe8HiXvWIbmdCxbifBP77rDwDApkj8WlsBmXQQ1WjAGDuS2lTaB_hwE3Z81Y-wvVWCOTHI5arqGnzurKTztsV5SV2ZPQWYEMw04yJHCAm3o-2IXwJnjcENJZzPJ8uT1gogud_joWarn1j_vMiJMmdANKvAIGE-cVvHuFWHcANkfK0tzBaUAu6tHgvQkV74Se1jnE_xUXsRMCHQDBD8ELQZNnBfC3aiGAMJFkXLG80aazVpB-FvJlabc_3py0mDZgW8_-abcTDGDZvOpie_WoE4d0G0SR4hgf_5XmGDIv8MIR3rGezVMGSXFEDoVnOrteDEodRp123QzS_v2Poz4lXc4FqO1S-DF4I9wia4C41EIYCgzEPY-JaxCflglOXhKy8-KsUQjKJWLvFwd4gN-92Udp8eeeOa5Tb88UdRiorPQHtxYA6VuA3o08XEsIm1eL0yk_jVD6_hTWmARnQsGMu5vKncSHwjTbRBjYaT_a504sRzPudtRn-K1KIK3DdQCShBkvJoe2DTN0Hoe-pQ3u6yPx8Mhz9j4EP-uDB5KJ6zrwyn1nDKZh96YvFJqtIqNKWKeJgUEVysDZ6iMTXCbu0ySgOX0but48G_Dd_Te20YJe1uJ7-P11A_9aqKlc1nyjQCIoey5he3DlaYEc2d8MKR2zWf_cNvNWsHQOCdSVwyJdMa9KxLSw6odR6bxUtJ0U3mBRFnJSl14zWpoag9ZBikT5KYQf4OdjM3Pz3VyjxMpKOg_tUxBFlrLf2QEic90s7kd49fL-cq4wOy8XajbLy6vLKXxLQLjkGs3BzRQ9lTLC7NJEnPKuEimebSr1KUr4vBMZVDgJoGF-fHK-9iGumoYAlFKHqIDkHgC5DM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 2564 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
X-YouTube-Client-Version
1.20220427.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtRalRkMmVyRXBxcyjM4q6TBg%3D%3D
X-YouTube-Ad-Signals
dt=1651224909368&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C299%2C168&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 29 Apr 2022 09:35:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:16 GMT
e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
pagead2.googlesyndication.com/bg/ Frame 9851 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 21:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
42780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13654
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 21:42:16 GMT
container.html
13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2EBE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:16 GMT
expires
Sat, 29 Apr 2023 09:35:16 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame EAD8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042501&jk=54914158931145&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
container.html
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 609D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202204260952/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:16 GMT
expires
Sat, 29 Apr 2023 09:35:16 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 950C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042701&jk=685003444754438&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
pagead2.googlesyndication.com/bg/ Frame BD6E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 21:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
42780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13654
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 21:42:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C29 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:34:33 GMT
expires
Sat, 29 Apr 2023 09:34:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0774 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9ac30248f2a7d972d96606c7a20268df67aff52cf329ed4ec8ba6ff9ba2c2ab5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qSbobvWpa+28gGohqIa5KQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-qSbobvWpa+28gGohqIa5KQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:16 GMT
expires
Fri, 29 Apr 2022 09:35:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame 36C9 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARic-P3EATAB&v=APEucNXKXsQ-IVZra42wTuXtRirrx4OMswOdQNGAO07cB2v6SEHMndf2qsrDHa7mHjemxSSW9s3kQ1LJGSnRMLKVQp1Lq7dhnB290aEfKy7zeiRfjWKyfvmPX-hZ_4J4dAM_RSWj84evFlqZ_hE1gGtci95-cewm3761THAXI15ay_Ac1OqFpks
Requested by
Host: 13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
URL: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2EBE 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AjZ9gorJWwARatxy9VSAVQla2H99uuob9XZkXiT1DGUz1dJtTYNVAWkNxZzJXH0cDI6Qd2LYhyx2vBZba4zl-MmnElag&cry=1&dbm_d=AKAmf-DKtWxKeEF9XvEb1MDvQN6cXFzwALGoDobeFiMyRFO2Z3fetqNZq0-ZbgIHoNS53BfHHJfUXYlyhVoxNLj3yV_SU9CqPYvV9HXtl4_2LLrhaXZ84Z-HO-GQo7v5ybyXoI8YizH3rcLhAnju8GPPFgJ9KZSM7EeLhpOgbbRJx8QrufVucLo7HO2rp4W38fyVa4ley60PW8PTUIJ6kIrWGGqg57albgD_jU8MbF-n-aXQLbPfnyKccCQt2cYcaxm6nIfNPLQSQCXV4SW64cXdpLr6JphXlGlgNR35PBLfEK6Ae3YgRUE6jP2a3uqOMl81XGJ20o29H-8QLEFQB1UTyu1gvawTpkKdGI0N9sHJlEAPPpDINKK3iuaWEUKWNqUQlSsEfBmwLlWy4awWSWrjl-uX0TbTA_YdvOUwJy-k6zlo8F6DAfNwuB-CpYjxJuNKZ2RpepzGmr6Z9pt0TC5sCrb3uLcKQLQjGEsi7WF1jbJj8Jt_KAWvIv29oU5UUg7cA-jBjHxPGvRMlerjJWFbDXwgQAhshmmSmwyt3eEPlce9ecDHMt-IfBuTDo6-AedZvPDGYBESaLkeGFpAQ2CMjrGRECUoXTtk_CDiSL5tWCQDcZ0iBWgeHy5Pksb_AhY5x60sQjsBvexlVsHTpVCioXv1af4qktxEIw-L9dgnI4WYQ3w0mn3GocaFr6oXzniwwTH_W5e1XXw3HOrO7mdcPbgV5p9rEa3yjBeFYa3b-AcZMUoeyK-h-m3rtmD11BXRhGTmSDq8HvqyhXksCPo4CV2djUzIlG_V1KnN-S50X1wJ89CcPKiTA5pjlX8fGruMOeqayFzAqkQxiE1DqByTH6Vm5NDBptkXUWSQfsn-cRbtzhlQK7V5WGEQgaEvrle2bQEr5Lgd_kmMHGv6IdDNlpoymKKcNe7tKicXNZzM7xnwvG52d4c5sHpar22pYFPf1xyKvbZk8iEsSW11B939-QCsF7TAW-SueFBN27PIdeF-VRuInaZOs3mXplTo0HFyETCCDV_bCtDHEplZ9gjlufytgROzdRYHsdT6PeQo02A1JfHrHPAdccsCGapbTm4VX5Smn8V003Cg2YTdFCyp3Bx1W7JcGXAjxbCJmec8o_Yl7-MuIifPA7pWc0CssJ7f2vaikmtny32fyvdaVboSBConFq9oZGnYkVJYegi5JlVF7xDGHYoce9CgJhEJwLz_nqceW8DdVNhVnvqsBsZfPgAZ3KxMuvGzpvTSMpfRJIQMgBCryhIf-5ndfxxSl7QUNluTAsngiF4UDvSTIE-HLC1S56HHzYuuZDTvFYU8sdThKXtSmea4SjdVnVl3FP4t1F5Oa8KsCNOHaV__EEoRIi3AyaIDLUsoQMQdjGiwrsiXYO2_-LDWNDtP6tAjL4RhNkWXHvEMwRFlZwo-lZzKBAOVt1wmfrrq5Js6rsguCmzQAYlbWyQdHCM9JM2kAPsFNXSw96GbPIINsiY0js15ttEYXlXMGnTw0g7LJmG8KwWG5swnfj5W1OK8PFjFHUInyPuTHC9MB_C82FHwa4O7NPgV1TXt4_jayc_4W9au-MmyYDGeONEFZO4AUBhkSDvjodDk3yjgS8Lpm29j0f-Q_GCOjGpt4TPp3IxSekO2S-mnTyvQmTFi-mXVyrNgI7kwKqWdr5uY6pJ_f32kY8Fmg85m-6VpTuFudJyWYZj7oBBKjboPQofqSr3aPIyPV4VbovUbxZbvvW1nrLcwErcTNsooIKoddFGXzNLvCSzEjPQ9m3xqu1Z5SdVMlF4r2IA--sTTg9Kq7-4X7kodMlcyKNew5ZxNt2awZYLOO-wHPcGweaNlR4YpaaVg0Fh6AGKDvQ6VpDtnwze1ZKBoRybI1yWGEvV0y9X-EEELqbsDP5O2ALpQ00OjybBuNUAgLpLNirAQguYYWG9bCKwHb9j-vluG1kZXmAPGHv1gZeMT3t-ng0L8TQ7HOGrkQWSegDIykJRBGKfGLhdXHOeeB9xvca4Cf4mNBlQiyJ1M9z1iz3W-N9j3AjDuradp5lHoU3kd7k8hs4bvQMedqtUKTIAKVc9uhQKtMjcz2sxZmrFYLYD24I5DVw_qq1IHQlmkEqsPZveYBleBmseaDrMutOodyQLYmsNvWaCyllN0fgCMb1xsaL27PbLE340uZB6tcO878i0GG-EDqIsQbxXcAwlt3jaierT_X-2s9FXDGpqYp7j4Vr3BAht_YAN3rzhvS-fihI8YhHSVwtAtUJKt8N5Shps-bBfa9OIGzVXFxxmLL88FjpXcx9b7m-LFPONoV0Bj0eQqPGr-3_aZDyEY-EDVjUWJAEUyS9xLqBxy3RMBIBK3rDxPg60V2-P24PIKx93JQaSO9_T3iFlC7EnBbnulhWMy-ACK7c0-0HUIrR114gsdp7HU-xUbdxDv6lwxOug8fJ01zXafuHYSHpdbK8lrQPqKNa9jDcTxykrD6J9zFgPXXyc5A9hhHR5fCvHMrC7tb4G2lzbXEZ2cTTQihhPKyiGYGGi8rBGZKx9hoZpktO7yU-mE3qDEsJ2b336pSHdYs159q16bxvnDJ8SqPV5lYOwUtyXheabKODg8yzWW1hUVRd0ex9aBDuy1lDcQqG28shXWGdJ2Zy4wk_0s_yDTP6m1ggu8RIajf9FAv36pgNEvi1WAp1gQExsm2o22wVZbROHovIo262hIAnfVsNIqUfq49KXjGApTxTZL2E7C61tAAUfcCSYYCU49hIgVTJvr-ZvvvRt4Zkp7jo5AueZCjjOVaR7_YwNNaOyfVdyhDBEVM3BQ62REWV3ZYsueOtqFZoOICTv2J2Sjdm0NDhiVwEeCbiIwD_RljUlJGHdN-kdJoUlQlkcbGP60TbSLa5oVOmJ-KVC9-Rf_n4OJ7ftwE1bhnZeExQf2WVd-VRQ6Or9Kc3GDIsP5FuN5q9uk0tBwTRcGNGWERnxToKB91gJNq9KCJuYtDbLA4Tw5rg8RtU17pIxMv61phT8Firv_MyqDB1fRmWLDEKRC5Rv30hzPRVvgjRI87d-alSL5yd28L3YamFaxhirUOBVVucMGQI_B612mNCjGRiU7BdF738waROyxK51luK7_CpTgyMdvnvBs7vh2PDnEnKA1mAIDy6mkGIKGMWbMgW65arz3Cdsf27BCgGqZUPItJ8_VcGz8J9XyaAcu-PNHVPtBx1ldQV5idVpkt2VIqQ7fN8ObiV_N3zZIFSYYgC3xODpOaNdu-X024UDtdSbwOA94x_PpUyz_DUf9kdzoohv8mgDfSnEgTiCOfAmgCT9rWms143czZ3H9Zayj-q5DAq1oAg9kGs2mIJF8sS3L_iAy3BueeuOtGu_HNVqgTA8FEI7tVstYNouCwm_C5K0ZKrRn_hlYMXbjqWhrLj6vDTrrCNN0Xta5pMTgcRzRjNQO0ugTxo6iaZLmRwxMg28&cid=CAASJORoZK1sixQfnOh1J6NU4CdUshbVm4PSqmBmfCtmMJuOCjU8Ug&rfl=2%2Chttps%253A%252F%252Fwww.staradvertiser.com%242%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
022bf254abddeb4a37288df2c544421e67ddfe96fcd4507b93dd481f009c6dfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33378
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EBE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Be57vtUcwUfYQ8q4NAZUUuYCJ2WdiIwigtqp_twQr94ARq0fqcefD2seRCdWhYuZ-5i3OE2saH1VzoXaXWFzQtjbFPJOboWJPkfeD7PBbbCp6mO4A
Requested by
Host: 13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
URL: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 2EBE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: 13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
URL: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2EBE 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
URL: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 2EBE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
URL: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:53 GMT
l
www.google.com/ads/measurement/ Frame 2EBE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3VIMJ_l81Po9JunjekHMXGHqIrQGWsWGtoTV7qMGaaFuL9n0b_Hzz1ZWeAzE3cX4ITzVmLHnoWBoKV8O8VfagL9WDcQ
Requested by
Host: 13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
URL: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 2EBE 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6NzI4eDkw&v=5&s=v31g1qapd0h&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsNTEzNjc4NS9zdGFyYWR2ZXJ0aXNlci5jb21fV2ViXzcyOHg5MF8xIiwieSI6MzMwNzIyLCJjbyI6MCwicyI6ImRpdi1pbnN0aWNhdG9yLWFkLTQifX0%3D&sb=undefined&cb=1790157&h=www.staradvertiser.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZOekk0ZURrdyIsIndkIjp7Im8iOjI4OTYyMTcyNDAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
URL: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.114.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-114-98.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Apr 2022 09:35:17 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 59E9 		586 B
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMS1lwEQo7u_ARiL3v25ATAB&v=APEucNWi2wcZ4m9G9Zzh25TCs1OPLw1NdYTEDGd5Wu8qTFYzgSSV6YIzjeqXaE7owx47gkqIB4zer-5z6iED8H1POP06BKA7GcKFE_xeyRJnFy1oekD8UFTHXqvKp60N6xky-UsG-yPEkP6BVGI1CzRiL3UVSHgbDQv2r00Ww91EgB3v-zNsAWo
Requested by
Host: 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
URL: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
294
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 609D 		81 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHCg1UwYvZoxHxzZVT-yCXHffP3mYG5tunARsOahxdHXx68aRkzA9d3hrV2K6Qzrzg8qGrzjXuB2EWBz3WVuhnoWmxR96iPS0m1qgAmob48ri5e-R4kCHO-BvnS6Yeca21uRf4qRkU5Vbvyxjse9VkZfSsjMu_2-1iv7YS2R5WDjS5cks&cry=1&dbm_d=AKAmf-AfEs9Ovvc2bzS8Cp1EHUpmK56CbkhgCG6mVJRxzJ4IdCqaPpnkcEWZ_ScDbLk84xydisbs7jcmM-D700Ecn_iqEHA6_64Q89FP9xpl0cjzmbNV6LitJZy06ginHXE4Lzs74MLFgScVUk13eY1MTjQs-oXiRBI6PnmQIxO4Jbkm-lNnrBPe-qhsEkrBK9SJlF5-m1zK_4wSSwZtkWAGhsEiyVTIfrUDXX1nvz9Lya7Hyd0-h6B1JFhFDYINsTqcYurx3jCPnV7vPD90fF7jNgbLOo1mq_28ksufEOCtiGFzPyjo7ZBpfHWvuqt8qgKRKn8IjzMQjpEA1JPNgZ-BT6ZdecbBjEAu2EgGhs_888e6JOdyiaKiooURFqc2NWZaT4EHiliv7L0sMh0i0pheBqpCq3rjAO95EcBn6Uw7vXAZ-Zal9Lqtw_VOCz7UjEL97lY1rh0XhK59tBvhgsowNcOa9i8RXGFzD-7P4nje-mujUBnbxd6MrKgUDtAshYX-sAYCcVWDiS0mqXmokBEQt3fcJ_PYFMe7Qq7-YHy0q-wJJolG2kPh8vidVux4t_-r-Tmy1UnNKFW-PsiOfpBjOWifHnDO2TPhUPtcV9qY4IwXmyXRxMsvRC50UOZpSPgaWsflff6YLbugIFpeB1Yh9-8jtmpOBfFITdZElFlJJCQhBne_6G0WG8fK7DwlksX3Imw-DaOcHp7rvGM0pPAGMAnFeLrfNw-ZRaT1yeoeInKpxDsqpm_VRG7DZPq7qtyXnJ1WrsfRqJJBQVhsLRctIXzBya0Ojllo9zYUVlA-uaYGPyvGWPblzV2H9zx9RuBjpEVxSJX_vt9c1q0LFxcLQTF2Yxp83OSsX9kvZH4EmkQCMIjxZYdjLFLrXG7ggthvmgcEnh7SnHie0JGgO1reYMzfHSvT8ooOCSpx0g6_omt2oNj4pIsvk-bImznTMyqt1Wagnxcad-n5Hj_h-QL6boSBb_pn_alUTDcQ1imA9WiLulU-a96ZlRRf4pfMcnj-m5Bi-_LTPUbNjsOhIWKdQvmMrKeqBVjVFJmiHSO8uyydum2L7pqLmzCAxGQT3_cE6AG7T4ezAsb4L19B53PbyPmglAz3J8aHVLE4x-ssCgw_Bv7T8oGN8jV21WKaKKsc22o5M_Gbbrpompumuozdbo7wTXvEcFasxu5Ii5pBd3ppn2RFoCxlsBGCd99ILVhIVlD9R_3uthUL4cWu22uhzd9pL4EShgadeOk3-M76Q_SQIEulu13O1LYtJM3RzWsa84Mo32dY23R7qm0nUnTmzMxIMUYU8HJqrJ48ja62mNCXBNUZ-QXmjmggsGLKKvHLfbM_baa47lVOlpQtoSEidvoxk4ArFcXkcFuhSxqRDngoAPYs0PqABEEGFxN1h9xxfvisF8Q_uJLWIAcCixc4P5U9Im2ZiU7KG0LIYHQgFwajMeK-uwee9p7Bx8Q2XlP7_Q2cj4by1PGD7OFfi1J4nrgV24xaDdqqUOKOchprQtwypx7mIki4OltMydmrC3seg8cykQ0ZgiQTeFNLiy-ChDgzye62QkBwU-S1yhlp8Pywqa4TxEfyujgCTNTWxpNCAriZAVd3AwOeuQFMZocFkecKzzNx76jmmZIWLSf1iH0XG0zXRF4Y5vDHJCqsfKc0Sg65fbybe3lpNk71GmaAntA4j0hmlCB8qsH6zmylhMm6f3mLo_9g8ImYbfi6R8zvrIYijENL2H3_DejNcykrD0PFuJBdRmSxRcA32Lw_hZzqz-ZmYvyZl5rv28a5jL7ekCcR2GifO36yJbnjO3ZgG0FmU4zzQUN-m9KPwpzkwaf5LrA-KOd9ocPAqMaE94vEVpp9gCQR1MxaiilrLe19sLLK0W4jbZwLDR6FYo5k71OZ7Gxe7bYoMIfb0HWWajd15aKAWOezpyE2TtzPtHOIcs8R9Bn9zhOQm0jd1kN2-KUJA_0sj48P333_WR66qo6fpAPBHo6qBw2AfvFSqcfBspXrea2ufpHeyByWZ9j0SHvCxcV_J9_pmVtRjjUSD5rUhu8K8Z3XjgqPyIxMvfONrc5Je4oz7AjH-VD12MMMRLsY2fYQHcrNrk0yZrRNkZz-rypX51OHuvV7wKgnmCd4lXGtnO90wlkWlaIadgKJ1hA8mFIkSQ2kuUuZys625sXppk1EeRnBC4j4ioPBp5KigR9iHR3kZm_Td26J_aIP77O_z2JfRgGDSCvM9VhyZuz8nv0P-Qnrt9k2s7iK1DScqQhZU39tsCsOOomZ78pQz5qgAqs3E57aWfGLEQGyWi3YOQqnanO2tUZwHOnJ8i3U2mUdFzuBqMEVWg31Xw8_80AOaaeUf8mMBZtC9A2QH13BZHNZ5v5cBNBFKnFPbWMuM5GbqZepS2IQu7vUxDstWMqzldOnqt00uIG3aP4cp2gyxoF56UjvgU2WFD7eM07hySlT1qVLM3DH_Dwn1Hx0pYiKqkj9Yz4TWsuLrQM03hihAeIDt8SNQES0DOyWkpQOzvcsd5iyGH5On143Z3gO8NjyXZgMJkmcSjt95bDGRieB9cfcWnIoSt3fwZnDlNOQhDqcdNKaT4zxUJ3XTOBwjc-T1WmmWq5QebYAOU80dDmLV2UV3XKl47RpJ3nlrHvjuox__8IOygH7o5uFtW2_3JKmwhN1aNV-PpcYeBxN8YhcYbQ_bSLsjxqNc7AkOdbzY_jsGfLhwl98JPq1BaZVLk6ijPirs9pFZsgqlooHunH6bFxytj8hpvIiEcTL7pSy_kgG_APvRS8sVo0ynuSqj5YQZIOiSXnze2BytJzPNaW_H1HkvWv_9k2RbICFU-aAa60ZIqtK_sMajQDRGbOTvYuP8OcRnL4X9y0nmRAEKBpnaaqn6s05JKH9S__9AqUIsVuTBYHKj9l9EUrz6xFrETTbrASLT-E3bzMykfSJyqLQjiM6DmxUYwtYybAN4AvYngIGdyKO4JUilL29AxeJIrHPWBqFQB-HccqDJBV2KyoKgQQOOCn4nHPv8owEN0MMgm8kjw9qae3--N3neHkJwgJ1kU24CSg6f3HfBcqXbs-aOvfuDFoNErcfUWv1E3wHu5XmB2BRE8TAcT1iKUSh1y8QMWlbKNAAhJELJGVCQnMFk5iQHlc1Amnnl5Kn7Ne1S80TXB61-pb5iQsiym-t-gdIxYMLycqEdARrk4fJ_l5zXIu8VnHyjywsI4D1DDuU6uXUOfmdN8dQSKys4YKvdPNs3iMtPzyTFWTtKjTgCAEb2w8aKchSBSHT1l6QOXL4Yz7XUIfEkj4YJmt4uEj3ExMKnczrcQDeGsd6HT5z0ICWyqGEUuUghV6Up0VaS-JDwFcIeKqlJO5rGrVoHgcDZxVvizpSBbSyB2ZUdy9ng7tBxWmutFI0p1v8TpQ8pzorq7OI4idi925yVEBw2aCkKjn_KZFZh5BwBsEzm5BuFtTeOO1sv68d6jMWW1dQ4VqYRnxLaGSjBgQShKocOUkfWXYHucchQ3JqZI-QB8sxLzJDu7ZcdqZbExThKNkExfRD5EuSs_s-FzT30HCEPuL87vnJOlofOQar8UkJzxX0VEJ2-zoT_m_1ZUvD05WmGJUxENTyygxzksmodcLFmll3yHrX2753E48echdT2Zw1p2BWjPb15HMyAwwaMvTJ6srtq8hLOdu1hkYdEQxMkIdrZV6GtOyqCFc&cid=CAASJORomSqWr3nf9hOHjRY91p_key-hg0tcJ_skONVJLMrZ4RGsmw&rfl=2%2Chttps%253A%252F%252Fwww.staradvertiser.com%242%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fad2d359162cdf19ffb1e1aabd623710200312ac634f186ea58dc7fb393d615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33751
