star.setn.com Open in urlscan Pro
2600:9000:206f:fe00:1d:27df:6a00:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Submission: On November 13 via manual (November 13th 2022, 9:59:08 am UTC) from IN — Scanned from DE

Summary HTTP 737 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 96 IPs in 12 countries across 51 domains to perform 737 HTTP transactions. The main IP is 2600:9000:206f:fe00:1d:27df:6a00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is star.setn.com. The Cisco Umbrella rank of the primary domain is 277077.
TLS certificate: Issued by Amazon on December 27th 2021. Valid for: a year.

This is the only time star.setn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2600:9000:206... 2600:9000:206f:fe00:1d:27df:6a00:93a1	16509 (AMAZON-02) (AMAZON-02)
22	108.159.80.114 108.159.80.114	16509 (AMAZON-02) (AMAZON-02)
4	2a06:98c1:3123:: 2a06:98c1:3123::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
16	18.64.103.20 18.64.103.20	16509 (AMAZON-02) (AMAZON-02)
1 2	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
4	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2600:9000:231... 2600:9000:2315:1200:c:e0d9:2a00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
9	18.64.119.96 18.64.119.96	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:3800:1a:7b30:2140:93a1	16509 (AMAZON-02) (AMAZON-02)
54	23.205.242.120 23.205.242.120	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	18.181.126.176 18.181.126.176	16509 (AMAZON-02) (AMAZON-02)
5	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	3.131.225.240 3.131.225.240	16509 (AMAZON-02) (AMAZON-02)
25	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
7	3.34.29.73 3.34.29.73	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2600:9000:225... 2600:9000:2251:7e00:6:df3a:c980:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
13	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3038::6815:eb5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	52.78.160.161 52.78.160.161	16509 (AMAZON-02) (AMAZON-02)
1 2	211.249.220.158 211.249.220.158	9457 (DREAMX-AS...) (DREAMX-AS DREAMLINE CO.)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	183.110.238.136 183.110.238.136	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
1	103.243.202.190 103.243.202.190	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
4	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6834	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	65.9.66.120 65.9.66.120	16509 (AMAZON-02) (AMAZON-02)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
16	35.227.207.122 35.227.207.122	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
32	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
12	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
22	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
51	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2600:9000:225... 2600:9000:225a:b600:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2016	15169 (GOOGLE) (GOOGLE)
53	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	54.64.101.191 54.64.101.191	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
1	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
15	34.251.154.165 34.251.154.165	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	54.162.52.82 54.162.52.82	14618 (AMAZON-AES) (AMAZON-AES)
6	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.197.136 119.63.197.136	38627 (BAIDUJP B...) (BAIDUJP Baidu)
7	43.200.153.114 43.200.153.114	16509 (AMAZON-02) (AMAZON-02)
3	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
1	45.79.126.27 45.79.126.27	63949 (LINODE-AP...) (LINODE-AP Linode)
8	2a01:28:cb6:4... 2a01:28:cb6:4::12	39392 (SUPERNETW...) (SUPERNETWORK ^_^)
5	188.65.124.90 188.65.124.90	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
3	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	107.178.241.176 107.178.241.176	15169 (GOOGLE) (GOOGLE)
4	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
6	2a00:1450:400... 2a00:1450:4001:25::7	15169 (GOOGLE) (GOOGLE)
14	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
13	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
6	188.65.124.58 188.65.124.58	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1	188.65.124.91 188.65.124.91	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
4	188.65.126.245 188.65.126.245	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
3	2a00:1450:402... 2a00:1450:4028:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a01:28:cb6:3::d 2a01:28:cb6:3::d	39392 (SUPERNETW...) (SUPERNETWORK ^_^)
1	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::71	15169 (GOOGLE) (GOOGLE)
737	96

25 2600:9000:206f:fe00:1d:27df:6a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

star.setn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 108.159.80.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-159-80-114.bom78.r.cloudfront.net

www.setn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3123:: (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.64.103.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-20.txl50.r.cloudfront.net

attach.setn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2315:1200:c:e0d9:2a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

setana.setn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.64.119.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-119-96.txl50.r.cloudfront.net

ad.setn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3800:1a:7b30:2140:93a1 (United States)

ASN16509 (AMAZON-02, US)

oauth.setn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 23.205.242.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-242-120.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.181.126.176 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-181-126-176.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.131.225.240 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-225-240.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.34.29.73 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-34-29-73.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

ubas.setn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:7e00:6:df3a:c980:93a1 (United States)

ASN16509 (AMAZON-02, US)

recommend.setn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3038::6815:eb5a (United States)

ASN13335 (CLOUDFLARENET, US)

player.gliacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.78.160.161 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-160-161.ap-northeast-2.compute.amazonaws.com

r-log.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 211.249.220.158 (Korea, Republic Of) 1 redirects

ASN9457 (DREAMX-AS DREAMLINE CO., KR)

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
act.ds.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

idsync.admixer.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.243.202.190 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)

cm-exchange.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:c::5c7b:6834 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-120.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 35.227.207.122 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 122.207.227.35.bc.googleusercontent.com

pixel.gliacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

tw.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:225a:b600:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.64.101.191 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-101-191.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.251.154.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.162.52.82 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-52-82.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 43.200.153.114 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-200-153-114.ap-northeast-2.compute.amazonaws.com

sp-api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 144.76.238.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.126.27 (Mumbai, India)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 45-79-126-27.ip.linodeusercontent.com

api.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a01:28:cb6:4::12 (Prague, Czech Republic)

ASN39392 (SUPERNETWORK ^_^, CZ)

rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.65.124.90 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com

geo.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.241.176 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 176.241.178.107.bc.googleusercontent.com

onead.onevision.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:25::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr2---sn-4g5edndy.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

static1.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vendorlist.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.65.124.58 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed1.dm.gg

pebed.dm-event.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.91 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: st.dc3.dailymotion.com

speedtest.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

dmxleo.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.65.126.245 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: proxy-010.dc3.dailymotion.com

proxy-010.dc3.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4028:801::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:28:cb6:3::d (Prague, Czech Republic)