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 609D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BuEUcBRPwHfgS11gUVO8wjvO6AcTV1a7Ipw51UR7jKkr8QC5aKKa3NXMwlq0wgGQLGFFdR0SFnEc_gLV_5e417oRtiD7gOOjXQcmRtQ23rQs-Kxr4
Requested by
Host: 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
URL: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 609D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
URL: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 609D 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
URL: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 609D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
URL: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:53 GMT
l
www.google.com/ads/measurement/ Frame 609D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmlp7cYrMhsIlprQN6nt5odEx98AYsD3E6ldkKDeF6CPhV5OrGRgoWGl-SzdTUjXHY_Agi1qSuxzugBad2ykU7-m2Clg
Requested by
Host: 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
URL: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 609D 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31g1qapd2e&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsNTEzNjc4NS9zdGFyYWR2ZXJ0aXNlci5jb21fV2ViXzMwMHgyNTBfMyIsInkiOjMzMDcyMiwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC0zIn19&sb=undefined&cb=2048618&h=www.staradvertiser.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
URL: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.114.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-114-98.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Apr 2022 09:35:17 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 36C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHgMZKdy2ugXnNfqU6e927A&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHgMZKdy2ugXnNfqU6e927A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARic-P3EATAB&v=APEucNXKXsQ-IVZra42wTuXtRirrx4OMswOdQNGAO07cB2v6SEHMndf2qsrDHa7mHjemxSSW9s3kQ1LJGSnRMLKVQp1Lq7dhnB290aEfKy7zeiRfjWKyfvmPX-hZ_4J4dAM_RSWj84evFlqZ_hE1gGtci95-cewm3761THAXI15ay_Ac1OqFpks
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
via
1.1 google
server
OXGW/18.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHgMZKdy2ugXnNfqU6e927A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 36C9 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARic-P3EATAB&v=APEucNXKXsQ-IVZra42wTuXtRirrx4OMswOdQNGAO07cB2v6SEHMndf2qsrDHa7mHjemxSSW9s3kQ1LJGSnRMLKVQp1Lq7dhnB290aEfKy7zeiRfjWKyfvmPX-hZ_4J4dAM_RSWj84evFlqZ_hE1gGtci95-cewm3761THAXI15ay_Ac1OqFpks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 36C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEJWutVfNDX3JB5xYfU1n-mM&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEJWutVfNDX3JB5xYfU1n-mM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARic-P3EATAB&v=APEucNXKXsQ-IVZra42wTuXtRirrx4OMswOdQNGAO07cB2v6SEHMndf2qsrDHa7mHjemxSSW9s3kQ1LJGSnRMLKVQp1Lq7dhnB290aEfKy7zeiRfjWKyfvmPX-hZ_4J4dAM_RSWj84evFlqZ_hE1gGtci95-cewm3761THAXI15ay_Ac1OqFpks
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 29 Apr 2022 09:35:17 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEJWutVfNDX3JB5xYfU1n-mM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 36C9 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARic-P3EATAB&v=APEucNXKXsQ-IVZra42wTuXtRirrx4OMswOdQNGAO07cB2v6SEHMndf2qsrDHa7mHjemxSSW9s3kQ1LJGSnRMLKVQp1Lq7dhnB290aEfKy7zeiRfjWKyfvmPX-hZ_4J4dAM_RSWj84evFlqZ_hE1gGtci95-cewm3761THAXI15ay_Ac1OqFpks
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 29 Apr 2022 09:35:17 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 2EBE 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
Origin
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 13:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Apr 2022 13:26:45 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame 2EBE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:27:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 2EBE 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0774 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042601&jk=164214603234511&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
partner
sync.search.spotxchange.com/ Frame 59E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBwmVIiYX6n4UhMoIbrXsYM&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBwmVIiYX6n4UhMoIbrXsYM&google_cver=1&__user_check__=1&sync_id=adfa1ee3-c79f-11ec-9086-1189f5600306
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBwmVIiYX6n4UhMoIbrXsYM&google_cver=1&__user_check__=1&sync_id=adfa1ee3-c79f-11ec-9086-1189f5600306
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMS1lwEQo7u_ARiL3v25ATAB&v=APEucNWi2wcZ4m9G9Zzh25TCs1OPLw1NdYTEDGd5Wu8qTFYzgSSV6YIzjeqXaE7owx47gkqIB4zer-5z6iED8H1POP06BKA7GcKFE_xeyRJnFy1oekD8UFTHXqvKp60N6xky-UsG-yPEkP6BVGI1CzRiL3UVSHgbDQv2r00Ww91EgB3v-zNsAWo
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:17 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
65
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 29 Apr 2022 09:35:17 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEBwmVIiYX6n4UhMoIbrXsYM&google_cver=1&__user_check__=1&sync_id=adfa1ee3-c79f-11ec-9086-1189f5600306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
99
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 59E9
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YWRmYTFlOTYtYzc5Zi0xMWVjLTkwODYtMTE4OWY1NjAwMzA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YWRmYTFlOTYtYzc5Zi0xMWVjLTkwODYtMTE4OWY1NjAwMzA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMS1lwEQo7u_ARiL3v25ATAB&v=APEucNWi2wcZ4m9G9Zzh25TCs1OPLw1NdYTEDGd5Wu8qTFYzgSSV6YIzjeqXaE7owx47gkqIB4zer-5z6iED8H1POP06BKA7GcKFE_xeyRJnFy1oekD8UFTHXqvKp60N6xky-UsG-yPEkP6BVGI1CzRiL3UVSHgbDQv2r00Ww91EgB3v-zNsAWo
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 29 Apr 2022 09:35:17 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YWRmYTFlOTYtYzc5Zi0xMWVjLTkwODYtMTE4OWY1NjAwMzA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
133
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55946/ Frame 59E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEJ-5QrkDzAb2nMWGjfPAuNg&_origin=1&google_cver=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEJ-5QrkDzAb2nMWGjfPAuNg&_origin=1&google_cver=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJ-5QrkDzAb2nMWGjfPAuNg&_origin=1&google_cver=1&apid=UPadf3666f-c79f-11ec-bd34-02087eb080fc
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJ-5QrkDzAb2nMWGjfPAuNg&_origin=1&google_cver=1&apid=UPadf3666f-c79f-11ec-bd34-02087eb080fc&verify=true
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJ-5QrkDzAb2nMWGjfPAuNg&_origin=1&google_cver=1&apid=UPadf3666f-c79f-11ec-bd34-02087eb080fc&verify=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMS1lwEQo7u_ARiL3v25ATAB&v=APEucNWi2wcZ4m9G9Zzh25TCs1OPLw1NdYTEDGd5Wu8qTFYzgSSV6YIzjeqXaE7owx47gkqIB4zer-5z6iED8H1POP06BKA7GcKFE_xeyRJnFy1oekD8UFTHXqvKp60N6xky-UsG-yPEkP6BVGI1CzRiL3UVSHgbDQv2r00Ww91EgB3v-zNsAWo
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:17 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJ-5QrkDzAb2nMWGjfPAuNg&_origin=1&google_cver=1&apid=UPadf3666f-c79f-11ec-bd34-02087eb080fc&verify=true
date
Fri, 29 Apr 2022 09:35:17 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 59E9
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPadf3666f-c79f-11ec-bd34-02087eb080fc
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPadf3666f-c79f-11ec-bd34-02087eb080fc&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBhZGYzNjY2Zi1jNzlmLTExZWMtYmQzNC0wMjA4N2ViMDgwZmM%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBhZGYzNjY2Zi1jNzlmLTExZWMtYmQzNC0wMjA4N2ViMDgwZmM%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMS1lwEQo7u_ARiL3v25ATAB&v=APEucNWi2wcZ4m9G9Zzh25TCs1OPLw1NdYTEDGd5Wu8qTFYzgSSV6YIzjeqXaE7owx47gkqIB4zer-5z6iED8H1POP06BKA7GcKFE_xeyRJnFy1oekD8UFTHXqvKp60N6xky-UsG-yPEkP6BVGI1CzRiL3UVSHgbDQv2r00Ww91EgB3v-zNsAWo
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBhZGYzNjY2Zi1jNzlmLTExZWMtYmQzNC0wMjA4N2ViMDgwZmM%3D
date
Fri, 29 Apr 2022 09:35:17 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generate_204
tpc.googlesyndication.com/ Frame 9851 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Swjqgg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 609D 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
Origin
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60851
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Apr 2022 16:41:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame 609D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:27:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 609D 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 May 2022 09:32:47 GMT
e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
pagead2.googlesyndication.com/bg/ Frame 6C29 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 21:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
42781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13654
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 21:42:16 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2EBE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 16:41:06 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 637A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
URL: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
13293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 05:53:44 GMT
etag
48472445140208031
expires
Sat, 30 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2EBE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de1e0d9e8971a669bfc97e0927fe8aa73993247af029225547bd3dd3e9c9cec6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame BD6E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fOkUUg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 609D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 16:41:06 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DF44 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
URL: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
13293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 05:53:44 GMT
etag
48472445140208031
expires
Sat, 30 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/6194963934245524570/ Frame 6395 		23 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c636969eafa7311984f376fa0866fc454bf268e6657f5ac76aa8dd2e6678d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
178767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5312
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Apr 2022 07:55:50 GMT
expires
Thu, 27 Apr 2023 07:55:50 GMT
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2EBE 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfKljg-wko_ytRUxoRkLTRMsReej7JF6ZHVAxf3dGOGAr5c__Bvywew8765b9fbeg7xwVljvH0-_oJXOKTMAZwIxNuYOPrjjU1W_r5-6J6_l8RYOGZ1aBA7nuQhKy4WVgcRvdlmPy-cTxzwTS_ZuLroKhIAM_ksT_AyxOMEd66Qa76s5TldRewbiPTlwyTm8Tc6n2bDWflaffIohurr9sA75LIA1A18w0GsxLQ2RmkvrydVL0t5qpsbxiz-cgvFHLqt0oUFaAujwVEVjHjQpWVAjl6nLjMpJMo60kPTJyc2hEMUy8GI3N-udqcS1Lz2kkKA_BfntpUJG9_BRpPgBeIgxtXU-w3QkL4nxOij4C2IM0gR8mkzINpwdj-gyU3pk0qPZYJ0UJ8NL6XH1j6rz1Ba1J0osM90zievvgvwmK3fsU5F5rx5vFUTfbL0-3wgQtDYdKGPhu9pPAyUouxSNovSycIMQVtpFdYEDSYJLVOHQ1PPE1m0VN0hZ-uTKiJmJDaYo8wZRZ41gOfdcA_iuSdUZ-xOusoj5zUH2doFoGR8sLnXsFpBvLZ3yDlVXMwoiAw9Q76mabnBOYlJdj8c2dVJVg6ea7kjhiTv9I-c6ek31TeTZO59PxLgTzN7RIiwmDJiI3B8PpFO3VrFmrWqPGcMVZP9Lro5K7Rry9KHWzuAQg7Nx0LOaSEJ8-Nb2HIDn97YBhy7tBHfhQXYW5SLoO2OWbIvMjxDO-HffpXRaLRkpuabWKM6LqczIVJM22wHSr3KB1gcfl4JbPO8mbT9B1I0FMjg8TpfJLKR9_6EBWUfxSeNegXEE6datXTjCftiDp8kD7VNAFbO2mPCsGziAKTe0TNfjBWwz8gWwN-n9u8CwP3uDnlm3_VZSO7hZLSfBtOVZhwI33DLPoDneZO1KasbecPKyIjt1y5XpnJgYShIqD56NKnlyqxj4gBTn_2TMkxGyDAPREoFK-xESbOP2R1xOMUsN5kOvuVYzB2ZjTYNTFA6WjdwTiFLTZKZBuE95sCRwpbxOJCnjOqU4VGLlCvhThVsv9OjgGK8utZYysn4V2Mj61aLxy8IC-0_8RiQ9FB0qKaOB5CI4TrhzMnYvUGjKyRi5tMOefchRqmlSNMmPEihWngwNl8ywv_wuDI8sjYN-nAlqNhVGLnxnAch6s6fkXvvOT3vAu27LGa1gD8tfTdOOYnBU22wuri-sjlsldUZg1vEiFOYl71RPPOGI96ayC0E0D7kUQAD85IhcHrLlKwshwWsF4Df_hByXHaBpf0zbjIvFFuoOsGjaxan3aX2J0&sai=AMfl-YQeQMXskllLKCeni8E9hw2p4aCPDNh3IE_oW7BAG40kmfCUunzHn1MJm5ncCF8rduFzvxx4mNyd5_3gFlmg8luAcPU2wfsn4q2SMtK4YtbWZRIo73Sz2T0w8akzD6DO-4Ce7iulTGCWZC3u4dlkhe1mW6Wd5DKUBmNiCIlm2Gfyu2Tq9JeuqNud4G-5amODUQIV_zIzO8PSpxu_0ZCofQ&sig=Cg0ArKJSzMG-WnyeeCp5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=250&cbvp=1&cstd=247&cisv=r20220427.94662&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 29 Apr 2022 09:35:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 609D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
034018b02029678b3ac3c1ed20ca7d1551fba13a6a1a38c8210ee5e21ef82f28