ASN39392 (SUPERNETWORK ^_^, CZ)

rr2---sn-n02xgoxufvg3-2gbs.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::71 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

s.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
117	criteo.net static.criteo.net — Cisco Umbrella Rank: 623 pix.eu.criteo.net — Cisco Umbrella Rank: 7562 csm.eu.criteo.net — Cisco Umbrella Rank: 7724	539 KB
79	setn.com star.setn.com — Cisco Umbrella Rank: 277077 www.setn.com — Cisco Umbrella Rank: 174747 attach.setn.com — Cisco Umbrella Rank: 148778 setana.setn.com — Cisco Umbrella Rank: 361142 ad.setn.com — Cisco Umbrella Rank: 347913 oauth.setn.com — Cisco Umbrella Rank: 461028 ubas.setn.com — Cisco Umbrella Rank: 373730 recommend.setn.com — Cisco Umbrella Rank: 491981	789 KB
72	dable.io static.dable.io — Cisco Umbrella Rank: 23131 api.dable.io — Cisco Umbrella Rank: 21611 r-log.dable.io — Cisco Umbrella Rank: 24788 images.dable.io — Cisco Umbrella Rank: 26456 sp-api.dable.io — Cisco Umbrella Rank: 48549	1 MB
59	googlesyndication.com 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 ade.googlesyndication.com — Cisco Umbrella Rank: 275	511 KB
46	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 309 pubads.g.doubleclick.net — Cisco Umbrella Rank: 430 ad.doubleclick.net — Cisco Umbrella Rank: 173	342 KB
34	google.com apis.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1952 adservice.google.com — Cisco Umbrella Rank: 72	106 KB
29	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 ajax.googleapis.com — Cisco Umbrella Rank: 304 jnn-pa.googleapis.com — Cisco Umbrella Rank: 261 imasdk.googleapis.com — Cisco Umbrella Rank: 413	2 MB
25	youtube.com www.youtube.com — Cisco Umbrella Rank: 94 s.youtube.com — Cisco Umbrella Rank: 761	915 KB
25	popin.cc api.popin.cc — Cisco Umbrella Rank: 26540 tw.popin.cc — Cisco Umbrella Rank: 72982 log.popin.cc — Cisco Umbrella Rank: 27591 r.popin.cc — Cisco Umbrella Rank: 29194 inrecsys.popin.cc — Cisco Umbrella Rank: 32699	134 KB
21	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11662 ads.eu.criteo.com — Cisco Umbrella Rank: 7609 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9333	347 KB
21	gliacloud.com player.gliacloud.com — Cisco Umbrella Rank: 58806 pixel.gliacloud.com — Cisco Umbrella Rank: 58113	140 KB
17	adform.net track.adform.net — Cisco Umbrella Rank: 3500 s1.adform.net — Cisco Umbrella Rank: 7708	244 KB
15	googlevideo.com rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com rr2---sn-4g5edndy.googlevideo.com — Cisco Umbrella Rank: 69812 rr2---sn-n02xgoxufvg3-2gbs.googlevideo.com — Cisco Umbrella Rank: 937177	3 MB
15	mediamathtag.com s.update.mediamathtag.com — Cisco Umbrella Rank: 8063	58 KB
15	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	667 KB
14	dmcdn.net static1.dmcdn.net — Cisco Umbrella Rank: 6147 vendorlist.dmcdn.net — Cisco Umbrella Rank: 10111	530 KB
12	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 58075 sync.logly.co.jp — Cisco Umbrella Rank: 67362	6 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	235 KB
11	dailymotion.com geo.dailymotion.com — Cisco Umbrella Rank: 5771 www.dailymotion.com — Cisco Umbrella Rank: 6369 speedtest.dailymotion.com — Cisco Umbrella Rank: 7635 dmxleo.dailymotion.com — Cisco Umbrella Rank: 6208 proxy-010.dc3.dailymotion.com — Cisco Umbrella Rank: 227576	168 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 2536	40 KB
6	dm-event.net pebed.dm-event.net — Cisco Umbrella Rank: 7317	1 KB
6	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1489	4 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	288 KB
5	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 29818 audiencedata.im-apps.net — Cisco Umbrella Rank: 38262	7 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	239 B
4	treasuredata.com in.treasuredata.com — Cisco Umbrella Rank: 4186	2 KB
4	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 37050 hal900021.redintelligence.net — Cisco Umbrella Rank: 269771	7 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 3284 pixel.mathtag.com — Cisco Umbrella Rank: 842	3 KB
4	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 97898	66 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	239 KB
4	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 146	5 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 201	104 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	79 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 725 syndication.twitter.com — Cisco Umbrella Rank: 990	133 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	8 KB
2	onevision.com.tw onead.onevision.com.tw — Cisco Umbrella Rank: 118787	952 B
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 115	177 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	7 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 557	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5922	565 B
2	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	97 B
2	cloudfront.net d31qbv1cthcecs.cloudfront.net	4 KB
2	instagram.com 1 redirects www.instagram.com — Cisco Umbrella Rank: 1210	5 KB
1	unibots.in api.unibots.in — Cisco Umbrella Rank: 40149	288 B
1	toast.com cm-exchange.toast.com — Cisco Umbrella Rank: 8477	609 B
1	admixer.co.kr idsync.admixer.co.kr — Cisco Umbrella Rank: 16988	884 B
1	kakao.com act.ds.kakao.com — Cisco Umbrella Rank: 17545	492 B
1	daum.net 1 redirects analytics.ad.daum.net — Cisco Umbrella Rank: 16692	568 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 867	12 KB
0	sanlih.com.tw Failed star.sanlih.com.tw Failed
0	alexametrics.com Failed certify.alexametrics.com Failed
737	51