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/ Frame 3CA2 		113 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=0ovBnmyrEN&t=1&renderingType=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56bfc89aa9c7aa97db2e2d727b124c66255a19070cc324c9526ff3ff75de8d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3000
content-encoding
gzip
content-length
28832
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-richmedia-studio-eng"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:17 GMT
expires
Fri, 29 Apr 2022 10:25:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 609D 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunzVlTDS10xq1iI3IXAtpx3yc4SfjS-USMOwCEKxA-HaTZZs625dSV48AkLTG0ibKLSoaGzZyn9JjM1E8ZAgrw6aZpLtTOLCnc53fMEy2-KBj9-rF2wVVc96iWF8W3eRtNe7hJ4R-j6PEg70t_JdJtnu9NyvGVV6ZUxdskHlahfLlglHYB4WFWR_KKeZQT_WlkAc_JqkTfwDmHOF7ks2dKdlmJtL0o6-g1T9H7k1zH0peAS5WcGluJwELoSqbTDiuQnu14HC7Rm2siDPGuEO86pBnMB8_jc0RY-0QigdPlUZkFUoAI2Q-DKHBH-DB7T8j9a-t5mS3-8-yZdNxPeLDtCKYz_XD9Fq_60TrmHMxRsjK5JBjzbRC2Tyqor8tNeq3_llzuq4TNOPXQ1Nn0dlqBayoXeBw8gUGnRoR5d5sQn_E5jTTUZKJKDM2Y6VV6z-U0Qk63p1EZfBSE4rodTB1ZaX_ZyJ8DCu_dUlg9KqQyG2bM_upLCSFo6ciRJ1UFp_v5zG-pYQN3FpHw3qsC00iQ_--ZyAOJrNAPo5UYoO4FJU83SopOKc1WEdxSw59ZK8aXqIXPiPbnbN4zjDNTX_oq3mCuGUyfk9zc67Qt4NSpRAHUSuoJUiw-g4NRnoor4SPVa40RuPC5zoJuQCZboLIkCQPB10qYMfrZK4RuwrWmDopR1HMuoC33uBzoKDXVyx35RGNeHe_NCi_swpvVEEreMYrh_jT6gamF-O6voRS0uZe_nb2kc3JROYTM67IMd5zHASy7dZODU8xpQaaneC6OSDLLn4b6SQO3x-4LP7Lq8KBYC6eilFShQuWOR0fFHHaiP3-ltcDBGi7PohRFDqSAN4O1jvoegz1a9-BGVJEtHp_vaSm01LwWd-k5Qvplujk348njQqbHsE3k7Jh2-OpInucf5AUbDvGJ_QSMyLdFC5g_GIwrpibYdpNIn3t3Arnx_-77voF9c9Ra0tRfZosvVTX2gMNshHMlPpz3B8sNKc1fXKvNKRRCPdUawcgl85PMnbtMC6YRoaIgDnuV7ZB2h0trhBJicF6x-ZOjZsLOa2IV53SOJaRq5nrxsKHv_GMzDjFYXLlCkPQpGvPvXT3aIJFig9Sn1nmRyrS4ZlcaL4hdh35YoFjapTSQBbWk7fF1HTzL6dRcMW1H2Ayx7iJH8TOy7Y7IbgHrOiTV3dHcBKjsoYpTkqLRXoow-Og1jm0boFzj9hWqV_x5CTBO3pHeaROv-5WOsALUc-SFnqGtb--boqkuZY9iwnEDmQF82fbsRiePazKdRIQx8ztIYvrzLlgPImbkDbk-CBU&sai=AMfl-YTdVH9Cjuv_qV-ygMyoyEbcUIMSdMI_5laBogDM2C711nrLlw2whJXGG387Ad_7MOb_WlwPgpKdrDSFiZUyrWLIL0AZYDKE4iPqeaMqaRla1NkLwtxCJT6YOEoLHwC96Xu2FRHVjfO1fS5yznynuMqocQQm8_EVAn0Yxb_SQunZJQ0z_1lABZfVJgmJMPFuPeGB1lFCiw5IKfxfmfC6JA&sig=Cg0ArKJSzC88Kc_lRl0lEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=262&cbvp=1&cstd=255&cisv=r20220427.97513&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 29 Apr 2022 09:35:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
B27028527.324263008;dc_trk_aid=516479995;dc_trk_cid=163565735;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_exteid=ABAjH0gytjGXWJLoQYGBZuVcL8L7;dc_pubid=5;dc_dbm_token...
ad.doubleclick.net/ddm/trackimp/N834873.279382DBMAIRCANADA-14320/ Frame 609D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N834873.279382DBMAIRCANADA-14320/B27028527.324263008;dc_trk_aid=516479995;dc_trk_cid=163565735;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_exteid=ABAjH0gytjGXWJLoQYGBZuVcL8L7;dc_pubid=5;dc_dbm_token=AD1EzRQAAACtCqQBCgwIABUAAAAAHQAAAAASDAgAFQAAAAAdAAAAACISCLSCpLw7qAKju78BsALf6KsMQAHSAioYASITCKPT55T8uPcCFdOW_Qcd9xgKvCgBMAE4uYq_qKwPQAJIAViZgSCqAzZDQUFTSk9Sb21TcVdyM25mOWhPSGpSWTkxcF9rZXktaGcwdGNKX3NrT05WSkxNclo0UkdzbXeyAwkIgOGAEBABGB0Qi979uQEgJ2-I2ZbhnSnpUtU3w6Mp?
Requested by
Host: 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
URL: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2EBE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
99047
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 06:04:30 GMT
expires
Fri, 28 Apr 2023 06:04:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ats.js
ats.rlcdn.com/ Frame 5E3B 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
17703
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Fri, 29 Apr 2022 04:47:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
7enBKzKnoYciJQEq5_JcA4FU7fiXdzwWXnVvyZNkWKgU9A2bdZ3Vmw==
36dc0937e24e96ff1342e7b9b1fb2203.js
s0.2mdn.net/sadbundle/6194963934245524570/ Frame 6395 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/36dc0937e24e96ff1342e7b9b1fb2203.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86ae6fd6baf0d2a79d19456e8b222842a469f766a64bd7b2dc9cfdf704163842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 07:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178767
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19012
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 07:55:50 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D3CE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
99047
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 06:04:30 GMT
expires
Fri, 28 Apr 2023 06:04:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 637A
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAuZjO45wni3XHNGpSTPjm4&google_cver=1&google_push=AYg5qPI_0ILtJziLSWxdgu7hg1H4njX-qXsF3ofR38knrIPihZluLRnA14...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI_0ILtJziLSWxdgu7hg1H4njX-qXsF3ofR38knrIPihZluLRnA14ra8cBnWnGGSx1fzsZnryxggC5EVaSzZFcssRcE3His&google_hm=ZtCa7GXjbWo_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI_0ILtJziLSWxdgu7hg1H4njX-qXsF3ofR38knrIPihZluLRnA14ra8cBnWnGGSx1fzsZnryxggC5EVaSzZFcssRcE3His&google_hm=ZtCa7GXjbWo_LWeKUHDvSQ
Requested by
Host: 13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
URL: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI_0ILtJziLSWxdgu7hg1H4njX-qXsF3ofR38knrIPihZluLRnA14ra8cBnWnGGSx1fzsZnryxggC5EVaSzZFcssRcE3His&google_hm=ZtCa7GXjbWo_LWeKUHDvSQ
pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 637A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOIOdkr6Pl9m8liy8ALVkGU&google_cver=1&google_push=AYg5qPKSOXiszA4iyeVf-04JX4w8MsSNYZ1AMBSH4aEaOhl47vs3vdcymQ9NEDHvCITmFxjdqpK3QVkXjtXiGYSJgCGPUAxlMhHf&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOIOdkr6Pl9m8liy8ALVkGU&google_cver=1&google_push=AYg5qPKSOXiszA4iyeVf-04JX4w8MsSNYZ1AMBSH4aEaOhl47vs3vdcymQ9NEDHvCITmFxjdqpK3QVkXjtXiGYSJgCGPUAxlMhH...
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOIOdkr6Pl9m8liy8ALVkGU&google_cver=1&google_push=AYg5qPKSOXiszA4iyeVf-04JX4w8MsSNYZ1AMBSH4aEaOhl47vs3vdcymQ9NEDHvCITmFxjdqpK3QVkXjtXiGYSJgCGPUAxlMhHf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKSOXiszA4iyeVf-04JX4w8MsSNYZ1AMBSH4aEaOhl47vs3vdcymQ9NEDHvCITmFxjdqpK3QVkXjtXiGYSJgCGPUAxlMhHf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:18 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70370bf9492d021d-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
69188
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70370bf79f01021d-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOIOdkr6Pl9m8liy8ALVkGU&google_cver=1&google_push=AYg5qPKSOXiszA4iyeVf-04JX4w8MsSNYZ1AMBSH4aEaOhl47vs3vdcymQ9NEDHvCITmFxjdqpK3QVkXjtXiGYSJgCGPUAxlMhHf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKSOXiszA4iyeVf-04JX4w8MsSNYZ1AMBSH4aEaOhl47vs3vdcymQ9NEDHvCITmFxjdqpK3QVkXjtXiGYSJgCGPUAxlMhHf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 637A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEESQD_Ue6d1qa7ewn6nYQ7A&google_cver=1&google_push=AYg5qPL1eNUGGAdK_l6ClwJDJ38vrz1JjEshpqod_bEFlWDIg4p_caqml6D-2RLXnQkRLrpv1mqJFrvQLEDARyJbeFWpyfv...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL1eNUGGAdK_l6ClwJDJ38vrz1JjEshpqod_bEFlWDIg4p_caqml6D-2RLXnQkRLrpv1mqJFrvQLEDARyJbeFWpyfvc9aKG&google_hm=MzU3ODUwNDk0NDg3NzYzOD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL1eNUGGAdK_l6ClwJDJ38vrz1JjEshpqod_bEFlWDIg4p_caqml6D-2RLXnQkRLrpv1mqJFrvQLEDARyJbeFWpyfvc9aKG&google_hm=MzU3ODUwNDk0NDg3NzYzODk5OA%3D%3D
Requested by
Host: 13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
URL: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 29 Apr 2022 09:35:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL1eNUGGAdK_l6ClwJDJ38vrz1JjEshpqod_bEFlWDIg4p_caqml6D-2RLXnQkRLrpv1mqJFrvQLEDARyJbeFWpyfvc9aKG&google_hm=MzU3ODUwNDk0NDg3NzYzODk5OA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
attr
cm.g.doubleclick.net/pixel/ Frame 637A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kutm2ju7rwkIPr9j6Eh6p3oqmAELhpNt0-nyBGD1yBIw
Requested by
Host: 13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
URL: https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame DF44
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAuZjO45wni3XHNGpSTPjm4&google_cver=1&google_push=AYg5qPI7kqOU1xpyfTKB31Jx-sbWyiNrqS8NkiuSGxK8NYcY2JZ8_03SUt...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI7kqOU1xpyfTKB31Jx-sbWyiNrqS8NkiuSGxK8NYcY2JZ8_03SUt2GzME-VILta1YQW6Pp6zu_WDlqk45YkTP2QXqikhathw&google_hm=ZtCa7GXjbW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI7kqOU1xpyfTKB31Jx-sbWyiNrqS8NkiuSGxK8NYcY2JZ8_03SUt2GzME-VILta1YQW6Pp6zu_WDlqk45YkTP2QXqikhathw&google_hm=ZtCa7GXjbWo_LWeKUHDvSQ
Requested by
Host: 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
URL: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI7kqOU1xpyfTKB31Jx-sbWyiNrqS8NkiuSGxK8NYcY2JZ8_03SUt2GzME-VILta1YQW6Pp6zu_WDlqk45YkTP2QXqikhathw&google_hm=ZtCa7GXjbWo_LWeKUHDvSQ
pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame DF44
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOIOdkr6Pl9m8liy8ALVkGU&google_cver=1&google_push=AYg5qPI9xdjaykFN6DHTQGNiMgNSwEv2CHHAC5ZHVEOok1-44yRP-ile7LxM9r0djgwH8bvhWELtaLx7Lp8bU9eDuQuWqBhG7oavm...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOIOdkr6Pl9m8liy8ALVkGU&google_cver=1&google_push=AYg5qPI9xdjaykFN6DHTQGNiMgNSwEv2CHHAC5ZHVEOok1-44yRP-ile7LxM9r0djgwH8bvhWELtaLx7Lp8bU9eDuQuWqBhG7oa...
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOIOdkr6Pl9m8liy8ALVkGU&google_cver=1&google_push=AYg5qPI9xdjaykFN6DHTQGNiMgNSwEv2CHHAC5ZHVEOok1-44yRP-ile7LxM9r0djgwH8bvhWELtaLx7Lp8bU9eDuQuWqBhG7oavmQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI9xdjaykFN6DHTQGNiMgNSwEv2CHHAC5ZHVEOok1-44yRP-ile7LxM9r0djgwH8bvhWELtaLx7Lp8bU9eDuQuWqBhG7oavmQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:18 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70370bf9492c021d-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
44126
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70370bf79f04021d-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOIOdkr6Pl9m8liy8ALVkGU&google_cver=1&google_push=AYg5qPI9xdjaykFN6DHTQGNiMgNSwEv2CHHAC5ZHVEOok1-44yRP-ile7LxM9r0djgwH8bvhWELtaLx7Lp8bU9eDuQuWqBhG7oavmQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI9xdjaykFN6DHTQGNiMgNSwEv2CHHAC5ZHVEOok1-44yRP-ile7LxM9r0djgwH8bvhWELtaLx7Lp8bU9eDuQuWqBhG7oavmQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DF44
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEESQD_Ue6d1qa7ewn6nYQ7A&google_cver=1&google_push=AYg5qPLjqBLBF-Bex7AsWVnX-MXj-MPjB_yS9M1QMW3uqjQv_KKXce7Au0EGv58aKOwfB-ws_kybxEDe514LdTuNAgK7WxQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLjqBLBF-Bex7AsWVnX-MXj-MPjB_yS9M1QMW3uqjQv_KKXce7Au0EGv58aKOwfB-ws_kybxEDe514LdTuNAgK7WxQO2R2pgA&google_hm=MTI0NjgzMTcxMjgxNDgw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLjqBLBF-Bex7AsWVnX-MXj-MPjB_yS9M1QMW3uqjQv_KKXce7Au0EGv58aKOwfB-ws_kybxEDe514LdTuNAgK7WxQO2R2pgA&google_hm=MTI0NjgzMTcxMjgxNDgwNjY5NQ%3D%3D
Requested by
Host: 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
URL: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 29 Apr 2022 09:35:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLjqBLBF-Bex7AsWVnX-MXj-MPjB_yS9M1QMW3uqjQv_KKXce7Au0EGv58aKOwfB-ws_kybxEDe514LdTuNAgK7WxQO2R2pgA&google_hm=MTI0NjgzMTcxMjgxNDgwNjY5NQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
attr
cm.g.doubleclick.net/pixel/ Frame DF44 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISGpEYeqm-i5sTXnANJ0APW85RZH0J3RVYIbTtfYVZeA
Requested by
Host: 1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
URL: https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ats.js
ats.rlcdn.com/ Frame 3222 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
17703
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Fri, 29 Apr 2022 04:47:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
Bvyv_fqztGGTArBbMerFOl3rXHjWPRWnECeeD-2aPzehNOqqDjw4cA==
css
fonts.googleapis.com/ Frame 3CA2 		4 KB
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=0ovBnmyrEN&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54e965f39e65ff1389722a89dd4dee4fb29d67467a9fe36128ec79d76058a044
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 07:57:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:17 GMT
gwd_webcomponents_min.js
www.gstatic.com/external_hosted/gwd_webcomponents/ Frame 3CA2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/gwd_webcomponents/gwd_webcomponents_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=0ovBnmyrEN&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5622
x-xss-protection
0
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 29 Apr 2022 09:35:17 GMT
Enabler_01_238.js
s0.2mdn.net/879366/ Frame 3CA2 		106 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_238.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=0ovBnmyrEN&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=0ovBnmyrEN&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 10:03:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36751
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 21:21:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Apr 2022 10:03:54 GMT
generate_204
tpc.googlesyndication.com/ Frame 6C29 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SkuQtQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css
fonts.googleapis.com/ Frame 6395 		672 B
360 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:900
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6194963934245524570/36dc0937e24e96ff1342e7b9b1fb2203.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09c57c1fa6f8e1339edeb5e8a763182f3ea2c866903f5cf8fa51f11ea21c5ed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 08:00:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:17 GMT
e07e0aee7d1fe563582381b03781dd9e.svg
s0.2mdn.net/sadbundle/6194963934245524570/media/ Frame 6395 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/media/e07e0aee7d1fe563582381b03781dd9e.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9872c347a4672d8f795ae68d33e71cd09d2695992dc07977a8d3db3bb586d721
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 07:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2126
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 07:55:51 GMT
e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
pagead2.googlesyndication.com/bg/ Frame 2EBE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 21:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
42781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13654
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 21:42:16 GMT
e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
pagead2.googlesyndication.com/bg/ Frame D3CE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 21:42:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
42781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13654
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 21:42:16 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 3CA2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 22:18:51 GMT
x-content-type-options
nosniff
age
213386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 22:18:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3CA2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 18:59:49 GMT
x-content-type-options
nosniff
age
225328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Apr 2023 18:59:49 GMT
ats.js
ats.rlcdn.com/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
17703
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Fri, 29 Apr 2022 04:47:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
iAGDlwOqx_5hSfYyArgORsrYXCv_ViMjGTqIxVy3Tj95DV_CzsXorA==
css
fonts.googleapis.com/ Frame 6395 		672 B
360 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6194963934245524570/36dc0937e24e96ff1342e7b9b1fb2203.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54c7f9dacbd3be07256357be812bd7edf74ac6938ab155493b599a39136e81d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 07:54:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Apr 2022 09:35:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Apr 2022 09:35:17 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame 6395 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 17:12:19 GMT
x-content-type-options
nosniff
age
231778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22504
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 17:12:19 GMT
7ba879992a2312211dc6f6b62a54e8c9.svg
s0.2mdn.net/sadbundle/6194963934245524570/media/ Frame 6395 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/media/7ba879992a2312211dc6f6b62a54e8c9.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16f47170060181280b60c8366c80b5a4688dab4f5e72a8c19b6dcdb1ab46a4a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 07:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 07:55:51 GMT
003b7770c5db60485969211ce5f8d149.jpg
s0.2mdn.net/sadbundle/6194963934245524570/media/ Frame 6395 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/media/003b7770c5db60485969211ce5f8d149.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0724e2502860eabff470babca552cd1a5d23312a5a5aa86b6d4fa1bdde4ca969
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 07:55:51 GMT
x-content-type-options
nosniff
age
178766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8719
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 07:55:51 GMT
cf76a04d71b2859fd381826111d09d83.jpg
s0.2mdn.net/sadbundle/6194963934245524570/media/ Frame 6395 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/media/cf76a04d71b2859fd381826111d09d83.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59cf99792109810f5d663f201f31a03cff810ed2132ccf824c56b3758762cfea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 07:55:51 GMT
x-content-type-options
nosniff
age
178766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8651
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 07:55:51 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c0b29e6fe9b637641c352f93c201dcc4c5f2d61b1c450e0ee246b18f3c504aba
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 29 Apr 2022 09:35:17 GMT
X-Proxy-Origin
217.138.196.102; 217.138.196.102; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
60945cd8-63fb-4b36-b2a6-74e1dd6fc5cf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969da301757594a0c49518afc10016&pos=8a9695e3017777b66e76bc36403401e5&cmd=bid&secure=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e6898529a9fb3345836ed98cace5af4654256503bcd69fd0df13b8745ef44d45

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Apr 2022 09:35:18 GMT
server
ATS/9.1.0.46
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
content-length
62
trinity.json
apex.go.sonobi.com/ 		94 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2261d14647800df1%22%3A%225ada8bc6024f756e9ec4%7C300x250%22%7D&ref=https%3A%2F%2Fwww.staradvertiser.com%2F&s=829e7a4c-f0a5-4d0d-960b-f22ac182d51c&pv=0946acf7-1b38-4614-993c-a329d1a4f524&vp=desktop&lib_name=prebid&lib_v=4.29.0-pre&us=5&ius=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
202429ccb6f57188e34c3984d9c0a594d0497eb4c7bb4674453680e5057d9cd8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 29 Apr 2022 09:35:17 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-ams-1-7-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		36 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=359592&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227c31c42f0dfb03%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0-pre%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228628b197906a18%22%2C%22ext%22%3A%7B%22siteID%22%3A%22359592%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
02b37a706f12d1dadb67d054d5c88dc6b266bcd97f818d6af28a64b908e0dd1a

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:17 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[217.138.196.102], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
27
expires
Fri, 29 Apr 2022 09:35:17 GMT
bid
ap.lijit.com/rtb/ 		24 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.29.0-pre
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
22a46dd7af4f7c8a5df89fcbef80ec062753f812b71d31aeb4a0d0ad70b405ad

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 29 Apr 2022 09:35:17 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
view
googleads4.g.doubleclick.net/pcs/ Frame 609D 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunzVlTDS10xq1iI3IXAtpx3yc4SfjS-USMOwCEKxA-HaTZZs625dSV48AkLTG0ibKLSoaGzZyn9JjM1E8ZAgrw6aZpLtTOLCnc53fMEy2-KBj9-rF2wVVc96iWF8W3eRtNe7hJ4R-j6PEg70t_JdJtnu9NyvGVV6ZUxdskHlahfLlglHYB4WFWR_KKeZQT_WlkAc_JqkTfwDmHOF7ks2dKdlmJtL0o6-g1T9H7k1zH0peAS5WcGluJwELoSqbTDiuQnu14HC7Rm2siDPGuEO86pBnMB8_jc0RY-0QigdPlUZkFUoAI2Q-DKHBH-DB7T8j9a-t5mS3-8-yZdNxPeLDtCKYz_XD9Fq_60TrmHMxRsjK5JBjzbRC2Tyqor8tNeq3_llzuq4TNOPXQ1Nn0dlqBayoXeBw8gUGnRoR5d5sQn_E5jTTUZKJKDM2Y6VV6z-U0Qk63p1EZfBSE4rodTB1ZaX_ZyJ8DCu_dUlg9KqQyG2bM_upLCSFo6ciRJ1UFp_v5zG-pYQN3FpHw3qsC00iQ_--ZyAOJrNAPo5UYoO4FJU83SopOKc1WEdxSw59ZK8aXqIXPiPbnbN4zjDNTX_oq3mCuGUyfk9zc67Qt4NSpRAHUSuoJUiw-g4NRnoor4SPVa40RuPC5zoJuQCZboLIkCQPB10qYMfrZK4RuwrWmDopR1HMuoC33uBzoKDXVyx35RGNeHe_NCi_swpvVEEreMYrh_jT6gamF-O6voRS0uZe_nb2kc3JROYTM67IMd5zHASy7dZODU8xpQaaneC6OSDLLn4b6SQO3x-4LP7Lq8KBYC6eilFShQuWOR0fFHHaiP3-ltcDBGi7PohRFDqSAN4O1jvoegz1a9-BGVJEtHp_vaSm01LwWd-k5Qvplujk348njQqbHsE3k7Jh2-OpInucf5AUbDvGJ_QSMyLdFC5g_GIwrpibYdpNIn3t3Arnx_-77voF9c9Ra0tRfZosvVTX2gMNshHMlPpz3B8sNKc1fXKvNKRRCPdUawcgl85PMnbtMC6YRoaIgDnuV7ZB2h0trhBJicF6x-ZOjZsLOa2IV53SOJaRq5nrxsKHv_GMzDjFYXLlCkPQpGvPvXT3aIJFig9Sn1nmRyrS4ZlcaL4hdh35YoFjapTSQBbWk7fF1HTzL6dRcMW1H2Ayx7iJH8TOy7Y7IbgHrOiTV3dHcBKjsoYpTkqLRXoow-Og1jm0boFzj9hWqV_x5CTBO3pHeaROv-5WOsALUc-SFnqGtb--boqkuZY9iwnEDmQF82fbsRiePazKdRIQx8ztIYvrzLlgPImbkDbk-CBU&sai=AMfl-YTdVH9Cjuv_qV-ygMyoyEbcUIMSdMI_5laBogDM2C711nrLlw2whJXGG387Ad_7MOb_WlwPgpKdrDSFiZUyrWLIL0AZYDKE4iPqeaMqaRla1NkLwtxCJT6YOEoLHwC96Xu2FRHVjfO1fS5yznynuMqocQQm8_EVAn0Yxb_SQunZJQ0z_1lABZfVJgmJMPFuPeGB1lFCiw5IKfxfmfC6JA&sig=Cg0ArKJSzC88Kc_lRl0lEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=605&vt=11&dtpt=343&dett=3&cstd=255&cisv=r20220427.97513&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
prod_studio_01_238_configurablemodule.js
s0.2mdn.net/879366/ Frame 3CA2 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_238_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_238.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=0ovBnmyrEN&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 10:03:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10829
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 21:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Apr 2022 10:03:56 GMT
369.json
id5-sync.com/g/v2/ Frame 3222 		213 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.46 , France, ASN16276 (OVH, FR),
Reverse DNS
p01.id5-sync.com
Software
/
Resource Hash
e88310fc5f8dbb607eabb2bcd46788ddf3539ff0b32f42676e143f8860cbf4ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 29 Apr 2022 09:35:17 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ Frame 3222 		108 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
fb73da53fe9207b89ada560726660d130592cbd60f6297aec65d680a341cb9a4

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Apr 2022 09:35:17 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 29 May 2022 09:35:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2EBE 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfKljg-wko_ytRUxoRkLTRMsReej7JF6ZHVAxf3dGOGAr5c__Bvywew8765b9fbeg7xwVljvH0-_oJXOKTMAZwIxNuYOPrjjU1W_r5-6J6_l8RYOGZ1aBA7nuQhKy4WVgcRvdlmPy-cTxzwTS_ZuLroKhIAM_ksT_AyxOMEd66Qa76s5TldRewbiPTlwyTm8Tc6n2bDWflaffIohurr9sA75LIA1A18w0GsxLQ2RmkvrydVL0t5qpsbxiz-cgvFHLqt0oUFaAujwVEVjHjQpWVAjl6nLjMpJMo60kPTJyc2hEMUy8GI3N-udqcS1Lz2kkKA_BfntpUJG9_BRpPgBeIgxtXU-w3QkL4nxOij4C2IM0gR8mkzINpwdj-gyU3pk0qPZYJ0UJ8NL6XH1j6rz1Ba1J0osM90zievvgvwmK3fsU5F5rx5vFUTfbL0-3wgQtDYdKGPhu9pPAyUouxSNovSycIMQVtpFdYEDSYJLVOHQ1PPE1m0VN0hZ-uTKiJmJDaYo8wZRZ41gOfdcA_iuSdUZ-xOusoj5zUH2doFoGR8sLnXsFpBvLZ3yDlVXMwoiAw9Q76mabnBOYlJdj8c2dVJVg6ea7kjhiTv9I-c6ek31TeTZO59PxLgTzN7RIiwmDJiI3B8PpFO3VrFmrWqPGcMVZP9Lro5K7Rry9KHWzuAQg7Nx0LOaSEJ8-Nb2HIDn97YBhy7tBHfhQXYW5SLoO2OWbIvMjxDO-HffpXRaLRkpuabWKM6LqczIVJM22wHSr3KB1gcfl4JbPO8mbT9B1I0FMjg8TpfJLKR9_6EBWUfxSeNegXEE6datXTjCftiDp8kD7VNAFbO2mPCsGziAKTe0TNfjBWwz8gWwN-n9u8CwP3uDnlm3_VZSO7hZLSfBtOVZhwI33DLPoDneZO1KasbecPKyIjt1y5XpnJgYShIqD56NKnlyqxj4gBTn_2TMkxGyDAPREoFK-xESbOP2R1xOMUsN5kOvuVYzB2ZjTYNTFA6WjdwTiFLTZKZBuE95sCRwpbxOJCnjOqU4VGLlCvhThVsv9OjgGK8utZYysn4V2Mj61aLxy8IC-0_8RiQ9FB0qKaOB5CI4TrhzMnYvUGjKyRi5tMOefchRqmlSNMmPEihWngwNl8ywv_wuDI8sjYN-nAlqNhVGLnxnAch6s6fkXvvOT3vAu27LGa1gD8tfTdOOYnBU22wuri-sjlsldUZg1vEiFOYl71RPPOGI96ayC0E0D7kUQAD85IhcHrLlKwshwWsF4Df_hByXHaBpf0zbjIvFFuoOsGjaxan3aX2J0&sai=AMfl-YQeQMXskllLKCeni8E9hw2p4aCPDNh3IE_oW7BAG40kmfCUunzHn1MJm5ncCF8rduFzvxx4mNyd5_3gFlmg8luAcPU2wfsn4q2SMtK4YtbWZRIo73Sz2T0w8akzD6DO-4Ce7iulTGCWZC3u4dlkhe1mW6Wd5DKUBmNiCIlm2Gfyu2Tq9JeuqNud4G-5amODUQIV_zIzO8PSpxu_0ZCofQ&sig=Cg0ArKJSzMG-WnyeeCp5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=750&vt=11&dtpt=500&dett=3&cstd=247&cisv=r20220427.94662&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
369.json
id5-sync.com/g/v2/ Frame 5E3B 		213 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.46 , France, ASN16276 (OVH, FR),
Reverse DNS
p01.id5-sync.com
Software
/
Resource Hash
e62878772d6703fe4145eb94c1741320c9495e6efa3596d2edbda7263826806c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 29 Apr 2022 09:35:17 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ Frame 5E3B 		108 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
fb73da53fe9207b89ada560726660d130592cbd60f6297aec65d680a341cb9a4