	Domain	Requested by
53	pix.eu.criteo.net	ads.eu.criteo.com
51	static.criteo.net	ads.eu.criteo.com
36	images.dable.io	api.dable.io static.dable.io ajax.googleapis.com
32	tpc.googlesyndication.com	3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com
25	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net star.setn.com
25	star.setn.com	star.setn.com ajax.googleapis.com
24	www.youtube.com	star.setn.com www.youtube.com
22	www.setn.com	star.setn.com ajax.googleapis.com
18	static.dable.io	star.setn.com api.dable.io ajax.googleapis.com
16	pixel.gliacloud.com	star.setn.com
16	attach.setn.com	star.setn.com
15	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
15	www.googletagservices.com	star.setn.com securepubads.g.doubleclick.net 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
14	pagead2.googlesyndication.com	www.googletagservices.com star.setn.com tpc.googlesyndication.com
13	s1.adform.net	track.adform.net s1.adform.net star.setn.com
13	static1.dmcdn.net	geo.dailymotion.com star.setn.com static1.dmcdn.net
13	csm.eu.criteo.net	ads.eu.criteo.com
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net star.setn.com
12	imasdk.googleapis.com	player.gliacloud.com imasdk.googleapis.com geo.dailymotion.com static1.dmcdn.net star.setn.com
12	log.popin.cc	star.setn.com
12	www.google.com	star.setn.com 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.youtube.com
9	3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
9	ad.setn.com	star.setn.com ajax.googleapis.com
8	rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com	www.youtube.com
8	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
8	googleads.g.doubleclick.net	www.youtube.com pagead2.googlesyndication.com star.setn.com
7	pubads.g.doubleclick.net	imasdk.googleapis.com star.setn.com
7	sp-api.dable.io	star.setn.com
7	cat.nl.eu.criteo.com	ads.eu.criteo.com
7	ads.eu.criteo.com	3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
7	rtb.nl.eu.criteo.com	star.setn.com
7	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
7	api.dable.io	static.dable.io
7	ajax.googleapis.com	star.setn.com api.dable.io hal900021.redintelligence.net
6	pebed.dm-event.net	geo.dailymotion.com static1.dmcdn.net
6	rr2---sn-4g5edndy.googlevideo.com	www.youtube.com
6	r.popin.cc	star.setn.com
6	secure-gl.imrworldwide.com	ads.eu.criteo.com
6	connect.facebook.net	star.setn.com connect.facebook.net
6	fonts.googleapis.com	star.setn.com player.gliacloud.com api.dable.io
5	player.gliacloud.com	star.setn.com player.gliacloud.com
5	www.facebook.com	star.setn.com connect.facebook.net
5	api.popin.cc	star.setn.com api.popin.cc
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
5	www.google-analytics.com	star.setn.com www.google-analytics.com
4	ade.googlesyndication.com	star.setn.com
4	proxy-010.dc3.dailymotion.com	static1.dmcdn.net
4	track.adform.net	hal900021.redintelligence.net s1.adform.net
4	in.treasuredata.com	api.popin.cc
4	www.gstatic.com	www.youtube.com www.gstatic.com static1.dmcdn.net
4	jnn-pa.googleapis.com	www.youtube.com
4	l.logly.co.jp	nt.compass-fit.jp
4	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
4	r-log.dable.io	static.dable.io star.setn.com
4	nt.compass-fit.jp	star.setn.com
4	www.googletagmanager.com	star.setn.com www.googletagmanager.com player.gliacloud.com
4	setana.setn.com	star.setn.com setana.setn.com
4	sb.scorecardresearch.com	star.setn.com
4	cdnjs.cloudflare.com	star.setn.com cdnjs.cloudflare.com ads.eu.criteo.com
3	csi.gstatic.com	imasdk.googleapis.com
3	s0.2mdn.net	imasdk.googleapis.com s1.adform.net
3	geo.dailymotion.com	player.gliacloud.com geo.dailymotion.com
3	hal900021.redintelligence.net	hal9000.redintelligence.net hal900021.redintelligence.net
3	tags.mathtag.com	3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com tags.mathtag.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	cdn.jsdelivr.net	star.setn.com player.gliacloud.com
2	www.dailymotion.com	geo.dailymotion.com static1.dmcdn.net
2	onead.onevision.com.tw	player.gliacloud.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	sync.search.spotxchange.com	1 redirects star.setn.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google.de	star.setn.com
2	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	star.setn.com
2	d31qbv1cthcecs.cloudfront.net	star.setn.com
2	www.instagram.com	1 redirects star.setn.com
2	platform.twitter.com	star.setn.com platform.twitter.com
2	apis.google.com	star.setn.com
1	s.youtube.com	star.setn.com
1	ad.doubleclick.net	star.setn.com
1	rr2---sn-n02xgoxufvg3-2gbs.googlevideo.com	star.setn.com
1	dmxleo.dailymotion.com	static1.dmcdn.net
1	speedtest.dailymotion.com	static1.dmcdn.net
1	vendorlist.dmcdn.net	static1.dmcdn.net
1	api.unibots.in	cdn.jsdelivr.net
1	inrecsys.popin.cc	star.setn.com
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	star.setn.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	static.doubleclick.net	www.youtube.com
1	tw.popin.cc	api.popin.cc
1	cm-exchange.toast.com	star.setn.com
1	idsync.admixer.co.kr	star.setn.com
1	cm.g.doubleclick.net	star.setn.com
1	act.ds.kakao.com	star.setn.com
1	analytics.ad.daum.net	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	recommend.setn.com	ajax.googleapis.com
1	ubas.setn.com	ajax.googleapis.com
1	use.fontawesome.com	star.setn.com
1	oauth.setn.com	star.setn.com
0	star.sanlih.com.tw Failed	star.setn.com
0	certify.alexametrics.com Failed	star.setn.com
737	103

This site contains links to these domains. Also see Links.

Domain
www.setn.com
acts.setn.com
www.vidol.tv
www.facebook.com
line.naver.jp
twitter.com
ad.setn.com
trace.popin.cc
bit.ly
flipboard.com
a.popin.cc
traffic.popin.cc
www.settv.com.tw
tv.setn.com
blog.iset.com.tw
www.104.com.tw
vidol.tv

Subject Issuer	Validity	Valid
*.setn.com Amazon	`2021-12-27` - `2023-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-22` - `2022-11-20`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
static.dable.io R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2022-04-04` - `2023-05-06`	a year	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2022-09-23` - `2023-10-24`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2022-09-12` - `2023-10-11`	a year	crt.sh
*.dable.io Amazon	`2022-06-26` - `2023-07-25`	a year	crt.sh
sni967fgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-07` - `2023-10-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
gliacloud.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.admixer.co.kr GeoTrust RSA CA 2018	`2022-04-29` - `2023-05-01`	a year	crt.sh
*.toast.com Sectigo RSA Organization Validation Secure Server CA	`2022-06-30` - `2023-07-31`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-10` - `2023-06-11`	a year	crt.sh
*.logly.co.jp Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
pixel.gliacloud.com GTS CA 1D4	`2022-10-18` - `2023-01-16`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2022-10-17` - `2023-01-15`	3 months	crt.sh
redintelligence.net R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
update.mediamathtag.com R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.treasuredata.com Amazon	`2022-08-18` - `2023-09-16`	a year	crt.sh
api.unibots.in R3	`2022-10-12` - `2023-01-10`	3 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2022-11-01` - `2023-01-10`	2 months	crt.sh
www.dailymotion.com ZeroSSL ECC Domain Secure Site CA	`2022-10-12` - `2023-01-10`	3 months	crt.sh
onead.onevision.com.tw R3	`2022-09-11` - `2022-12-10`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-01` - `2023-01-10`	2 months	crt.sh
*.dmcdn.net ZeroSSL RSA Domain Secure Site CA	`2022-09-11` - `2022-12-10`	3 months	crt.sh
*.dm-event.net ZeroSSL RSA Domain Secure Site CA	`2022-10-16` - `2023-01-14`	3 months	crt.sh
speedtest.dailymotion.com ZeroSSL ECC Domain Secure Site CA	`2022-10-11` - `2023-01-09`	3 months	crt.sh
dmxleo.dailymotion.com ZeroSSL RSA Domain Secure Site CA	`2022-10-26` - `2023-01-24`	3 months	crt.sh
*.dc3.dailymotion.com ZeroSSL ECC Domain Secure Site CA	`2022-10-12` - `2023-01-10`	3 months	crt.sh

This page contains 54 frames:

Primary Page: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Frame ID: C8AA9CCB2524DBFE5A515144DB6F47DD
Requests: 198 HTTP requests in this frame

Frame: https://ad.setn.com/Ads/ShowAds/SETN/setn_m_top_300x250
Frame ID: 90F86A14D603F3EAFBCA8ECA037C56A7
Requests: 1 HTTP requests in this frame

Frame: https://oauth.setn.com/auth/realms/SETGroup/loginstatus/login-check-iframe.html
Frame ID: 26B5203833D63AE44A571B855551376C
Requests: 1 HTTP requests in this frame

Frame: https://ad.setn.com/Ads/ShowAds/SETN/setn_footer?PageGroupID=8
Frame ID: EFC7DCFC268F71417BC03E0D3D824FD6
Requests: 1 HTTP requests in this frame

Frame: https://star.setn.com/vod/live/22078?pagegroupid=8
Frame ID: 7BCE5A9D41F56E39555E425642541219
Requests: 45 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fstar.setn.com
Frame ID: F92C4385BDAA86CAE295C64C5D080B47
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=579792962597423&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22cd4c43f11a5%26domain%3Dstar.setn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fstar.setn.com%252Ff939a04450232c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=small&width=
Frame ID: 1737F1DE415AAC8AD59B1D416B2B6CD0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/comments.php?app_id=579792962597423&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7aace04de8268%26domain%3Dstar.setn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fstar.setn.com%252Ff939a04450232c%26relation%3Dparent.parent&container_width=888&height=100&href=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&locale=zh_TW&numposts=10&order_by=reverse_time&sdk=joey&version=v5.0&width=
Frame ID: 7DBFBECDCB2229A3180285AA7341AE6C
Requests: 1 HTTP requests in this frame

Frame: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C41FFB0F6D181DE6115B5F43BFE35CE9
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
Frame ID: C6628E4E8DDD0F371336A2314239B26C
Requests: 52 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssl2fyGshORG5uR_rHK_Nt3WpYVfo1uXkAW98i_wSSEbkRizTpIxE1fbx_kixxC4fSlfEB58xDtfxpT3hGN4SZ8qrB3yKe8IMbEcfYiUgPfA5jk74v2vNMqs2etxWoAGamueJFaJNvNK78FRTJUCt8wItJv97mRYgWgIn3k7diA8OXkDRZiSgDreMPEajUizfxjh-iK9Q5kuI0TimaWR5a_TWZdwbxxLQqc17nAEPUTbUH0W-Wg-rjaGDCBDz1xmvTzS-E_R3R982-vJ5q0xL4s8tzVkDgAgCXUjgJ-Z00M3-nXr-JUc9k_onbnWxsgVbVO7iJrrg_E9-lgJaab199Caw&sai=AMfl-YQCRNHfuTwlAp9ZHbBRIRPYMzWvVJJBrUmFNXNS28Drvp3A7KPKug7zwAgGu_4N6vNFvgSfp4bNRVzDvHsG_re7M1G6QjihE2kyo29HRc9HCFI02Pn3SmW2FSt7HDWS9Vr6&sig=Cg0ArKJSzIuakA8nFOPEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 58EF69786A01CA65C55B307ED5708BD5
Requests: 7 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Frame ID: 74788FA0BDB40A8D14C04EB3FE7EC7D3
Requests: 20 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Frame ID: 9221A3729D8A9049434FC0C4D4E42C56
Requests: 24 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/Ql9VZYX4/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_Ql9VZYX4_2o2jvAoe&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=860&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Frame ID: E67F7385FD9FC4A42AA3DDA5415929E3
Requests: 6 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Frame ID: AABDF7072266424E0D58B39A21742844
Requests: 22 HTTP requests in this frame

Frame: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F7F4AA24CC10C29E19E7097D488A78E3
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_3wALEv0Iu_J8AANdnC_82bYNuC9WZaJ4pg&u=%7CTn3fSisJDwBq%2BHsw0rHrtayKFCEZOa0KYHK3C6wLqho%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSH_psvOX1t_f03DoE_bII4RmQ34I_0U2qcD7SqMsJJOPu28-gJP_rTr_yrrnvQNykW56uXR1xiH3XdyalWqjhNBtFDxomuSuKCHQmrM5H-pV-ZpK8igfoXGnaRlKROo3ijJTBf2aus-I8slyOclvkp0-FRPm31_7TtnIqjZ3OrMipUWl4jwW9FIGm09AX_WUjSJY1vXO2ceCidQ20DAW6wgHtvPMWNC-dQrxnUMgm3SefD63xOLCVMM2EMRFbJ9n6sr1DH0tppwIlrsaRtl2asNnhz5d9JJg1TKk0rJPJxY8b4Tu_xnPLDCFAqwMbsfpmy_5CNUwvfAltcvcN-imkCx2sjeUY1utGplJwYpxyt4NCkOE8AaIL5mmWeFA23B80THSG8eFtDq2LE9U_9S_oqcClxNQEaqHjwzcYcupGkcak4QKHobLRCOiQvchcy82CXadPSPamvciMFghZIKr-Jx7rLk_EWpXQB0Xvo6s4fkOeh7Tfy1U3ARXvexcGEJ2rNEWut6tEHLhl8Rb1JA3uxUSUQe__OxBeN8OyD0W-nj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPcL4379wY_2lLPzk7_UPnLuNmAnJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSQAk_Q3Y_SpYNTCo_tEFMbPc5Ye3D7qFn8LW-0T_gUeZDDnL_LT8-ULTPjySouv7aXYeMOzg56LP87VhXIjoCG8CIzR9PQuk10trd8PT1TuQyW_uQkR6u00zxF4vgEQW7D_ewrLJaRi63zKN9Ku_I6zPE23IFhWRWysNeqVYI2gN2d-uIgyEzuQArxTOoIkkK7HDDwU5ffBZtQPnPe_MN4FQIdBDVabGVBqPr9h-KpydPCzVyyKlOgzni3GY7iOh-8b_icQt_vC5hL59_vI4UUmhOSwFhkBnNOry8N6B4PgMelO873Arl_9A5zOGvkOHq8RhaFaeYM3lAhp8s3TijmXmdfwNA5hRCga9ODPPNf9N2L4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0XC-QyS8X6sdejPiX2tFI-DsmHdg%26client%3Dca-pub-2523569589989545%26adurl%3D
Frame ID: A64BCA20A8E3554249CA40F8A5255A84
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0yfzIpEGtXcjpThP37m4g9MMQeEHhr_nST_N1QOk-1f5kCOYw4aA-vxvAKwqsAdirP-S35OVgMeRkUKMchoqrD3VvD1cEOcmntCpZyKSQNOgxiyFjfYZ8I3j7aTWrHW6QcbhL1VzmR3QZm81wJFOFrUJey9KnY8X4We9x9L4FFaIDEKQQMYDFKl993uU55eCwrYnLnMwbN4bAO6u2DpIAkOPJKiV71A5A5_-88AvbVqG8YCiMJNn6CFL0Knaa8T2D62VQUleFfqfHEzzwpv_pnqBBEc5hi0cQ7a1cP-RorFiiHGBmvOfg2TRwb9EP_ADhM9KqNcKTROE&sai=AMfl-YRBgl_m4U5Tth1Ac-v0-91fKOeck5o28BlFDEu28pyeMi9s1fdoKBoJLXtQJPCG4OOG6MWJXHwpujMA6XFmJyJKZIt7X1As6f3VwX5_dHYx6wAWNdyLZqvgcgpjv23ZIlPN&sig=Cg0ArKJSzCAuvQqJut_REAE&uach_m=[UACH]&adurl=
Frame ID: 38BEFAB09001D5F1E477DEC93E130BE8
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5WJBGOrfV5A_pl9i9NK7zycaLvfOPJR8IWfLRCIzcv0N1BNO-TsOKKkOUzSeg5FcW5Lq42YQfxvGic5JDmxSHGCV9IeOxvT72mSkR18xIV2LgHw69flRt-sxGVpencClIKmGO21dFgc2OFkjtaf6Bcbn7NQOO8fx3bml_UUvZeEAGkxoOKEfBwhyAHC1UtHGLK4SQwi-tDRndN-TSyLuleXf_SerWzqs0sDfg6LACFDzOSEeaVMSRGaDL60zIJi6g9G0o5JjuR6qbrsTxcv7Ia3AffPwPtfGLanyGLAZ-7mf5gZ2HUVkREglZG2BIwr8d6DUtCgsfbGw&sai=AMfl-YSj7He0BOO2ZFKZ3vMyRAa1tgaKtEWWk_-KwjU968ayZSY_pKK3TZeS5TBwAFHU59kQpEQRHleXLwxRHN8v4jT3pMjzAKCzO5MfM3Kuxar6R_6Crimet9XyHtXWFjz8QKAJ&sig=Cg0ArKJSzOIPuuAKsXmdEAE&uach_m=[UACH]&adurl=
Frame ID: 281825887D0DB30DD88573E22A0957F1
Requests: 7 HTTP requests in this frame