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Apr 2022 09:35:17 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 29 May 2022 09:35:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5E3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042501&jk=54914158931145&bg=!WVqlWh7NAAZNIUvJbSE7ACkAdvg8WifZ1gNn7AdxnAgdv4-uTSa-QqEA2RtR-r1wXlEa9VHyGCBljwIAAAFzUgAAAAJoAQeZAv5-z_i2lEmOFhQ29yvw19_aF_nPj57Lx_IHz8AcZ40iy6f0gcxC99Z0mlq_5PO91f8iHRFmrITl11qV95CENHxtr9E088-3tDBO-UJic13E1H0UB_gjeyWtdjv01KqAH4KdcQsBEPCzLRe5hc-fMW3mEgkaTj92823w_VltFJ3x_H_WW5gkSgrstVEfNVk2mnMDyFBMLOm8Lhofi_1wh2ZjaR5Pv3eBwAeHxIZ6FcIxEPZqH1O1gCdh2siIYujp3vtgwFouYt5q8pa8U5GNgXoQA7UQo5TmnudXxiPEY-s5Nq5tARKXmaCFyjiA51ILSxG9awqivYHyplJLMDSKY-UWZsLI7b787BLs8oz0-8IejC5qugfaLchm8xApLEZREn1CAsI2pN0-sShdt7gVPjERdt0Fg9xsuYVZHhaMkBFQJ8yD1F5sxc0IG0O5H-AWtKPZ0wqWTUCln9_bqza4Tn_ZDodwyte_-ePGAFIQFdVHkjc-aHoGAo-_0fzaiozD2wlBrXZE78hNBfq5G2E1FPlT_9o8iMp9QdJ7DP-hSRy3ai4yMwgD-sJmbs2SWimTnONj5eye92vyykhEv4YkhDv7-0_LZD712udcXWK_Dp4bQZ4HCvcF6uwCdb4JCnr3Wfj4-mYxjOXm5BKZ_SJDsFQhDwhWF1FVnIaMi4G8bWGndqWHmZoXotVpCIXCnrsTo57PQSfCTVo-JPeGyTiWXRrTF9ts8TbNlC8nC-qCIEykMnc9EF49PBc1qr5aXqJ4_-D_7BbgE3gjKAfsq7wTmBabNnCAggB4vqfq5vUg73k53xCcPW4cMepApfAzyuItJyGtjk-KSzFlZBeLHeOra3Xgrs8hhoixuxXOE5qEFwbukM-rbMhPm9g0rAk92L9Qxx0bqWfNIbmAfoehNoRfENsDPolrGAINx04W8DUi6yfgX8F9MgAzmoK2Th7FIJwWSWh6Q4g-SFWgQhzsD2NUehaBnYAfeuAoM84ceYIgd4u-M15x5jYyZ9JzkLg1GWWH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
arrowIcon.svg
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/ Frame 3CA2 		429 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/arrowIcon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
686e714a396ef9b1cb39f3c06f50dbc54b5105a6d3a7c41e013e624f3edfb84d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=0ovBnmyrEN&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1571
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
last-modified
Thu, 19 Sep 2019 16:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-richmedia-studio-eng"
expires
Fri, 29 Apr 2022 09:59:07 GMT
8527431134859360019
s0.2mdn.net/simgad/ Frame 3CA2 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8527431134859360019
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34a5c4bed39317c01fec6a3020b58a2bad43f396ef3976e6f3383a21284f37c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=0ovBnmyrEN&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 02:34:03 GMT
x-content-type-options
nosniff
age
284475
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23660
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 19:44:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 02:34:03 GMT
13166259294120788605
s0.2mdn.net/simgad/ Frame 3CA2 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13166259294120788605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93f98faf5241d3b5844943b3bf1ff5b4402ba6db4e90992f262d147877484f78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=0ovBnmyrEN&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 04:48:11 GMT
x-content-type-options
nosniff
age
17227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1225212
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 14:42:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 04:48:11 GMT
truncated
/ Frame 3CA2 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 3222 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042701&jk=685003444754438&bg=!pqWlpeHNAAZNIUvJbSE7ACkAdvg8WnSmXl-mH_W9gOg_Yo8ptoM1dy01Yd_PY19-ZfIH-roHGw4mvAIAAAGmUgAAAAJoAQeZAwQI1E3t0hIJX9Gx99A1-OjLzJlRBN-07FCRGhW0Gn-Each9FYRlUHNCZ29rnUcdZC1yXEBwhIo5Mp8fWjGpQMPzN98uaN3jwwyE-RA958U8lFFyhDuEmc0YOCkarejwNXoY1-WvTy8R2ZWIHuDbSOKku_iz8iDtxn8p3MTgPntggSQttNNlwS7wmxkUYZoT8JcAh0fSwb3z9XIOkyVGDSqjT-kqpYaRcxDOegBcT1iEsGolFsmPIQZzAZhuu9hUrwn1rVB2PElwLxtKOGC4ch1_Imv4u8o3_HbetbDjD-EkUbUA9xeHYKSAJWgBp7RFJm2wxlcxdZz-V0-EXvHmE4ROLzskRruKpae1UGRAI5igmFWI5Uo3uuyTdBZ2sK9lPhHULraX6CohXpuvr6MDkotoodTxc6-vlvX0sVWnFLpwkFxWXbARExfVvWA7O0Qpov6NJ0_-h95teTuNf2VFRypNnuIn0UpuBNPNYYhikkZJFE_c-ZfY1MGwYme8_Tqt-nYiIhZvy8bvDayvyhBBoggDQuNwp_PECJvtahOiYjfWjxV3tm8ezjUy3Tz1Za8JYoMUF4bKZ6EffPGHIhiifT7S9-PxaPVsDKdwa91ccx-grDV5sLw2RXBQ5-sOeFeM0W3HWuJvkvc1k6Tf7ba-Fr3YgmMXToTm8IQXcxzaVCGfj5Hc74DKOym8t9VQIlr_HkOwmxVyu-bVnF0WbcP5_3qIBN_O8MfS6CRPqttl07gwU0uEhIm-PP-tgqWSTk4KHOdS607Mw6EdGS-L3vKACofJui9WxNJ5AOQvNYF9fIuA4nX3OkYupt_raPwsaHr-6XIoSGregDA8eEvNhGhCoWfLbgol7F9hPd7mTxsiWQN7SO_1z6uxCdUEcncI-Cysf4i-_LGq-WcEzdhoP0x5YEKKGQBncuMQi_r98r60OvDKxhMl9avNEdqFf-7vkAcwxGeDo5PnV0T3PRqJPhiV8qYa8qjaNO9IpVcn3ATZOOpvSKz37z43yxnwUay_QFLKdJ3qYewG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EBE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bca3BVbFrYtjnArD87_UPsPuQoAIAAAAAOAHgBAI&bg=!ODulO3_NAAZNIUvJbSE7ACkAdvg8WifpiFgQjXSMtJzsS1pYWclmR9INH28VcOESDCdjAg_-XrvQdwIAAAEyUgAAAAFoAQeZA271h7hXEsd94wy_GzM2phv-nEmRyWdj93WjPy3UHd0MXrTWoWGCb6R24zUafipnYHSy27PRQ2Rr8Uv2R9h_noU5nbzdjqk7bRAq73kEHx8BnveyspZHrAAkzHYTZfRB-sC1O83vyo401uCcpxMcdtY30i6mFzyLY5aZv3iFg60Fvz-J1KbQu60APP1fVQDPJLlxi3P5CFn4tfTACl2eDI83PxLGN78840YWIyPGVUW2NXzBX8UuHB2Rf1eNaaK-9MAuvB4F6T13wOM5Dx3LPZCFnXGq-f1SIGJSDLqbVwg53XeYB71gUB0rzy55X0XNxzgQwuqFciqnFndFALojIQrerwfzPJ0Y92lvDAKpP_L99Ga_IuU9VSINWNyocCrMC7ku1xWqY-CMSoSVifOlMGWin3PMNxdwgygpWx-qDHIvBXwg0oHc4HV84RS-gpS9jVQUreifYPNg5ipRltsmAUDOpz14OVdLkpn1tprMD98zcmIVSqSYUtGKPDl8CL9vZvYLgAfiQoNJULb-_z2Mf4MZ37nqjk7zC-LTpxdHpLL5ZXp7qY8Bc6zmJ6sAzLGCpgvQNJ7LW_JH4OIfBj7T7WvulKeo0zaQF6nmplY0E9K_Agdd_ET7IFa2nqQo76Vr_A1OlpOI_cWlTEhDQoI8HRmOZ_XB61UMqk6r8brkwcrutFfJN_EGL2D9BHAS22ESePSUaOvc4mmeD6S04Z9HKvLgtyZcOQX6uNn0_wr3ZRkxsPx4szyjM5N7CZxVWmRDIsTsM6vbUoHgE6Gf43_VQr41J9jNkGjhOZORiy1qvTmcdOjC_L2kogE_yEHmbjQNcptQnAPiYvJ6MsL80gHZybMy5-qDsQ1eJmKnusSVI82UPnDLboIs_io8laMRbghlYm6_KX2W6v7mW4ez2wLr2G-E2e_f-VJX_fq_fYHq3WXFYjanOvsv4Q8Y5jBaK72OIFYykiXx4eS7cxOo3I3a0peWvOW-Jv5mVCEtw9rfTwTOlrMIIIAnXkY39PvcygKhYCz4oUVxu8MuuJ_MNTvjVUtDrJ9F1p5UQWXkusCBm8fUooXq1avfMhInufhqyubYOY0H93xkJ5zn8JI5vNj6qdSR3gTjPCxJWE9o9jnQIbMB1B9u9V0XnTNXcYOkWZPkl22Ar49vAz2JwKgWrK0HGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D3CE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaxNfVbFrYu_kBp2k9u8P6ZioqAEAAAAAOAHgBAI&bg=!ycqlyo7NAAZNIUvJbSE7ACkAdvg8WrAHIguGicmQcLqmzZepfT4kjkLoRm2m6xeDy096FpYzmAImHwIAAAElUgAAAAJoAQcKABJZYeQ_i93dAL9lj0iDJYRMLpGZA2ASgtonRivHmq4zwSv5COKsll24gJn9EAusi141u-1N0Lc9KRz91gHDoA6laTou7sSkF_9bMCIfilW26AxEFlPHuohqfRHwcBiYRtShysFpCm8mdwu7ek9ifJwfY5VTCo7c_62zaKJJBsGcgaY-NebubvpoMfmwF-98amQsLBMfiSTV9y6KP0Wv-cVQTwgaa0KAg4IQFNs2Dmrvj365BFDHRwWatGu5_XNK2Ats5dLY1j9iun0Ab0njbvleII2m_w59hsNNKWK7_f3RXeshOIqdpUZnBaEVh4EVi7N3Rs9nPnPS3B4steYmNB72EDP00DTTT3vjFjTEPVyATz_2PPuQrcQWBEnsin5LtJkWNyUt6tCp79asSsmhS8dvehupHzjIxin4NUij6xy4EQdj6sCTlMvR_C2CRohpdpA7e60BiCQnU8iT6KMQ-CoXP_E81kjS3g6Ndb9YhREMCfmzn3c8o8G2xUeUZhq3BEayXU0pi15PVVQ4BesbtZk8jXgMqLlN5As5tv1q6-MkJw7Wmp_wYEh7-kUZEillkEOmwffFMXF8Pz23asExIpGTkIVLlAlGBL9WcE47gYD43tPhUdmjwQSmlEFSA_7kuj7l_Gx-RNS1ucSNk7Zufp_S0aD_qaKRt6sYkSlX7rLZviJebRTYXp_QJPRHeEGLTvtkASgRNVOqTbnYXBDzYiIvioCg3U7gW2MmCumKjx86SQwr0aosu8nbRdeNzUiie58wsYDHSAl3SSx4rBzkf_iC6QtlJkSF4yzZnxzALJb7xnVl9YqUu6ElR21FqBOtsto-_shDZDE_cTqoklhcsDsN5ibY5VKia6BQ4SAdTiNBYl_S3acLtBWwjLO_KMMpqMtLXevldF5QfhmgtzSbOARsEkIVgiG1S2S-Y7V7IhLm-K4X6ogEcwx34xD4qEyKqMqX1c-K5q3oPBnLBxNlHi2dy1_rTLAF5uUbYlzaxcQL2fOu6kXkZBlQ2ev7H3u5w2IUJ_4ZM8qMbRSa74BbnpesF-dbU1qZOpBa-bwiVXymF5WsyfWy4AD_Tc-eAKnOs6yaf5kHTmiqEP6Rwd0EI8wM3vDMR5CVuCpDW7L2CY09ZPzmg7hWVnraHWJ9LGudUwByvDgNUoah8MdQNGr3lVlvM2IF8m4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 09:35:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13166259294120788605
s0.2mdn.net/simgad/ Frame 3CA2 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13166259294120788605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93f98faf5241d3b5844943b3bf1ff5b4402ba6db4e90992f262d147877484f78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=0ovBnmyrEN&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 04:48:11 GMT
x-content-type-options
nosniff
age
17227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1225212
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 14:42:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 04:48:11 GMT
8527431134859360019
s0.2mdn.net/simgad/ Frame 3CA2 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8527431134859360019
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34a5c4bed39317c01fec6a3020b58a2bad43f396ef3976e6f3383a21284f37c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=0ovBnmyrEN&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 02:34:03 GMT
x-content-type-options
nosniff
age
284475
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23660
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 19:44:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 02:34:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042601&jk=164214603234511&bg=!vb6lvvrNAAZNIUvJbSE7ACkAdvg8WvHqbqQcH36iTmBRyIk15Hn4iBpOPj-6u4IpaaFcxSnUmvp-aAIAAAEsUgAAAAJoAQeZAt2adGXFptrDmKlxNLVaP6VUl356rQTZYt76l9sX4magmjaphighsX-Qj1gGCXO_I_kobJHQPxwOnmhFUm46DykIR2B-b9qi1m0oc7JefATuXf0RBN9cRxVU9LAbOYe7Xkl5u28pO6FBYOzEb7f8O1fS-SEsDaKG8muSdyUOZfwDinlXuTj2EKwANftDuEf0eaquxbLXPTyRZOgX7GokDCF9cT-UQWbvN-Px5WwqUXKhP7ApE1VXE4_bg0hq2CKepxT07n9jj1opSo8K51f_FoQDu1noYFHe5RU-q7jw2r_A2JvrLBQ1nIa5zV6Ad8AHy4H9lL_3bEqTW2VgoPrsFuFbs6fQEZRvig0lHrwgS8NQPrBaZY2c5obeu03V7B3MR6wLrjvypuMfRdiyZ_tzYUvfdE2vMBcraV-KOnCUV6nJWuQATGcyadmF_meRBuBBJRskpAaMGTSGAEd2A7a9LtcBJH0dFzWC21eKbtlaNuz4oY1c4CAMSYu6WStxYK3WaOM32j8umXbUUYoceU-AJQ_W0ImnBXxTZtgIQ9_wRgrCAg1Gcrnlw8h-KO-h3KPrPGbTzFiuiFCWOFgLJTOuHPND3_P7lpW37eSmRlrHuaD_2VwZM7h3nl6EK34Od2bLxuBileiubrcn7M-vpxhS6wqm_DczimiSB5atXj3Bi1qYFEGaPGpwScpYKEEaVnm3OTT6cK28_TvqqOfD7O7m_0NRo_CSFym7rcypYxL1m_YKjWKDRzodZgzPIzRjEVarnNUgtVK80CzPneE7Uu8K9tBYbqeZ5lh90vsC67Hg-_QvriWJ_QjWcam4gkbmCVIoFFNs0s1CNjBfMOLcSgGpjic0h3xkdBd_hKxEWM_Vn_EBCHZXU-Kr3XbNhw4PmQsIg0DWtH1VtXGJsPZ8WgoLIK1XTsSjQHqT7l-f0GokaLwUeJZV-ZYKqInNgQK7JUlSqjdKIsV4im_a5MR5zmrW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
log_event
www.youtube.com/youtubei/v1/ Frame 2564 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
X-YouTube-Client-Version
1.20220427.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtRalRkMmVyRXBxcyjM4q6TBg%3D%3D
X-YouTube-Ad-Signals
dt=1651224909368&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C299%2C168&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 29 Apr 2022 09:35:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 29 Apr 2022 09:35:18 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=164214603234511&correlator=880742230619301&eid=31067331&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&npa=1&iu_parts=281191609%3A5136785%2Ccityspark_oahu&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=34&adks=1413280974&didk=564184613&sfv=1-0-38&ecs=20220429&fsapi=false&prev_scp=frstlk%3Dtrue&eri=1&cust_params=ip%3D0%26he%3D0%26fi_website%3D7470&sc=1&cookie=ID%3D4b5d03e2bdf1bf4a%3AT%3D1651224910%3AS%3DALNI_MZYEaD8w56ZL3j-ikd9dmd_30TLlw&abxe=1&dt=1651224919670&lmt=1651224919&dlt=1651224907792&idt=2072&biw=1600&bih=1200&adxs=1162&adys=3589&ucis=y&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=298x-1&msz=300x-1&fws=4&ohw=298&ga_vid=1497013893.1651224909&ga_sid=1651224910&ga_hid=1006023325&ga_fc=true&btvi=18&topics=1&nvt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
d7ef763c2716b12a650799738dd8a49cb11f8124a5b766fbcebfdcb36e186abf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8586
x-xss-protection
0
google-lineitem-id
5817962342
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368763301
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=1&f_privb=0&tid=ec7779c3-c4e1-41b0-8a4b-8233ef6b640b&pid=8fd0fbc1-1a77-44bc-aaec-1d3a26ad1992&dtm=1651224919829&qnm=_matherq&visible=1&tabid=7b00ed31-c284-4bec-9c9d-146474b56011&url=https%3A%2F%2Fwww.staradvertiser.com%2F&vp=1600x1200&ds=1600x11601&tofa=1651224910&vid=1&lvidt=1651224910&duid=5798030f4b74c6ae&fp=1351496004&cid=ma15446&mrk=988352900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY1MTIyNDkwNjc0MyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMi43bWIiLCJmc3RQYWludCI6IjE2NzgiLCJmZXRjaFMiOiI1MDYiLCJkb21haW5TIjoiNTA3IiwiZG9tYWluRSI6IjUwNyIsImNvbm5TIjoiNTA3IiwiY29ubkUiOiI4NzUiLCJzc2xTIjoiNjI5IiwicmVxdVMiOiI4NzUiLCJyZXNwUyI6IjEwNDUiLCJyZXNwRSI6IjEyMTciLCJkb21Mb2FkIjoiMTA0OSIsImRvbUludGVyIjoiMjA0MCIsImRvbUxvYWRTIjoiMjA0MCIsImRvbUxvYWRFIjoiMjA1NyIsImRvbUNtcGx0IjoiMTAwMDIiLCJsb2FkUyI6IjEwMDAyIiwibG9hZEUiOiIxMDAwOCJ9fQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.36.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-36-29.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:19 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
container.html
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 94E5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 09:35:10 GMT
expires
Sat, 29 Apr 2023 09:35:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 94E5 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B.U0WCuUlt1nr83q6qL5pSMZGvC8CH3d
content-encoding
br
last-modified
Mon, 25 Apr 2022 14:53:16 GMT
server
AmazonS3
age
2381
etag
W/"dc1718ec2d81708de896776f554a424f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Fri, 29 Apr 2022 09:35:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
pgXXJRYw3h76LLEscEXuO1h0l2uKZ5lRMmKPGU0LihfyW34ohzBn_Q==
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 94E5 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Apr 2023 16:41:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 94E5 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 09:35:20 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 94E5 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=793499
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:35:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2B3hgHZ8x4teOVq3jVM9CWeDHwnmXv4NJdcYL4zJxZuMCLxzrU2%2FQ0VW9RAoum6B%2FLnzocievdjCuk9Lm7TjDy2744WjATIekP64VNTMFRuDvLNxKNGWmzgJmO95QFSuomEFOaIlRAZnPeJSN4ZIsEnbzw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70370c066bf5374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FupUUPgyWvRbpH0ASa8C
c765f933-0336-485a-b42f-3d7653564c27
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/ Frame 94E5 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/c765f933-0336-485a-b42f-3d7653564c27
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 94E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgZjBS3e6Ro2A2tIF-DYfXNe4cUcdmumbH4Z37-6RwNSnbVzPTbx6k1MT9EXxl48she--ze3fGvkk93PBkygwnSVYKo6BivFQR5EJfyVcrartTwwDpOm0IR6taYKzOPnZodDQ6bMTQk2Uqe9MW8C4pD02jr8tpjXKHVb7HBvQ8d6dmZ9ONFdo0nsBEcKjzK5Quo7_rSLrHVJ6LLpeE6sg_pZ4w_dAteDmPkBTNt7De0uXvu6MgBDRa83ulBspMggaZMn6epj5jIfFQe2V8OcOulD_xlDaqHFuqF81uqKjVsCXH7v3XHSCOSnxNnL_TMGUeuw&sig=Cg0ArKJSzOxKFtx5dZfAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cm
ws-na.assoc-amazon.com/widgets/ Frame 3FDF
Redirect Chain
  • https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
  • https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
Requested by
Host: c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
URL: https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.230.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2aa1867a871ad01ddd5ae738635916fe9fa7830b61b6dedf692939adb248a9d1

Request headers

Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
close
Content-Length
44853
Content-Type
text/html;charset=UTF-8
Date
Fri, 29 Apr 2022 09:35:21 GMT
Expires
-1
Pragma
no-cache
Server
Server
Vary
User-Agent
charset
UTF-8
p3p
policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "

Redirect headers

Connection
keep-alive
Content-Length
407
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 29 Apr 2022 09:35:20 GMT
Location
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
Permissions-Policy
interest-cohort=()
Server
Server
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
B42VC0X9H66KKRHXYR9P
view
securepubads.g.doubleclick.net/pcs/ Frame 94E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthNcuUNrGV2OYU2pgzfEHlKjHYttk3Nu5_Uaf7FVI94_zp0vEqJlPlPwjkme4U54DzwKHOcmEObTYWVkxrHYLxXnhFLbg2VCqIq8SKNVxidg8uXME2QrGRcC5v2tTe8NmPjI629Lep0yANZwExAF2nQA6NVgc316k8hR1tOajpxZJBqTaxNgdTl0nbPE1A3Q2U2umoBOYr0cBy0ja0vERx1P7Rvh3ydLcqiVU3rYPfPr6Z4StbpcY66UVMscojCn0wTaqli7EpXhQ0CyZyStSq9ljUCPj2HHQSBuB5AXhg8X6rFneheQUOp7PocQIkIotItBxi&sig=Cg0ArKJSzD_6HZN1PaB6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Apr 2022 09:35:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 29 Apr 2022 09:35:20 GMT
truncated
/ Frame 94E5 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f8bcad6d3235bf3a6e15ea1c1d0fdf332fcd3f23f03c9ad83778800de0e36aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
YjJkZWQ0NTgt-N2JhZWMzMzYt-w300.jpeg
images-na.ssl-images-amazon.com//images/G/01/kindle/journeys/YjJkZWQ0NTgt/ Frame 3FDF 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com//images/G/01/kindle/journeys/YjJkZWQ0NTgt/YjJkZWQ0NTgt-N2JhZWMzMzYt-w300.jpeg
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f200:1d:d7f6:39d0:c781 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
59920183728a98c992f20c4276dd296deb3b9dadc2d054c7ef8db8fb6ba91946