Frame: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8094E188CB0322E8A015AAA7A8ABB658
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlMrBRNLLyPBoIfDSumH5C3IGbgGBjIWqZIzStROM_0wROJ1EujoRVot8LPvELVGEqjcmKwk5MEUC5giXxDWP25BxKDCmljGu4Ehil8Y38221ju34fZhwvSsIOPlLq82xmHs64f_panh4JrmiLCI7UT9NzXHErY8QBj4JbLBcP7Cti9hzshKJtBogktnsp81GOl9IMba1qDi9LTMMPjp_emdBc6epkMQg3f4Ond1Ja2I0918-x04R7zzdQkCAqCPCYEuZIqji3c5LfO2HgkvpIrPynAAEyBmV9re9QH2sn4F_OMo2JGn-6ilZYPTcLtal9R_xK7wsJkfz5Fxqiww&sai=AMfl-YSF-eq3_S8DOQR3o5S4LSZcBrifiYP5KomlL-3jjlKEuvSPb91qHhBAzK-52b6crTnXu8fgQeyS7A6QnnS106mmB8EyLicm0kt9ukIPFev9gfamhl_n8Hh1GTfFCUr3_Cec&sig=Cg0ArKJSzFpK01bTGmqKEAE&uach_m=[UACH]&adurl=
Frame ID: 375F1EAA7E3AC197FE3F07E93C7BB3D5
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_3wANi7kIu8dfAAL4tp4nJcDNc3UtvF9BcQ&u=%7CTn3fSisJDwCgMobSJEhC1YiURZlscio06rWewsgSAa8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXE5ihGz2e14vxT7vyE9DxfvV041Kl1BgSlZlIuarGosYIYW21-6acrA3X3NgCl_seaNEDiB_bNdg-lCiGt49Dm-DalYdWzpYMSkoP-6IS_k2F72tz4f5q2aXsN9ES_2Qf-BpSFIOp02gvQ-6y34WAnWRTPOxLba3RKkqi5pbuEaXnVE9vQoQfi6xXtVe_la5-J8e19WjGtf9lFVDhybnnMFglM6RKuUTdD53nwOgq7Mjfp6eUQvEx17twnOqMRtn4PRXi5I53IG5XoR8mwEbhV-eQm27TqrZ6LiK1gFMP5zfUoJumiy6HmDocRClnseGUk770nvzVc1794qckVxV3hJ9-0Th244EWaz7m74U7NRui5vxt13xaEFSnjxcFZkwwPd2w56yEoDseRpWEVhy9Nh4HIB4w52QDlubRclO-y61YmC855VvMssRveutFmqODb0d2AEEJRMzB_YBXihofA-vxSmQxPrBzDsZMHPCmK07D0G0__DdOczxSXBGerfdXiQHqTWeX6IzZfZoAujr0pMfncrlVYOCCJjvzw90dnl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_qux379wY7mXNt-O7_UPtvGL-APJntKxXM3x4t2IAcCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJqQJAMbvREFyxPuACAKgDAaoEmgJP0GZSmonSe7xdmTpOn8YOT7xSlsNRKvDlq0mjLlls-66v-JC_7R10gplGZdYSs37asdsiEOBn8-FIEGIpmE6l0FuyPBAbWHyVqocHDyohJKD4mGYYSO-b3u1nFTmW7Y9A8Hyegrx918AvsmJ2w6zRTBdt8hmRNk1C8xq9t4pVGCqgkUGjs2lDtxPQJqcHEOO2TUDubkEHbDfIVZDBl8cjG-JvUwqlDJXL1FlyY31EhC9-7fZJCzzdAV6pMccGkIZgmXdvkff7vzYlHk6kQ31M7l1MrndZrTrWjNaw192-qbOGorU49T_xxqIOoiAqjeWSCDUA0-3OMIUo30KGkB8Ppwv1zIWnQBlXaciGTDwoAbJLVUhElw7JptfgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JGH4XaY4kLT-NNYp6iX6rke64HA%26client%3Dca-pub-7415831428202174%26adurl%3D
Frame ID: 6A1D047805DB2A553B7211F5BEC00FC2
Requests: 18 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 4F676F3AB1A76BF9093226D99F545F0B
Requests: 2 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 1E2FEEFE26B4F99BC76697D075D8D47D
Requests: 2 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 1A3CACE9578519BEECD9A8213497812E
Requests: 2 HTTP requests in this frame

Frame: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 49EF9BFE0E330BF5984BC14E864EAA9A
Requests: 9 HTTP requests in this frame

Frame: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F496B2D2915188B64457913CC79981F1
Requests: 10 HTTP requests in this frame

Frame: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 927833FED4FFDF3EE68861BB47454610
Requests: 9 HTTP requests in this frame

Frame: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 798488531486663FC2BC8D256599C765
Requests: 30 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_C2dfpGZRK90w9Kqhm_clG-ZN9-wElwD8YwmsOa9uqJbQJqP7iB-ONhC4Hql02_erP9paeG7wVyiJPPb4E96qzd5IZZbynjbCmxcbtB4qhYrCb9vyphH_YGXhO6zGqTvPUwQyD83GKYlXzCW4OCrp6vPWPmLQfayIn3jJQsYxsLWN0xjRHthPPN54KECHpaNg-BNc-n0hQzZPXQA0utrdY3MLGq6yZ7djekc6eyShcG2Cj2EHC1Gq5iQE91mq5zZiVwpjXsBh4nzjJzrvhFz0o8tvGs85IjswSYsba4oxi_aa1veuyvu6X2WeUjQy0cPIvInCoe3efVNFh9FzEO_tD47_R0F6&sai=AMfl-YSqOF2Em1NIP4kGD9gFqpt4HqLDoHGc5wm9-oSZJ9WEtvmQDpX6EXeRAgWAn2PKai7KGl8V5o7Ck9Atb1QraKCIFFkSZnZWpUwWQ37IoQzQ2tdKvi0ajU58V338wK-Mh9tT&sig=Cg0ArKJSzN3IrP3op1OpEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9B1CF92ABA17341FBF0A595A205BAF18
Requests: 9 HTTP requests in this frame

Frame: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 29EDB5291A8C45CA81F9C4E244F994EC
Requests: 9 HTTP requests in this frame