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 06:14:31 GMT
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
age
13361
edge-cache-tag
x-cache-608,//images/G/01/kindle/journeys/YjJkZWQ0NTgt/YjJkZWQ0NTgt-N2JhZWMzMzYt-w300
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
content-length
75406
surrogate-key
x-cache-608 //images/G/01/kindle/journeys/YjJkZWQ0NTgt/YjJkZWQ0NTgt-N2JhZWMzMzYt-w300
last-modified
Thu, 27 Aug 2020 12:03:24 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400,public
x-amz-ir-id
01b5b8a4-fe73-4a57-99bb-ede2fc1c8ade
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
https://www.amazon.com
x-amz-cf-id
Ncxu3fQEHePnqCLX_vTM1V7Hzo-DrJZBJh9vuBOJlgbV2am8MmF4Vw==
expires
Fri, 29 Apr 2022 06:14:07 GMT
json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 3FDF 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1651224921606&logType=banner_impressions&p=%7B%22mobile_supported%22%3A%22true%22%2C%22action%22%3A%22onload%22%2C%22adunit_type%22%3A%22banners%22%2C%22adunit_properties%22%3A%7B%22height%22%3A%22%24%7Bheight%7D%22%2C%22width%22%3A%22%24%7Bwidth%7D%22%2C%22category%22%3A%22%24%7Bcampaigns%7D%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22%24%7Blinkid%7D%22%2C%22region%22%3A%22US%22%7D%2C%22logType%22%3A%22banner_impressions%22%7D
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.233.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:21 GMT
x-amzn-RequestId
565b56e4-7512-4abe-ba9d-7aa4d4ae4d9b
Content-Length
43
Content-Type
image/gif
/
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/ Frame 3FDF 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1651224921606&p=%7B%22program%22%3A%221%22%2C%22tag%22%3A%22cityspark-20%22%2C%22linkCode%22%3A%22ur1%22%2C%22refUrl%22%3A%22https%3A%2F%2Fc3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com%2F%22%2C%22panda%22%3Atrue%7D
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.233.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 09:35:21 GMT
x-amzn-RequestId
ad7a5420-355f-45a5-a339-20b8a40b88f9
Content-Length
43
Content-Type
image/gif
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Apr 2022 09:35:21 GMT
content-length
0
vary
Origin
user_uploaded_gotham_400_normal.ttf
s0.2mdn.net/sadbundle/6194963934245524570/fonts/ Frame 6395 		97 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/fonts/user_uploaded_gotham_400_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6194963934245524570/36dc0937e24e96ff1342e7b9b1fb2203.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8049cffe5562f5d5de279ab34e40e0fc5a217283d06eafbcd79aee6d2659e9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 07:55:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178765
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50170
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 07:55:56 GMT
003b7770c5db60485969211ce5f8d149.jpg
s0.2mdn.net/sadbundle/6194963934245524570/media/ Frame 6395 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/media/003b7770c5db60485969211ce5f8d149.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0724e2502860eabff470babca552cd1a5d23312a5a5aa86b6d4fa1bdde4ca969
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 07:55:51 GMT
x-content-type-options
nosniff
age
178770
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8719
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 07:55:51 GMT
cf76a04d71b2859fd381826111d09d83.jpg
s0.2mdn.net/sadbundle/6194963934245524570/media/ Frame 6395 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/media/cf76a04d71b2859fd381826111d09d83.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59cf99792109810f5d663f201f31a03cff810ed2132ccf824c56b3758762cfea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 07:55:51 GMT
x-content-type-options
nosniff
age
178770
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8651
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 07:55:51 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame 6395 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 17:08:09 GMT
x-content-type-options
nosniff
age
232032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 17:08:09 GMT
42588b3349059b0c9428872171ea535b.jpg
s0.2mdn.net/sadbundle/6194963934245524570/media/ Frame 6395 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/media/42588b3349059b0c9428872171ea535b.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
360ee5d6175612cd743a0b016031656d9e659981119b3c97bf442269ea52da2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 07:55:56 GMT
x-content-type-options
nosniff
age
178765
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2296
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 07:55:56 GMT
8be13f500166d730cb5f3bd8fa164ae0.svg
s0.2mdn.net/sadbundle/6194963934245524570/media/ Frame 6395 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/media/8be13f500166d730cb5f3bd8fa164ae0.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
534c4da7e6a6341d4016489150e882e97699d7d779e19d32f5b068a782d7a5c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 07:55:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178765
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1004
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 07:55:56 GMT
fbb8d6c8093209f6e5de3f5a877e0d73.png
s0.2mdn.net/sadbundle/6194963934245524570/media/ Frame 6395 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/media/fbb8d6c8093209f6e5de3f5a877e0d73.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3c2b4bb5fd3899dc6027f6fe29521388cfb271d4730012690f5fd62a3564ce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 07:55:56 GMT
x-content-type-options
nosniff
age
178765
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1474
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 07:55:56 GMT
128691dc3abe0b3ecaadc51769e90f9d.png
s0.2mdn.net/sadbundle/6194963934245524570/media/ Frame 6395 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6194963934245524570/media/128691dc3abe0b3ecaadc51769e90f9d.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
207a3ecc59ae4858d13fca83b85f4613b9e578641f52d2f2adc819dfe6a04e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6194963934245524570/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 07:55:56 GMT
x-content-type-options
nosniff
age
178765
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29705
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 13:16:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 07:55:56 GMT
all
csm.eu.criteo.net/ Frame 1429 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=eK-rkCCe63pgJS8m4IJag35X8gHL_pLtTYORLtOJaCXq3wNdcxEIU5Z46kK_UNG-ra8P8CU1w-DlkJkJemCJimeeESl4zddAEnSvTDD7obm00gJ0hEn65p-3ihJxwFfmSrOsojdLommBV_O4U_iRWcivtCClbpHsPjVKq7IV0Z_5BAeWofmYhHkneKRDYZAhpoGrsZ3YXnWReZFUTBI7M8bm3Xy9ogUO5mdZlJDTzQGi_oKpEHi66nNjaFOsCDtOaI_h0bIHdNqJur_K&sds=2&rev=81333&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlcIu_1TAA_mIyfooX9SK6DL6w2Aww&u=%7CzTp3kVNQobBeWaVJs7DeNUC6NI0BQ0R5ZFeuKtp5Rnw%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOW3sHnHRTTMdmjbN-pVanZKpeyPCW9n_GeNVO1CFH1rDBmh2JqM1spQT5uTde_7LxAQAaYWgJ_M7GY-UvH_dN0RPnTjcmM_nYfNCNd9DHiP3pAUInCaNwOrfxUMfdox3EoF63tiEpMEGviXZdgBsMdQmi3CnoDrNaPdGCc_4v3xMLuEkFWGjZanjGi1ktqIcz7GrXIz92fLb3N5OxAthUp_l42DM2JeobfQbfVN8n7p14u7N4O-u4pw_1pJOtWYItcmEO44SMJC1rM7CKPLJ-ENOEBqq3ecFFDNwmS6eyJI8WBk-ay59AWOHyKbPQliAW_O3gZTee2NlKaMp9K8al92UCBpjBzLQnkPbH9F6RI5EunTymXXQjuHr4Cq_kXRqtLA_Ia2xoykXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHOQ_TrFrYtfMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBIoCT9A7iLQAnVE2ymR7RC9AZkWJiqe1-w_IwjDkVBXqQ4Jc7mlxda7Bpw7tL-gxy7euz-Eg92CoM5s9CGgXbtVOv6tOIZaxJ_w-1EuOXzEe6E6_z_gOgfQ9njl879Ev3sBdNma6OnCvwch7wUX18HAK-i6VCvciyvhuNHO3EO4Mn6rsY-XIRGcZdlviYzBXM_iKqpQM157yZO0DSsS5fwMuxNdGGFK0OKjs9edWciuGs7TfNqO90RKjeFIJdnPL7UA-KLDT7aYu2SIrgKh0tK7TFIARqjhVud4ZyjyNKUdkNtv67-4Lj4wd-aDEv2asaVi8Arx_SsK0pSAOtFINTB21xQIcWKXU8arW7fDgBAGABp2MxaHamNe5YaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Lc_rIBiAirvBeievzCHp7qCxMkg%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Apr 2022 09:35:22 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame 4E94 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=fRC3RiCe63pgJS8mzm0cqsyVMG350J6XqNz1lEJXg2CQmval4AZtkekCz_MmvEchMTA9aKT2_VZK2uvyqJyLRrgu5wmtlS5qLDJ6bCR51KV_lui8ma5jYqdjvB_kiCYPFtuUOuaZblaGnEHuUeovTZp9s-TSF_yqYMYvJjV_D1-OKtVdamQHtoR4MvpxxBBX6lIzcFfQdDVsXChl4ZVkij9C3TTWCJn9SFz6B7lgKmCw7u8fmPL9UyfRBR9j5Msu37KhyyHVsyg6WG6r&sds=2&rev=81333&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmuxTgAIZlkIu_1TAA_mI_MSE1Y2qHVlR6n7qQ&u=%7CzTp3kVNQobBVwk0VfLvcchIHEohsHNpxjahtZc%2BRogE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SzYwmM1B4WHBE5Ha15sIY5qlN4XTelAMj2o2nGTMStCTmg0qp_8SV9QiS5djgtGtLsyEVcZVExTD_1Yn4wiaHIMN3UxMBMYoT5go6cJcKGtT3FCivgPJC4le7XxZZ2x-G7RH03YDMQ3lWg7KGaH4018oRnzocyqZdyIn6zK_DZXIsGUXhyDfqqacGezgGWGtTq_DWWRZhoa_AJyaWV0HBZ1er_Gcxg7HNcfqRG-iU_2_uzEcZxHgvO-AVsNVdztZOZ7BnCCqwhUlAsnfC8hCfapBjeEbL9qcVzsjdWjXsAXng_ONbm9tnqR7g0AVvpJatbK8Zvp9vC0mKPdG6GOR0bS0zJT3HPm9Cf_42mMy2rnK5iul_Pi8tNFUuGFnJepT-2fvtnlfaaq9-Ns3no_LSEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ-eqTrFrYtnMIdP67_UPo8y_gAXkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0zMjM4NTU1MjE4NTg4NDM5oAG91IjrA8gBCakCorsHpF_4tD7gAgCoAwGqBI4CT9Dltqrp90IhsSUqLyvjLNf_CM-ZFJlfQCoMamP-FE5JpBZBlVYY9nWguaSTCRyQDRCmsj-nUVEg_C0nzoncNdfk6r6z4bva-f5u-qg_7ijQf6Di6ca46ge5mu-z2dPUoDBNIe9PNj1vqRyKuXqvXaEizQdWPa4Mw7eOGrh7nL9s3qSgDOHcSUpMpOvdVczYPDfMolJDPYLZrD-FVzpNze0rjaFv9CewS4tJQqC6ds42VMT20DcgLMmbR_Fhqd5vuWN02WdanNR278_KQptuFSUhw49Z15Q6CE3vrjbo2YK5vLWnLW6INwVwaCd_aTbWdS6BFs0W_JjcfI7Hey6T-WmYdkHwXeKWFe8mJ3gV4AQBgAbQ9o35gpjxkq8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0xC-s4WRC2RkuidXgjAR7Akk0D_g%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Apr 2022 09:35:22 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
widgets.recruitology.com
URL
https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Domain
widgets.recruitology.com
URL
https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js

Verdicts & Comments Add Verdict or Comment

262 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| x00_0x1c25 function| x00_0x4104 function| x00_0x1f86 function| x00_0x7e8a object| _Scanner function| pbjsSetConfig function| getGTagAdSizes function| getGTagAdSizesWithLimit function| executeParallelAuctionAlongsidePrebid object| PublisherCommonId object| PWT object| pbjs object| googletag boolean| gptRan object| prebid_bidders number| PREBID_TIMEOUT object| bidSlots object| outOfPageSlots function| loadPrebidAndGPT object| apstag object| slot1 object| slot2 object| slot3 object| slot4 object| slot5 object| slot6 object| slot7 object| slot8 object| slot9 object| slot10 object| slot11 object| slot12 object| slot13 object| slot14 object| slot15 object| slot16 object| slot17 object| slot18 function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| GlobalAamNamespace function| aamsitecertifier object| _sf_async_config number| _sf_startpt object| jwDefaults object| webpackChunkjwplayer function| jwplayer function| createJWPlayer function| loadJSON function| shufflePlaylist function| updateJWPlayerThumbnail function| removeVideosOlderThan function| createModal function| openModal function| closeModal function| createJWPlayerVideoGallery function| populateGallery function| createJWPlayerAdbox function| createJWPlayerVideoGallery_homepage function| populateGallery_homepage function| createJWPlayerVideoGallery_dynamic function| populateGallery_dynamic object| Insticator object| _comscore function| fbq function| _fbq function| __handleUspapiMessage function| __uspapi object| str1 object| HSA_OBSERVE function| lozad object| _wpemojiSettings string| player1_element string| playlist1 object| player1 function| labnolThumbDBN function| labnolIframeDBN object| _cb_shared object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError object| Rollbar function| rollbar undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| labnolThumb_2 function| labnolIframe_2 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| joinNewsletter function| isToSPPAccepted function| setToSPPCookie function| getTOSPPCookie function| createTOSPPCookie object| AdRefreshControl function| setHSACookie function| getHSACookie function| _ object| wp function| Popper object| bootstrap object| StyleFix object| PrefixFree object| _cbq object| apd_options object| atsScript number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized boolean| apstagLOADED function| InvalidInputHelper object| ggeac object| google_tag_data object| google_js_reporting_queue function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| _cbm object| cswidgetoverR object| pSUPERFLY_mab object| pSUPERFLY function| pbjsChunk object| twemoji object| gaplugins object| gaGlobal object| gaData function| udm_ object| ns_p object| COMSCORE boolean| headerTagInjected number| insticator_tg boolean| abpStatus object| InsticatorXmess object| Snowplow function| recruitologyAutoComplete object| recaptcha object| closure_lm_683350 boolean| fifabAlready function| fi_fab undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| ats object| _mather object| _matherq object| tid undefined| google_measure_js_timing object| outOfPageSlot11 object| outOfPageSlot12 object| outOfPageSlot7 object| outOfPageSlot8 object| outOfPageSlot9 object| outOfPageSlot10 object| outOfPageSlot1 object| outOfPageSlot2 object| outOfPageSlot3 object| outOfPageSlot4 object| outOfPageSlot5 object| outOfPageSlot6 object| InsticatorApp string| insticatorHeaderCodeVersion object| __webpack_exports__ object| instBid object| ads_list object| embeds_list boolean| isPageviewSent object| federatedObj object| confiant object| fiUtils object| $FIslowSelectors object| $waitOn object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| csWidget string| gaName object| gAservice function| csWGa function| instBidChunk object| __connect object| esc_cfg string| ahm_cs_gtm boolean| ahm_cs_loaded object| regeneratorRuntime function| confiantDfpWrap object| ampInaboxIframes object| ampInaboxPendingMessages object| dataLayer function| postscribe object| google_tag_manager_external object| google_tag_manager object| ahm_config function| ahmpbChunk object| ahmpb object| mnet number| x object| ahm_adParent object| ahm_friendDiv object| pubgroup_config object| GoogleGcLKhOms object| _clrm object| google_image_requests

74 Cookies

Domain/Path Name / Value
www.staradvertiser.com/ Name: _cb_ls
Value: 1
.youtube.com/ Name: YSC
Value: ytWRW3mKJJ0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: QjTd2erEpqs
www.staradvertiser.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.staradvertiser.com/ Name: _cb
Value: XrAkXB0EUmPCpMBPW
www.staradvertiser.com/ Name: _chartbeat2
Value: .1651224909128.1651224909128.1.B1Je4NCr23srBJryUpt00evvZ5oz.1
www.staradvertiser.com/ Name: _cb_svref
Value: null
.staradvertiser.com/ Name: _ga
Value: GA1.2.1497013893.1651224909
.staradvertiser.com/ Name: _gid
Value: GA1.2.739477006.1651224909
.staradvertiser.com/ Name: _gat
Value: 1
.postrelease.com/ Name: opt_out
Value: 1
www.staradvertiser.com/ Name: _gada_ses.6fbe
Value: *
www.staradvertiser.com/ Name: _gada_id.6fbe
Value: 82b20e16-d152-4e88-8670-ae59cd5cdf9e.1651224909.1.1651224909.1651224909.c56ec52a-8888-4cb1-bf6d-ef01d83892b0
.scorecardresearch.com/ Name: UID
Value: 162eb29e37e69f13f74080c1651224909
www.staradvertiser.com/ Name: privAu
Value: 0
www.staradvertiser.com/ Name: ntvSession
Value: {"id":4705386,"placementID":1102376,"lastInteraction":1651224909687,"sessionStart":1651224909687,"sessionEndDate":1651276800000,"experiment":""}
www.staradvertiser.com/ Name: plsVisitorGeo
Value: GB
www.staradvertiser.com/ Name: plsVisitorCity
Value: England
.staradvertiser.com/ Name: _ml_ses
Value: *
.staradvertiser.com/ Name: _fbp
Value: fb.1.1651224909848.1530828426
.facebook.com/ Name: fr
Value: 0hfri3THfftETuIHX..Bia7FN...1.0.Bia7FN.
.staradvertiser.com/ Name: InstiSession
Value: eyJpZCI6IjIyNzYxY2IxLTdlM2MtNGJmMi1iY2MwLWI3NDNkMTlhNTMyNSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
www.staradvertiser.com/ Name: _lr_geo_location
Value: GB
cdn.firstimpression.io/ Name: OAID
Value: GDPR
www.staradvertiser.com/ Name: emailhashes
Value: []
www.staradvertiser.com/ Name: heCooldown
Value: 1
www.staradvertiser.com/ Name: _sp_ses.6fbe
Value: *
www.staradvertiser.com/ Name: _sp_id.6fbe
Value: 864c31cd-607c-4864-a4b6-ad500de4577a.1651224911.1.1651224911.1651224911.9e7aa9a2-8940-4bd6-b3fb-517a56071e80
www.staradvertiser.com/ Name: _ga
Value: GA1.1.1497013893.1651224909
www.staradvertiser.com/ Name: _gid
Value: GA1.1.739477006.1651224909
www.staradvertiser.com/ Name: _lr_retry_request
Value: true
www.staradvertiser.com/ Name: _lr_env_src_ats
Value: false
.unsplash.com/ Name: ugid
Value: a4f9f29b986a95be40a22cb5d8eef3935504083
.adsrvr.org/ Name: TDID
Value: fcafa022-0209-46f5-aa15-1841d01ad42f
.doubleclick.net/ Name: IDE
Value: AHWqTUkWLkglv2iQ8xuIBsgKK2XqSAxc5aPn5fX27kc9m79wC2k35s7H6J9UeoPPaEo
.staradvertiser.com/ Name: _gat_Insticator_Embed_v4
Value: 1
.adnxs.com/ Name: icu
Value: ChgIw6tREAoYASABKAEwz-KukwY4AUABSAEQz-KukwYYAA..
.adnxs.com/ Name: uuid2
Value: 4613526500108696089
.staradvertiser.com/ Name: panoramaId_expiry
Value: 1651311311067
.rubiconproject.com/ Name: khaos
Value: L2K8OFPE-1R-2PR8
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qp7lxlQJjJxClqbBgMWySGKoH1GQZR6kugsjeDKZpe5AInzNfLqHCLAp+DLfj4MxeV95czRGi5AxQdqCkcJ2brUifSQQ4ZUv80ZLwUt9PGpAg==
tradehouse.advertserve.com/ Name: AVPUID
Value: e0740bf1bc446e5c2a54ef70aaea227e
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1652400000%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D992D1E8-2C76-4621-B2D3-1CA1FE7AB160
.casalemedia.com/ Name: CMID
Value: YmuxUs.OnojhGGWNUnpngwAA
.casalemedia.com/ Name: CMPS
Value: 708
.casalemedia.com/ Name: CMPRO
Value: 1823
.casalemedia.com/ Name: CMST
Value: YmuxU2JrsVMA
.pubmatic.com/ Name: PUBMDCID
Value: 3
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVSpmXk7!]tbPl1M>e)ZlrFUfJ+tGXxoeNSR49YtDo4<D!Q6:#DomaSFBFX^X^_qV(w33If)y3KL9D3I?+7'5NS=
.pubmatic.com/ Name: pi
Value: 160074:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.casalemedia.com/ Name: CMRUM3
Value: 2d626bb1532760CAESEONC_AvqVDQEDibuRT-AZ5M
.staradvertiser.com/ Name: _pubcid
Value: 75be7c88-5cc1-4e00-97fa-0118c90a611b
www.staradvertiser.com/ Name: cto_bidid
Value: 36Seq180WTVGVk01R00lMkIlMkZ4WXkyT2FMc3ZnN1YwVlRKOEJZYkN4UFE4UDJJZEdRTEs5Q1NEbEZuVElFSUw1R3JTZVJ3VCUyRjZuNnJrc1lpYmlKOUdBWFNLJTJCcnN3JTNEJTNE
www.staradvertiser.com/ Name: cto_bundle
Value: tLRuL18zcVUlMkJzblElMkIxMUclMkJua3BOWDZtd29EaTI1ZGhDUU82bzRJY3lWTUtFaHJoS3R3eEVvWjNORkdQeHFIR0FnVU5GRjJkaEJKY2NtZzMlMkJ0eElrRTRScVlLSnQ3QTV5bFRXJTJGbVFhQW1wdnMlMkY1cUtKNEhTSHdtQmc3aVZLUUJYRiUyRnQ1
.ctnsnet.com/ Name: cid_51dea262f95e468eb7c5c1949bd4e38f
Value: 1
.simpli.fi/ Name: suid
Value: 7FC55686B2FF4B83A59903DAAD9C4A27
.quantserve.com/ Name: d
Value: EDwBCQGCJoEA
.quantserve.com/ Name: mc
Value: 626bb154-5154c-931fd-b4673
.adform.net/ Name: C
Value: 1
.360yield.com/ Name: tuuid
Value: d687cfe7-7134-46e5-99d8-9beae64d241f
.360yield.com/ Name: tuuid_lu
Value: 1651224916
.adform.net/ Name: uid
Value: 2310939970289016532
.staradvertiser.com/ Name: __gads
Value: ID=4b5d03e2bdf1bf4a:T=1651224910:S=ALNI_MZYEaD8w56ZL3j-ikd9dmd_30TLlw
.advertising.com/ Name: APID
Value: UPadf3666f-c79f-11ec-bd34-02087eb080fc
.spotxchange.com/ Name: audience
Value: adfa1e96-c79f-11ec-9086-1189f5600306
.analytics.yahoo.com/ Name: IDSYNC
Value: 1762~24ll
.yahoo.com/ Name: A3
Value: d=AQABBFWxa2ICEMJEOp-F4eA5ssNHGNliAJIFEgEBAQECbWJ1YgAAAAAA_eMAAA&S=AQAAArrLivqBjJD5PQUpwP1ZVpI
www.staradvertiser.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22fcafa022-0209-46f5-aa15-1841d01ad42f%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-03-29T09%3A35%3A18%22%7D
.go.sonobi.com/ Name: HAPLB5A
Value: s578|YmuxW
.tribalfusion.com/ Name: ANON_ID
Value: ainsIHt3er76AxvPAB90pZdiDBXOj4EECmIVceTsq4FT07ePkZb6nZauA6kp0te1IVq3gZcwVXkqEHhV7XJVrUBsQ6FN
.staradvertiser.com/ Name: _ml_id
Value: 5798030f4b74c6ae.1651224910.1.1651224920.1651224910