Frame: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D7EFA1BDF1ED5CAFE3721960D2087412
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9723F4D68A471A2D85FFE46C7E76D6ED
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABoKIH_ZYDAA_IwugnknPl2qu9qSJHWg&u=%7C1Kfx12T1NYnbebnYX%2BLUsg0xRreAqG8C2bo4T2j%2FUi4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1TjkATbGV5IcvQV_6vMqq0IGuOYWpWCY8gQWMUQ0yOZOs5_u3rYzrGtG6SYrhvuK-K_DHyuJJkJkwOcZl3UIwyXEMSaGHmnbCF3otqr9t0vlfAh3MCaltkPwlRTYqZZPLBzl__ltW7hkkyVENd2czHmPx8VfixKdd1ZqNqTthoDI-cWI1DlXaO_kwjToNRtfaPhCq8X9buT-OUzSeGs_KczlLaNi125kMCwQQaF5b9wnb19m1tiYVY6hI7fbPyBOqf660MbeU0CxQh1yeVGfzVhRaUTe39qFsUWYxoxiZ-F96ORCWm4QhEOozErTY_McoQQOO0XiKJuFVpzFVJAdg0GOzPING1c3EfhZFktRHjh4g-OOuDApHEIiL8GCLjz1k3mw4meliDQMmXbIsGpzsC5lvLfb1hOEaEgxqIHmeI-20u18nyjiDIgVYQE0wNxAPaVMTOxzZgWAbjX0ZTwzkoqkaWXFx9xYCTUpCpBZpaZ1y3mCCNrjJ8NWFpmERvJ8CblPJ58WyL9pub-X2SHK3f7m76ps4Z_tz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC15Hr4L9wY6LBBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgSfAk_QdtTnpHuD3ONR1s6kasveEzGOJVOrFjJnw-fR8OzZQ9JlQi2-cf5Xvlo2hlr3-VY769QR8mCcKxh8jaxRXhpByDAJmoHy6gC5AN_s9b3ETUq6H3ceRYig1AKh8JegPz6OvSmrYOqJwPeLdDwZdXqYlohhh_bLzmW3jdWWbD8a3gRFwf3BP7TZeTfHuSylRgwGRFNLgbtS5-R_L3EjtzGW_LOFRwM5mrZKtFQgyfRMp_1zs0fNJ3DflI0M8ArE2vgRY9MAaAmwLE49SOaZwoz0FWGQ5OGhbnXjyNIa_Dw98zPCMUXeSzGod-JUnegcRf0P9CIRxEwOye2urHAXc7-NlqMeJF9EuwOa9O-4ZzGj5iDFJweecqgyHO-Vyy_o4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_30Z7ysOjLmtHF2038djS85GANhGg%26client%3Dca-pub-7415831428202174%26adurl%3D
Frame ID: 03BCFA3E8481A8FD151CA969C520EA5A
Requests: 19 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABoUsH_ZYDAA_Iwgte4ydZUWbU4iKnXQ&u=%7C1Kfx12T1NYnSSLI7SlDsLEg88cJ4d2fi9KoHiC16n0k%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oYr6Qf_MMHYyYnnkQ1IWvQNEIJv2G7G0ESrLpS_JAdQW7bxE-WMJbSuNt-pqh9_WdcyFExGsZD8AYvnK7cJegciGi0PIlXVbS-0tsquiY_pT4IKBjP4yPTG8rEXKdXyqzQEpd5v-Oyprbcu3EHxlReeS7ubcrfkaDmUN5Q9qBUCZE7CE4c_a_scm_26NtlvZhcO4e5daDuvaST4J6hpl3L7rRCvTmVG5eAX015vjjlgxasEwgcT8cDHcns2a4w_WBR4CRqU5PJOV4XRmpRMBsVbX5f8np7kVxWSjiY8yVgf20a77AMfMlIC4weTYpLrHFF5AW1sOEzqObRgtPysGk3Qhs05KMI5I4yi2LzRmtj4YyWN5f9l81epF3vpL1KU-evOgfucJOojWy5OP-RkmmHcnnmJdi7DgtlUPYQQ0ak4AUKYl-CXJ1r_bYGOTgKiUYe2pvkw_OhqqTnefIhcZHe6jvQnChU90meJpkSlxh5zAvY3y-_C0R4U3cS2w89f7cu3ic7I1PEf6SbhoPXnl4vsQ36rMAS_HSE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0nKG4L9wY8vCBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgShAk_QWEulNBLib9MQARYhT2LFaowIMeKD9x-gtvgsk40a1CsbzQJgtOkdAGELN9isVq_W-rUmJ3lTajOuWp5EXb5cf9nkxS3tOfAHQQvdATlxcI4mmztAdG5CxxTyeuEYEXer6Hn8joBo3nQ1ZiBGCz-JFRT8z_X6RKfCP_uqyJly0bsdRbM6x9vhS8wVnA9un2YyIhZzdwvXEtyy4wABeLVZqRx-5M5QradRaTZEzU4SEFiWyfXqBL2VP_pORmXUTHn4n9jPaVFpb4nTmU3drL28OMsNZVfHB4_efWdw69rGB3FW3rRmntRk5t5hSHFNWLXaUwjJtBZyles2iLQvhxUMWf8xcNPPr97js5z8wWf3iBAMIG6FNcLtXutxrqV_083gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13Ghnl38B3S1GXxRKHcvBmmHSL0A%26client%3Dca-pub-7415831428202174%26adurl%3D
Frame ID: FE7631B78994EB2E127E5BADC52B22FF
Requests: 19 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABof8H_ZYDAA_IwrkosZe-Zwe-Cg2IrA&u=%7C1Kfx12T1NYkOYQnHE7rv%2B3YxSfUOqYXvAVB9qq2IPag%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVzcD2jXM_JE6f0199SpINL9uiCdoIuY8tQTNBzN0oY4BE2F0myJ53YIN_a-9_fanflp5HCqqGTRQmXTfHnzMG-zJGm9TNUBTh8b_TccQxpAQ7VpS_6X1WbIleyXYWf7bCAH5gSeUU__moTAVZWu6Jydj0LyDbma5hfGQy6ZzpJ1jnI4bficyfZapSiDHKF2Q9057sQsx-5g2lj5rVjZ8RZqY48KzE8hzc8awXkioaaKob_PDaqFiwy8SvU9lC_R11l9FdaXR9dZa0wX10819ejnEsc6fMdB0tjPlTfiF2YfELJzgsGWS534uA80s3feTXm8ckwAPVKI4aFCaa4Jcwdl4zj5c_3Og3k8cNGcFDno6n1UeS78opxtTCoIAGzIOMwma2LfWKHfCVipcKXpwlO6NBP9ruyynfw1j1VS5wJI8_hY9AT-lA6rhsUkPjrICGJNzY7WCyjItHi7bklFJT9q3bu0xDXeSpTrFZNdA5Fp9e730msHtaucRsadJRltTaHL9TJ9RWElffjnOdWlLcomQGMISBvxwYCfNy3Pmjrs4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjkg94L9wY__DBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSnAk_QDvJU7lglhGsE5mH0myy4MDnzvGSEZn1TRDKPM6r9UwTX_pIP5vkVie75T6sBOlnlWKUn5lvzZG15ZtQg3ZqABMCeVEGopF_XP6kO_YmQP9_V8O5VMdtsWrC55BTqJf0epWXK2wnTSiOn1HWQh_Iv8JdjGhpGd56wXetiUa4S79oAjU8MugvoAn1AxoPwuovY8XOMfcv4cfA3NsZA_GgrsoWROBwAATTS8ymnnthtWp2T4SHkXt8cfA6rqyIsYrU_fF9RY8N59uovk0cdAoP__Di4bXwhEyb5fY-_9H3of12Vjhxd8ewhOoGVJIfXywsHdffO5Jyzy-sohOZyuDiO4uTIWf36Yr27ptwavIIEm36579rsSNTRTquHfCkbbP1TubHl8bXgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0g8pF1UaP1llPCcOWIAXkUmZvB4w%26client%3Dca-pub-2523569589989545%26adurl%3D
Frame ID: 09E56E7B11F91B80161DC766B5D376D0
Requests: 21 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABo_EH_ZYDAA_IwkkrS6ETvo27qqjUUA&u=%7C1Kfx12T1NYm0zF7AHdquhyMR9uJxPCr7t5TE%2FrzrduY%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTHRhhgMpmWg59XKZrdcmVKjJj0urVgkPbGtBA1TFruS4ylR_O21mLPjmdBqpXgPww8P_NJCWek9HFTznsB1lhqf1zPeRnIIy9PfwtQUP1WicLaxXUTG9oclUKZ86JPscNQdlywfhxyNnzpzQNE6XdQo6208OQM6r-taTJBqfeKJe2qpJG_kmRlp7wEia8TYuh_KhqWVAk-4xQgczOaGe8Ly0p5e737NPpontLOrOMAUae11c8nmEE9ejzouGuE0jN77y4d1PnTf9nJUKmYg6OcZoi3Uoa1ZXxa9XPMsusrDibNi0oxp3igLL4m6nNRUUiVXPy5SMv9tHgNQn51BgOjznc-szeTpPbzyo5IXEgf0RpaYl4WEytM5k8IpV1U7B1Lw0qNWuH4pV1SUrIBzhyoo8lls6OUsgENVOtvF5Zv-feJkwEMFGXT2L7ZSH-SuPwbqUzncUMc_gKV6ppzJQv70cTfeSXpL6rU5PqKMlGVNPuQqNR6_txfP2sa6QFS5vYq2SDZMmMpxdp-V3xMP4i9cfAvXCs_vMCUHAvmSQ54kE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5u84L9wY_HHBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgSmAk_QtwS07sbH2BaOuKSbvdSIWy2BMqUOjiWf7yiu3ukeggcTMhlHzl6u5bs2pYR8fzTH5suIln19Eo25pxl-KJXjJDju5QBI368uDQsFmTzd_jP92Z1UIrGvBgDf0-ovQSXGECmEaMQXyq77OG3kKuY4r8gQDTKpCdibJ4ys3DJXRuc-0nIPgf9E-vRYUEx85mrv_qq91wjNHsKz3n_6mPv1P0YR32a5S-jdrfRhlW2QQcuHKrSx9AZXPaqfqToD5n97wKW8CkIFfzhx4_jnbtbJSkTwd3puyGfujRiupSQ-Hr6HAe1IoeM4f3AS14ppkJwuPwHa16gLmwzjrfLQ9yBhRgn73mQ8nIAfwOEcsy-8tu3XdoOZmHpK2r94alWRWDE-Eepw7-AEAYAGiYjw842givl7oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MnGlAuJSZPM0MtCRyMpghIZUZ8Q%26client%3Dca-pub-7415831428202174%26adurl%3D
Frame ID: 4FB0B97F6D18EB5F1E19E2B890339231
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABpHgH_ZYDAA_IwtyeWGgW61WTphjjHQ&u=%7C1Kfx12T1NYlHuEu2jIfQ8tcyuRt2stGGWvCsDS4yAWY%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjFz1RM00mo99lsG5mUfclKW6By3X2EXeIqEvFs9qO-NX4nGPISb3n7n26-mVZHkmWzPf9PyZbeuHXM-xOjO3ZeBPLTCr_X_6B5t2ICrQ8LvdFbn1iUwAm1es_ptr_OcGIonSL9VlrYwbKgOO-nU_DbqbPF7LVNlv3w7yPzRmD8rIl71KKY9jpYb6DCRXLttR-DaHTEsIXZ-VHb3iq5J2T_ifPkhv_nmw7Qa5H60kCCDqoecu2OFswanf1pt7aE0IS-QtIr7gn2ADkRhfR6EKA0Vbm7uCz9VpBE8KCFe9iClCi5heNszFz5CucW9FAgzQNL0TwwLEQx90-C4UbrLzO8ieSvFd2QTNkVI0FHzvm-Vb4uCEun6D5qlx71SgTAJajjEVJ5ZkVTGdGbGRK0HJ2AcDBITcjDveQlffvYHdGUkClbJdBFhJ0KchkZiJ-CbTHd7fIueP6BcexOjcd0_OYeKMdWK1faDud6hEPp0QlwUzCk5s4ErmcG_59ml3_dmaDuiradGo5Fz1ml5UlwtwK-XHfjaLiYTwkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaqV44L9wY_jIBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSmAk_QON0zJq8vPjLsEzw4rRttDrhZYZpE1gsQF9BRVJ6S3bvb4lKWD7CfH7LZmo24toyl3jQpf50RHq-ygaoW0o-Tc92KVMJXQRO0XUYBt_L7mbofE6aghxAFbNIm6GEFt6A7IxjnaJ6-yTa-wmZLdCCVTcubUAbHtNEKvyyOX8C5kmyVLyGgKecksaWKwL7tO0n3go5_IABpkLicdFyUlov2xNtHp9UfIIOl6Kv0CgA-jBQGsXIzhDAvGo9jcRQI6j8xjZb2rJhynpYTLYuxcy7AVCEYeNj8n-UYK-IdwWXnR39NwLZ6IjX5lTYOlKOimmY5OYGjUHF-5HIJEIle4cgnNJvpotak79hjLW6qC9DC6-PqmrnC_pTbOZGf6AxIWm7UT7U24OAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3ry7GZU90cj8V9NSQEKtzHrRNjEw%26client%3Dca-pub-2523569589989545%26adurl%3D
Frame ID: D139B77BC40AC1363A3E804BB3377EB3
Requests: 25 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 80DCCA3D5A63851247C9186A47120196
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Frame ID: 120EC0229515FF9A1814FFD6A8B6145B
Requests: 1 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=33262200042146105671049012142021&a=149f816d
Frame ID: C4BDF64EE2E715798732957E1F72BA34
Requests: 10 HTTP requests in this frame