6 Console Messages

Source Level URL
Text
javascript error URL: https://www.staradvertiser.com/
Message:
Access to XMLHttpRequest at 'https://widgets.recruitology.com/lib/search-bar-autocomplete.css' from origin 'https://www.staradvertiser.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.staradvertiser.com/
Message:
Access to XMLHttpRequest at 'https://widgets.recruitology.com/lib/search-bar-autocomplete.css' from origin 'https://www.staradvertiser.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1273
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=382&friendly=friendly_1306139728&pid=0&fr=400&frlm=1&random=1306139728&encode=1&origin=https%3A%2F%2Fwww.staradvertiser.com&referrer=https://www.staradvertiser.com/&cturl=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssr9d6MNAYkZfdJjbej7l3oYuJiM4zh45YV89iFf1xjwCveKoCpohGJRa1acmL3038eeGWfqXcdAmsGuxRMK4-Nnxa6C0k9vqyMM4iqB893BCNEeDcT6amHGuUOInhAjOgxZR-Wy_IeqmF5DX8Lk324ZeZJ1A_uq3NZ-HBW72cSyqYd_DjrAuhDsKXlh9hKvQs47szlEK4vjtjFXPlo2b5ZnRepElEsBL6k8HyDhuLzwHLmcCoRNXjhqMb8FnhkrLBtmEnH97P3EmSuq5Ptxf67GHRgg29m02SHlS1GydLhX1FJHS__Dg11Z7QmJbYs9BbVoQ&sai=AMfl-YTXd_4IgRqfEaTHgmGuLQ_f7b3Fn2Uu8SZH_kTG730Om8Pkbwn5K8oU0XJyBsM9j5ZUljQxJECg0JLO27D5KGfvJX43QhAUQ0qdsfHR86tJw9IrDWq3D5TyLnprfU0&sig=Cg0ArKJSzO0DVTWdAKEtEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13c2cc90d8957b82faeeb762966ae3d3.safeframe.googlesyndication.com
1608fa0352b8b16d6a0658acf32ff92f.safeframe.googlesyndication.com
a.tribalfusion.com
aamcf.aamsitecertifier.com
aamcftag.aamsitecertifier.com
ad.doubleclick.net
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
americanhometownmedia.com
analyticssystems.net
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
assets-jpcust.jwpsrv.com
ats.rlcdn.com
auth.instiengage.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
c3dceaec0c67cbad3c921e3d3884d357.safeframe.googlesyndication.com
cat.nl.eu.criteo.com
cdn.cityspark.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.materialdesignicons.com
cdn.polyfill.io
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
cm.g.doubleclick.net
cms.instiengage.com
cms.quantserve.com
confiant-integrations.global.ssl.fastly.net
connect-metrics-collector.s-onetag.com
connect.facebook.net
content.jwplatform.com
csm.eu.criteo.net
csp.azureedge.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d3plfjw9uod7ab.cloudfront.net
dclk-match.dotomi.com
df80k0z3fi8zg.cloudfront.net
dhukrzx4tb.execute-api.us-east-2.amazonaws.com
dining.staradvertiser.com
dsum-sec.casalemedia.com
ecdn.analysis.fi
ecdn.firstimpression.io
eua.instiengage.com
event.insticator.com
event.instiengage.com
fastlane.rubiconproject.com
firstimpression-d.openx.net
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com
hawaiirenovation.staradvertiser.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
images-na.ssl-images-amazon.com
images.unsplash.com
jadserve.postrelease.com
jnn-pa.googleapis.com
js.matheranalytics.com
mab.chartbeat.com
match.360yield.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
onetag-geo.s-onetag.com
origami.secure.ownlocal.com
p.cityspark.com
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.advertising.com
polyfill.io
pr-bh.ybp.yahoo.com
prd.jwpltx.com
product.instiengage.com
protected-by.clarium.io
rcm-na.amazon-adsystem.com
recruitology-static.s3.amazonaws.com
rsms.me
rtb.nl.eu.criteo.com
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
sa-media.s3.amazonaws.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
snowplow.ownlocal.com
ssl.p.jwpcdn.com
staradvertiser-hi.newsmemory.com
staradvertiser.com
static.chartbeat.com
static.criteo.net
static.doubleclick.net
static.instiengage.com
stats.g.doubleclick.net
storage.googleapis.com
sync.search.spotxchange.com
sync.teads.tv
tag.1rx.io
tag.escalated.io
tpc.googlesyndication.com
tradehouse.advertserve.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-central1-kube-ownlocal.cloudfunctions.net
us-u.openx.net
use.fontawesome.com
use.typekit.net
widgets.outbrain.com
widgets.recruitology.com
ws-na.assoc-amazon.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.staradvertiser.com
www.youtube.com
yt3.ggpht.com
c.amazon-adsystem.com
static.criteo.net
widgets.recruitology.com
104.111.242.245
107.178.250.234
13.32.121.72
142.250.184.226
142.250.185.70
142.250.186.130
143.204.201.103
143.204.214.81
143.204.95.188
143.204.98.101
143.204.98.116
143.204.98.122
143.204.98.127
143.204.98.54
143.204.98.71
151.101.193.194
159.122.14.34
172.255.62.202
178.162.133.150
178.250.2.131
178.250.2.135
178.250.2.146
178.250.2.148
178.250.2.150
18.156.0.31
18.196.16.227
185.64.189.110
185.64.189.112
185.64.190.79
185.94.180.126
20.60.81.107
2001:4860:4802:36::36
213.19.147.42
216.58.212.130
23.206.210.112
23.32.59.34
23.35.236.201
23.35.236.247
23.35.237.64
23.35.237.86
2600:9000:206f:3400:9:78a:e540:93a1
2600:9000:206f:f200:1d:d7f6:39d0:c781
2600:9000:214f:7800:1c:386f:ec80:21
2600:9000:2156:3600:18:1fcd:34f:cdc1
2600:9000:2156:4200:14:c3e7:6780:93a1
2600:9000:2156:4e00:17:5bae:c7c0:93a1
2600:9000:2156:5200:10:3422:3f00:21
2600:9000:2156:6c00:1:a3fa:7cc0:93a1
2600:9000:2156:7600:1:a3fa:7cc0:93a1
2600:9000:2156:a800:13:a391:88c0:21
2602:803:c003:200::51
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3030::6815:251b
2606:4700:3037::6815:8fa
2606:4700:4400::6812:230b
2606:4700::6810:5914
2606:4700::6810:7daf
2606:4700::6811:190e
2606:4700::6812:acf
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2002
2a00:1450:4001:801::2004
2a00:1450:4001:801::2016
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2010
2a00:1450:4001:828::2006
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9a
2a02:2638:1::13
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:26f0:1700:d::1737:6ea4
2a02:26f0:3500:7::17d8:4dc7
2a02:26f0:3500:7::17d8:4dd1
2a02:fa8:8806:13::1400
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:1b::720
2a04:4e42:200::282
2a04:4e42:600::626
2a04:4e42::282
2a04:4e42::626
2a04:4e42::714
2a05:d018:d29:3602:79ce:4a08:37f6:a715
2a06:98c1:3121::7
3.123.114.98
3.20.170.211
3.213.231.202
3.33.220.150
34.120.133.55
34.120.58.62
34.196.36.29
34.68.132.100
34.96.77.232
34.98.64.218
35.184.218.133
35.186.193.173
35.244.159.8
35.244.184.131
37.157.5.142
37.252.172.36
46.105.202.126
52.160.40.218
52.203.237.243
52.204.11.137
52.206.107.56
52.213.127.205
52.216.147.3
52.28.203.152
52.3.110.18
52.46.132.238
52.49.221.146
52.57.149.120
52.88.84.193
52.94.230.46
52.94.233.131
54.221.248.213
54.36.109.46
54.78.253.158
66.155.71.150
72.251.249.14
89.187.169.3
99.83.181.31
000435bad3dc341068418388d59f80a704c6db6f271421e9aeb9c5689ce4f2c2
002eb87fc5a792a8f14c974b574aae22c22969d5b3eac081d97126b93491ca91
0159831273549544cb9ff04cb7f31edfa5797d9aa4bf1666636bdca542479b76
018a6ba81f499f8c19ed8bf09b3f6fbe80ba35248a1fa3b1f92328d4533fb6bf
022bf254abddeb4a37288df2c544421e67ddfe96fcd4507b93dd481f009c6dfa
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02b37a706f12d1dadb67d054d5c88dc6b266bcd97f818d6af28a64b908e0dd1a
034018b02029678b3ac3c1ed20ca7d1551fba13a6a1a38c8210ee5e21ef82f28
04c6c33b53a94538adfe6a03dd215ad983b9e61911dfa942e3d3930bf83f314b
04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa
05109c2176e4f67c3febe45e2803616227300b0e6d6499547a10970d59e85365
05488f9b88e6509afa4c9438d1352309aee2b020a508c76d66f5691f03824ff1
0697912270d4ad04615851261fa60a3db4bc88e3c0316d1c97fdd3a5a7c68931
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0724e2502860eabff470babca552cd1a5d23312a5a5aa86b6d4fa1bdde4ca969
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08d911adf333fe7a15691fd03207e76cb33a0a006075b0c33dd452ad46192b04
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0992a63e09bd6c7583e8aab385f6d943430b68526f2658837bd9d64167b03384
09c57c1fa6f8e1339edeb5e8a763182f3ea2c866903f5cf8fa51f11ea21c5ed5
09dc0765a9dd7efe2c16814e023c0509771ef4cf8dd880a306c59b765942d983
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34
0a2176bad5be68ea7fe742d9ea76084443f8891101898e212361a057b291ca62
0b112f1a68c0e27c4d7b3de210c64f22346f89d75c942431f29dd67ac2a7ccbb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c8d797886442e55fa5170fcf3586ed6e57f226116f583e5a354266d838c60fc
0cd32786d1b0a966d8017aacb4c5bdfe03e9239d9acf3d8b063a9d941123efbc
0d4a8b3f073b714f473f11682687745c8bede6e0cccc2b027fe5693e7d213422
0d7833196894b879b5e83c479db940de5f0633ec37b73e6bc075773ecdd3d3d9
0dd9b4265c1eaff6f2f4a0f6a5e03d163f9a831328afb2ca882e08fd5ce74e24
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c
0e62bb7a2b5b9db9b16885dcaf148afac5db086925988f0224d4a8081d1da3a4
0f8bcad6d3235bf3a6e15ea1c1d0fdf332fcd3f23f03c9ad83778800de0e36aa
10506d1f1da8a74b2f5e38e95866f9c415e72a980d4d4ea75a3ccfaeeac50daf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3
12617a86d84e318f81b68310fb64c66b79059877e1b550d2e7a43472e0c417f2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13516ba585f7bc601f104eb718303eb7d44a76bbfcaf804707b74130c1c2b008
144af7bafe02560b9d2ef48a35c13844873b533d84db56b03b0f19263cb7437f
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
15e25cd0ae9b52d5a1d1df19dc9e3ad6e5bbce6814716976968c55054e035c6f
16e9e81f2507a6ddb3483718f974a6cb5545aff6758e7f4eadaf39fa3231d965
16f47170060181280b60c8366c80b5a4688dab4f5e72a8c19b6dcdb1ab46a4a7
172f0803f0a8cd8bd5146ddb0d2dab2c3a9b94a6724ab75ce550ce1a4cc51b57
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
192cea5d17040b5b355a4c9a2c904e6b723d893dcd4dea182d2ffb0530c171e1
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
1b8b1b0a56d01ec7fbb4f0807eba4d8bb67fe56bb24d68388ce781396eaaefc0
1b9afa35ed543cc9634428b704769e417125e768c2f699389f514a3287c02104
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bdd3e645e5be204ed300083ad58af70cd5eb69e6b4235bc5b6f7e98170951f0
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e76c10cb2c16a8f3fac800e6a3b21fac4f72758fe2d046c2cdbdaa80ea45d6a
1e884bfb7c5fd4ce3d17a9532d2484565d3fc8672304396113f428898a966e0f
1f0145778138cb497a62cabf12b7c85089df6bb1e86e14f866be1f3ad9225695
202429ccb6f57188e34c3984d9c0a594d0497eb4c7bb4674453680e5057d9cd8
204e705175a48f8019fb8dcfde96d2479047e3aaf7f55dd89f6bb01a56e80dde
207a3ecc59ae4858d13fca83b85f4613b9e578641f52d2f2adc819dfe6a04e9c
21ae863e166094b37618bb195db2b44719d89ea2f7748b02ef140c6ed03f0370
22a46dd7af4f7c8a5df89fcbef80ec062753f812b71d31aeb4a0d0ad70b405ad
22d2dbc568d9b2b5842846a10a2f884a2612cc721ebff2864a8d710bb7151991
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880
24e983068ad09803fd40dd74557824b5a066d61ab84aa78ea95a573bf682f0d0
250bee9b1d22d7bc2c6edb93370866ad8834068990dee4de16a768ee40f37366
27887b6fdbd2e12fdcee92146545aa700ee894976e0c0744b6c81d73a6010403
27a248eda1fdeed115a09b6721edd068770883206d013e5b493a12aab50a7c41
288306dc7cfad98e8115853dfd762e7a2c97e1493f067e44ff7bf9c4b98ea675
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
296f930cd2b76e267d23f736bacb316afa96ca56a6407ce919fb01c818cc1e07
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107
2aa1867a871ad01ddd5ae738635916fe9fa7830b61b6dedf692939adb248a9d1
2b174c2de49f6aa7f8b72125c63c163012b9ff34afdbdaea39b4c499e1d16df8
2be8a335f1c123656c3becf260436dc05941f744ab714686d70df5574a198ec9
2bf6486ab76fc6be7797b5810b256e35b847c75bc66d9b1abaf243aac3abe105
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2c1cd74e1bae371d24605770bb65b81c31ffebf43e45ff01b535b23bea87f4da
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dc47a73f81502d1fa622236090b445485f3a153e20e3f358af11932c3bbcd62
2e2b9fc79630f4a0887f5bb50562844cef96bd421455a15f15bd40dacc967b75
2ff0a7e9a40ed693b1ffbd12e6705f64adf28953141f7a0e5c7166e6aa379391
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
338be05f56a3a16bc3d0f3027460cbcccbe587b4d054a2c78fe080d3c8c13a58
33c002e144d2f01a2b5ed89a40dca710f0ac4d04fe7e3ca0ccfedf93e4adbb63
33edcc8df004f4ddd374961d453e0bd40a66f741500ffb2a6f0574a8a116cb76
34a5c4bed39317c01fec6a3020b58a2bad43f396ef3976e6f3383a21284f37c4
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d
360ee5d6175612cd743a0b016031656d9e659981119b3c97bf442269ea52da2a
3623590c6cb327d573341fcd7bd11893ac0ea6a62ceebccef73fac7ec7738f19
36380d5d2236d8da0d105b6de1bf9c6098fc832c12b62a2d88158560b17575bb
367e8ed7b3d5076def16d1863cc2b16a1ff3ce579e3e5644132ed5bada59db6e
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
3a20b0a28acbaafc252c351568cea2945799c82eda5e954787a5b39d7dbdd4aa
3b5763181df3509efbc1e0c2b6625586e64429c6761644390a256dd20aa11444
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac
3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a
3d886bf499b8ec0fb3aae648c618393a9103c9fcd5fda682a15a1e31f2ad1254
3d89c2129577439acb5aa4b0220bde998d6b1c8695668ed7d425a291573a36c6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e51ee69dd9c30198ed79a8b728c45a6a964c1e6f57fe515afc58e295b878390
3e7b4f2e637df623f887ab61f1bc2762b373f8f3f27948f48719339dfdaf7ad6
3f378a2f6996823e0e48f69a8abc5e472923de714e68f285a8ab70c66e7e17ab
419e764f9ea4545af6ff436304d2b73f965e7d5883cade5ee3519d0e8d64fc25
42197f868c8a022a8f36574a2ce910d007c7254e7282742500154471ca82408d
43700b9800ddc7b26ee1bf46a878b942908a720bd48a1809163d3a26de2944c8
447aa5491d25b1f0f9f9650db2d64945862c26b6c4c159a6b2e700f22b0daced
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34
45d8b6d4d7493eedb686e9ddd77cb882e960d4fd91a9409ba6073ac21e1fb0e5
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
48c636969eafa7311984f376fa0866fc454bf268e6657f5ac76aa8dd2e6678d1
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5a95853d6f93f6e7462e50f716c214e94133e4766ec97ff2aeeddee6c48f99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be319fc7e78bf1beb5b73bb76e33e445bf3170ebcd66fd72639743115287a2a
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec2946a760ad11af1762d0c7734e0cbe8dd55b227caa3fa1fed0583863580dd
4f221b892ae436d646292613b7f020842ef753099d5d07dbfb535936f4d8096d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f9d20bbbb11313d4609c06d5daa676809a24993966c02292d92c327576410ec
5022fcf9de86b31fb30f480f4aa29fe96298d33242f5455a778da9f3079550b9
504157d1de583660c4fe195ec972df624baff7d4c0a671b563df0b63e00f6866
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
534c4da7e6a6341d4016489150e882e97699d7d779e19d32f5b068a782d7a5c0
5481a6df70d9dbaf53b9b031ca30febb0ad0e1526a44b9b838ff9ebbf3352fd8
54c7f9dacbd3be07256357be812bd7edf74ac6938ab155493b599a39136e81d5
54e965f39e65ff1389722a89dd4dee4fb29d67467a9fe36128ec79d76058a044
554db807a6ac5cfda44cb03bf03e80f1177f53d03d8890b4a917cc2b0686d986
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bfc89aa9c7aa97db2e2d727b124c66255a19070cc324c9526ff3ff75de8d26
5790c964015d7b569677083d7d72c6b94473b6f6d191ac09c0d8367c7f706867
580316dd690d32cf07c2f08370edab8f8d1d36165720a370ea9aafd5fb4ff1b2
58654e8df89a12f73e6381de0e6db832fab1e304047586cfea12aea98daa9286
58b094270c4dd41e2cc2b8352194e59e0bc07541c84446968499bc8cf7e400b8
58e647d2e10426c5821d1d4472bfeaec38bd711e7b472b09b5852565967d2ce9
593c4cdb966c73a543a9e7ff408a359db5de6103398124601e6b3e63f96c0d2d
59920183728a98c992f20c4276dd296deb3b9dadc2d054c7ef8db8fb6ba91946
59cf99792109810f5d663f201f31a03cff810ed2132ccf824c56b3758762cfea
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ad5b628c419fe0b443f7c4d0f11f75ef466fe1c735e0750f55f4aea00fc7672
5ae36e513683654941c99ddc945bfb6749ed30d3332bdc7673edc099815ed389
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c01c7ea41386c8affcc3cc181df5ecfe9f2b06b81833af635b9aa25388ca633
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5e030f694f0db805c9991886ad55ad45628b1e63c573d7a74215af6fc8a43c9a
5e56464c792e6d5d87d73ab24cf31ea116d993f84a191846183803462fb9c7f1
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f6f3a3019b30effcca11605b80a93e7c77b469b63cba1021e894e202df8d83a
5f9d65febebe313988dfbe57683d9e72e634e9a2a94c2dc1a978895e66b40a25
5fad2d359162cdf19ffb1e1aabd623710200312ac634f186ea58dc7fb393d615
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60c3a58af679c4bc4b4997ebd21bdd8c10673d4969e8776f44b0d9e93b0c283f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6238da885f072c856560cc65bda22f94818c95e1af3c87190a97a3dcd9b172e7
647498a8efc5cf57506021c903344f7e4b78c2570926238744518c38a21e1230
658605a82a854756212c91c1eab58a552e0dce672f602118adfa2483f89f35dd
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
686e714a396ef9b1cb39f3c06f50dbc54b5105a6d3a7c41e013e624f3edfb84d
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
69ec8726d2d34395ea2105c6fd253ac6884efb8b95578bf4ad3ed75aeb4767ea
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
6b078a887633e489bea3993a5932c0b2d4d4041adcfb43a0d0465e1d38c456c2
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8
6ecc65c246f00dff9091e09d50b965909cba63d83acfeba649fc908150b36e96
6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0
707b6430691c0b90fa8a73e03a25fa1635473e6acc9d32d95b2dc134359f8ec4
72c47cf501e7ec69da0a142c9c696f0b9c9d8f90a4d3d86bb72f6226f2bd7386
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7704a8ff24dafe20df5aa870e7b4a31b7a2c24ab1437a390bd13cf07f4d3dcd6
778752f58d9fe2db0f680e2a03285576852619e61bd5105963446362413d65c7
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
78b8c5ebdcbe9b538d0326396c40f77c5e0f529318a4df6b8cdb6a578527c0a6
7993daa13b4ddc4aeab2693f5d63406ba74bcfcd526dc872406648395ff61ab6
79fef8990bbeae100c82eb30055721ac49b2baa695957bd4b5609cdb9fb46904
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a6d9ed7a90c64f9f4ad49b365f1d1dc74a96219d869cd9f8253b9a77c5a16ff
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
7c537635933bdb109235be95c56082b22bbb4e17e2b618cbb4ad7d783a807de4
7cccd3476a69740ad7c4be6f357e9060b5fb466785dd465577e2a98027585022
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7f7a2eff204787d41e37ca51909b80cbab14e7de622a15dae5b0c568b84d6335
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6
8049cffe5562f5d5de279ab34e40e0fc5a217283d06eafbcd79aee6d2659e9a4
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
81551509564a472b80706cbbb8ad91d0eac7bc0ffa81eb920c6dfaec47838939
817552872eaf9a3af960ec23d94c84565c310e73648811cc6525c6bae0515d09
8201af9bbcf421c490ef9dece80620c235a5bb690b2e752f0ba88cde14e158eb
8225f32dcf67aff11c3e51d3d4c3b53a3ef0330b9ba446375cdd357dbfdbb003
82d512d9de66d372be99b9169ce37787faaf6253487f07527aef39ce9651f11e
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6
84cf6138b6651f78fa922a2af3aaa49dea2278515197cc9de9d68457851fd77b
86ae6fd6baf0d2a79d19456e8b222842a469f766a64bd7b2dc9cfdf704163842
87228b5246ece9b12bac05b438794791bb67239aab563dafb7e43eb4ddfc8fa9
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
884a0619fc9ea8ee4ca2254a8704d2068d6ca530c931e8e75057334786ef74e9
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a41bd8ba79ffdfeee22f92c6bb530a736fcafe2eb8629331435a893f30bfe1b
8a78cef0b7848d146a9983a7ec0e37c321eef8a01d5847caa7483e5ecb86be04
8a83fb7f2e36f29f1256aeb8b2f1cb116cfcef216c3b6db1b91d9d408d58c7b9
8a9c802ab8e5a4b047640d7274355d39aedc2d353f5762552fcf5a77a374b573
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8abb083a257283bbd88d9996d0dc557487a4866ea05591343e48885148f7ddfb
8cb22f26870c311e1d6970f8f0ac4d264e19016d39627a957f0184d16ad4bdd9
8d05e043b5c85e5938506c0f498705cce97b5e2d8652f53925b03f210786f6dc
8de5c161a42b795271aef4c46b0a9ac74a16aba86ad278f7c06fbf62f8a90515
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90b230f3d61a83636d45f6dc7e0f2315f76fbcfc597dc032f452c3cf7b523efc
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
932bfd5cc555827a06d1d0ebb3c2c86a398803bfe36ad37bb519431679ca9b79
93f98faf5241d3b5844943b3bf1ff5b4402ba6db4e90992f262d147877484f78
941284f1352ad65210e4a48333bc4ec6ce4dc3ed0de3417ad9c2ecfc0760b82c
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
94cd1b8e956cc8f7582b1ced8c30618422449295ca9d5d6524dcf97f10f74fc5
95670370248fcfd8c4bbc67469514063441b1b6ed3bea5f4a2a206b3ab8bcba7
95e4656633c756c6d7b3883eb9e7c2ffdaa4ff077c0fa27a30893aadb5535948
969c577b1459c03ad78597e6c1f13a836dc74a439e9c17b0094bedf4d312e57a
97b1c6b79ed5a2fe7ae0ff6b31741885246be1b9c3153ca4a4e894952b1e490d
982fd78f58ce2a94e199e5b624969a8e7261b31955160fce4d1ea98bb36bafb0
9868daa89922df83ad98b8f727e0fea3b4589ec98b361c1ed25020f592f31739
9872c347a4672d8f795ae68d33e71cd09d2695992dc07977a8d3db3bb586d721
98c3c4d6c6d27a0744f2cdb46e68440adee89b70eb6be5a7f0235b5764ba053b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac30248f2a7d972d96606c7a20268df67aff52cf329ed4ec8ba6ff9ba2c2ab5
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
9c7ce6670a68db054c11d55db68f98c431c425940cfcb87458815b228eda06ab
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9e85dc0f7699e0a1ff54678b058435f14f7b041dfbc0001e44c1accca0b7efc1
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ac660767f0b902644fec786e9321a1fc2f2d50fac439eaaca062fb60d88124
a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c
a2289d15e4b9364f534f7843fd9df373fcc3c9a41dbf5706e5603e4a096a6caf
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2ee726740924a7519c8949fd581d218798979e48b062df5767668fd1051e5da
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a3d2e1e7066775143da6681809d6f2c359736315cbc6457e1faacf8647f3e4b9
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a58aea6180e81604ab9a58508d196d1102e6ba7cde05036b2efb295f0a0cec3d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8d4ea27103273c66b7aa702e4c34c0f877972f0323ef2c63c73cf29e8512b84
a903daca1436101447edbe1c0afc6da52244ee41727a5b7a1c37074a7d847396
aa22f02b904df277a53b83bc1966728c9857fb417d4d8bba3e5efcd3b8a84006
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a
aa6638fd6b14135367c46826b3dfea605fa7da5cca33ad8c2429456508826bc9
ac65c60307db2c323be645d2c72bdf669cda19ac634773a69f25b9bd1d812544
acc3c4b04f19bc9067921dc3e4ce4f734521bb13b9d0c9943e8fa9585797114f
ae560147811e1c76b5061cffd724cb6a148e633f4e23c601a98949f4b28dc770
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586
afe919bed467e2c393a9be950f96f68cd989e9b138749084e5e7ec8dfd6d69a1
b057c880cbce263eaf21e52b47c99822e68243a00a4a8ab698826328d7caeb85
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e2f3e5e3d8abe5f9d6bcf0a53e8e38e5ca4aa03ca49a4d96ac70736d77501
b2b95ac77ee56db4bfd75427a57a4458a8a191b4292702f34e29a0cc2d5c0751
b3c2b4bb5fd3899dc6027f6fe29521388cfb271d4730012690f5fd62a3564ce0
b4a6816894039d78e1a00716627d69fb916d88b284e07594fbde4babc8e289de
b4b01553d1ae1d88e824bfecb2048b0bc81e333cbcf191c98498c9d82bb83a1e
b5aa93e2ff11c0eb628a748208ca8ffa2bd6f5ab57417a4bdde556b6249b97fb
b80b524658ffc9c51ac8c392e6904606f33f687765bae4f62d2ca8bd935ce344
b818c83cb699a992c6ed8b6946c577dd312fcadf5f5533a0e19c77c17932d04b
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b929b38b2405889a56c6ef995871ccd3caa91c06ec93231cf4f9800f9d8485bb
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd
b9992e87acdce0b56ae06a416a40ba5b4771a9cd7701d97e9487044dbf1b65e0
ba1bfdef6fd715d9b9c3d6f09f1d1c46ae3e1abf8344750c22af4e57d1f7ee31
ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611
bba2c26504fb78a647b11f2899658f903be695b28af45512c2d0a8ee205d86be
bc111dcc5642aefd4f46aba66a155da8754233b1188d06e119e6bcff1a5d79ac
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be636d017ee1646b335cb4a9736126947e96ff6f9475a97dfb679bbb893c3951
be96ed494aea5719c48d3ff6f4b1035e8d409be5fc3cadf62f6f31291112773b
bea23a31da5384114deb6f497f82cbd2558a6d713e852ce56431d9516c42ca41
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
c0b29e6fe9b637641c352f93c201dcc4c5f2d61b1c450e0ee246b18f3c504aba
c1a476b3442043756f97fc98c480c06c65c74207e12ae6ba150eee21d7eed067
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c44d25f5a4c9d74e2983906ca05f02af6165fbc3da4ef41486b48454ac8e4169
c6a06df3cfb74c5f9607fb80a851fff26753ae79393aaa559b99c8a795494271
c6d36a345aad21002e4db0c4578eba8e9979a61c22f112f55ac95c166cabdaf9
c8208faba31cabb7ea3da9c8ba107f434e5c133a9bbc4071e7d040573fd4ad73
c84a710be43e6fc31c712a8e481ba1ceacaa2db050eaa5866b752d20163b1f56
c8f97f7bb6c6b29efc8b489b50e2cc611365d8ad152ee6ea7c13e8a013a27acd
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cadc72dc81a8e767b3da7e015267c1ed4eb439249277937a2e83f7d29876350e
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cb06d422519cd6190695a775b156cc4fa54bcd4455657717d4f3a2575bb4b732
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5
cbd54f1943122a56a8c176c044871e7e62b13b4e666c3adf6eb53950abcd62e1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
ce2b63243da727c9f82dba8f6baa73c0114c4665179ed0c777348c0906736b50
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8023810adc288c1dae107fc94548921a8039516477360bbc5093861f75290f
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
cfa7a03558006522a62cff68598a23b5df942a302f5d562ea8a1757465314e40
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d086ec3bfeee87bfd7a9b2db26eeb4cb02d8e4c2d7ee2ac61c743cf88917ae03
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0
d1b8c7fbb3b8804b4cfa4e5debed42582a3b193603a1dabd155fb814c7e93fbe
d240fae19e970dbdc7adca2b14dde7f8765f2242ce7d03fc22e139dca38dabb4
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2be56cea1a4dcdfe58a21865c56188678e70e0cb288a965f649829ad71d467d
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83
d3c8c63b8dc1ba55a49ce52f0a6b1942a9fe9ebb163651a4bdf130316f2bbbfd
d42cbc352a3906c4eee395b221e3ce3ac02a74add34fe2d49ffe73937e9e7da6
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19
d60bef1316dc12b91225f2862832123dfbd67ae192bda2d2dfd385130b42a07d
d631613979ffee11c042584426b0fc55027bea3c52c8a356ec6d0d0d0ce68861
d68dbe5cecf4c2852de8319488d82f9f8083584bc4f64fbf44464d3782b82fb6
d69d3dd781c3317bd5708cc89592950d6ecfec4581bf56f60d75870bfa9352cf
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d71e8cbdb53102b681f51bb059059ea3eb93148b75426a076f6c9206620b1008
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7ef763c2716b12a650799738dd8a49cb11f8124a5b766fbcebfdcb36e186abf
d85e7a9efc0ca2e08b8c657bdf56d98ae41a63bf5d7bc786bfdf773ad1541850
d8921a0fcfd2507826836106dcc06e0612c413bf3797cab39402171724b32df0
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d95ea93159f388c7cd3432cc02ccd0a9b11b12427e42f31783f2ddfa4bc5d0f0
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da4caa8b2aea08a79f746dbe84f3d8929e762f6c4f4bd0b2cc326e6b7478c76f
dc8d71c5560be6512b92a2c9f017d746d49d1eed1072920db8af83f78e561bc2
dca48f3a946bbfa6545510ed71076aa805c1b8a84bba5ecc79fa39ccfcd088f5
de1e0d9e8971a669bfc97e0927fe8aa73993247af029225547bd3dd3e9c9cec6
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df49b35ed9a124e990a699f6b0a2cc11060d5f7fd25c6f54babf2812f51d1c37
e0e83202a9ee204ef43f827c6577a14f183f0fb12e3b96ca6edb852d5c6d9a96
e0f9afd978bd46213b0bf16a6ddd54ef257e84dde88e9b428c373b501a2b0b74
e22d81df96f84590f13522e153316e6cd9a0d8a556e133be1e7f7bb87410a344
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42ac5786d36241b2bb8f9bcf603f775d1030b2f99442706222f6b57e83a654f
e4698b4a96bb1168e1aaa19bb26977135bfc517e2a03bc96ed7a198814238e9a
e4e330b75bce30e11721b1a4d4afc02a6ec19bd2b9c9e5cf8106ad097e402b8c
e57223601accd803ee944f5d48d2f5baafb59762a6c24074d0406211ed5369bb
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d3f7cad9534723e28aed704f7f5bcbb7f6a2323b2c29f01aa09bc3a46c930d
e62878772d6703fe4145eb94c1741320c9495e6efa3596d2edbda7263826806c
e664f86ab7de4fcdce327a2bbbce893026fd7d253147b9734bdba2aa29951e30
e6871437a654959244132ccb5de60da3bfecff72cc8d876771fbc2b3e54e1664
e6898529a9fb3345836ed98cace5af4654256503bcd69fd0df13b8745ef44d45
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e77b5a4735cd6675a660c3906a5ff1f4e963f44809c31f0c6b6e992dfa0a5e37
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6
e88310fc5f8dbb607eabb2bcd46788ddf3539ff0b32f42676e143f8860cbf4ef
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ea61548e9d5031954bac5839724821f0aa82d3a6ad15440cd592c551f21fa3b9
eb16e701b9e60db17e7ec8870ccd716bcabdcc777c7c86da2b78be38a3c1f0d2
ed4d00f8b9dc2c9e1b0b1caf5dd533c71bfccc30e61bb1122639f684f71f603e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f47d2e856e15811898277d3a1f455ab9b15d50920b1f351ada165287518bce68
f6714bb27f26b0d8aebe31f5a856ccd59f3f07636f2f23a9c0ad28307090fce2
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7008fb6ed25a1eedb24388fa3f2024f7be118b310d492699dcb6b3ccf06cead
f78e3422084b9a403f0d1fe0657cc8464a8b9ed4535a374608974e70539422a3
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
f9f282849d1cf8f3649ab2b38ee674050c4516b9cafe0c8eb5be6f7f5ce6a529
f9fbeaf40d2ffc26488be92110e35c3714a07273c7bc4d79f54c22017254991a
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
fb73da53fe9207b89ada560726660d130592cbd60f6297aec65d680a341cb9a4
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fba9a72356c099f08c586db5365803ee42e99cdd0156de5d74aea21b1f820bbe
fcb38585130ca0af25b2430265a71a1333f2d67aa910d9e567eaf6b625a10092
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
fd5313c41144897d6218a4c351b580087909c85578a445e7028442a2206eb963
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a
ff990708f1742064fb848a81f53edab5672739625bb6b0ebe08ceadd7f913c7d