Frame: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920
Frame ID: BBA03563D61919A1EA77AE8D7E0DA140
Requests: 29 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Frame ID: 7C14510D8EA27415B6871E2DBF7A6BED
Requests: 1 HTTP requests in this frame

Frame: blob://https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/5934e85f-837d-481e-865e-cd2595b9becd
Frame ID: A593B173FD73DE269EC603F5ADD3A83B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html
Frame ID: 4A86D2CEE443EC058D54E4771DAD1649
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 6F24179221CB731B31665FA0269AFA12
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Frame ID: CF6ED2D890ABFF459ECA9EA3C4FECB32
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/11970852/11970852.js?ADFassetID=11970852&bv=258
Frame ID: 321A3A6E2C40274B2F1DC0CF538DE8EB
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Frame ID: 7CBB677207790915877D467DBF2B1F91
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Frame ID: A556581B430931DEF3E3E097F83D6C98
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Frame ID: 23719A1DF54579A87068B51E35B8BC23
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Frame ID: 054ED5356B83DAF3EA93C60CB93939C4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Frame ID: 3BC9C09A547392317D01046DFB32B2B1
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 8A96DE6D634D3C462EE03B6B70F12762
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

周玉蔻全說了！蔣孝嚴「晶華緋聞案」女主角竟是她：揭開多年真相 | 娛樂星聞

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

737
Requests

99 %
HTTPS

54 %
IPv6

51
Domains

103
Subdomains

96
IPs

12
Countries

13937 kB
Transfer

31499 kB
Size

53
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://www.setn.com/
Title: 三立新聞網

Search URL Search Domain Scan URL

URL: https://acts.setn.com/starapp/
Title: 娛樂星聞APP

Search URL Search Domain Scan URL

URL: https://www.setn.com/project.aspx?ProjectID=8874
Title: 一家團圓

Search URL Search Domain Scan URL

URL: https://www.setn.com/project.aspx?ProjectID=7198
Title: 懿想天開

Search URL Search Domain Scan URL

URL: https://www.setn.com/project.aspx?ProjectID=9035&utm_source=setn.com&utm_medium=menu&utm_campaign=projectid_9035
Title: 金馬獎

Search URL Search Domain Scan URL

URL: https://www.setn.com/project.aspx?ProjectID=7733&utm_source=setn.com&utm_medium=menu&utm_campaign=projectid_7733
Title: 全明星4

Search URL Search Domain Scan URL

URL: https://www.vidol.tv/
Title: Vidol

Search URL Search Domain Scan URL

URL: https://www.setn.com/podcast/program.aspx?id=27&utm_source=star.setn.com&utm_medium=news_sounds&utm_campaign=audio_link
Title: 聽新聞

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://star.setn.com/news/1181936

Search URL Search Domain Scan URL

URL: https://line.naver.jp/R/msg/text/?%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%0D%0Ahttps://star.setn.com/news/1181936

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=https%3a%2f%2fstar.setn.com%2fnews%2f1181936&text=%e5%91%a8%e7%8e%89%e8%94%bb%e5%85%a8%e8%aa%aa%e4%ba%86%ef%bc%81%e8%94%a3%e5%ad%9d%e5%9a%b4%e3%80%8c%e6%99%b6%e8%8f%af%e7%b7%8b%e8%81%9e%e6%a1%88%e3%80%8d%e5%a5%b3%e4%b8%bb%e8%a7%92%e7%ab%9f%e6%98%af%e5%a5%b9%ef%bc%9a%e6%8f%ad%e9%96%8b%e5%a4%9a%e5%b9%b4%e7%9c%9f%e7%9b%b8+%7c+%e5%a8%9b%e6%a8%82%e6%98%9f%e8%81%9e

Search URL Search Domain Scan URL

URL: https://ad.setn.com/AdsDataCollect/AdsClick/24675
Title: 能闖禍的孩子才有超能力創造力也高於常人

Search URL Search Domain Scan URL

URL: https://ad.setn.com/AdsDataCollect/AdsClick/17217
Title: 追劇必備神器一手將全世界劇為己有

Search URL Search Domain Scan URL

URL: https://ad.setn.com/AdsDataCollect/AdsClick/26308
Title: 神級減重偷升級! 劇中曝光掀起搶購潮

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=3KKlEJ9xWpUAzfIYFO_gVXkyqZ_HnIwDPbCrryDnde8&evt=102&rid=c4412ccd-9838-488e-9f36-fc160505f740&campaignid=1384129&impid=popin-star.setn.com-1&offerid=31765839&test=0&time=1668333536&cp=XTuIajmi5gwDLLWCJDb4V8k8lcW805QvWyhBLb6ZdtU&clickid=45_c4412ccd-9838-488e-9f36-fc160505f740_popin-star.setn.com-1&acid=1300&trackingid=711adcb436c0749ffb06f9bc2055d4ae&uid=9d644a1bae4cdd602d41668333536071&jt=2&url=h2_ggRNZvmX38rlc9s2sXGirId5JZSkN6ZX2XF6DVEga4bs-kuqzh8SbsSuslekxN4KnJuHG1-rYpZrpTGE-bKQLtobU2BssoQCzbka4aQjXLD6NnO0mwTSbXzmd0Q6WQ4sDHtQcj1md0iZzfgsWnC2G1WKVD3BiZbihClRoOpT4pvfKaI1hKL0e4KEeS0PMOYeXiO3i9_StQelyZDacPanmtT2OACDTAPA93wf7a6tEglGyYFu76uJt-IzjXYN_v_GyPmd5oJ9zu35NOjwPaGGOfyIWvxDJrIkI8Z47tZ6hSDQIzg84i61aO-x1EMt6&bm=2&la=de&cn=tw&cid=4394201&info=VR4br4xKZk8I-Zg9FNcAfByLpKpwgpHNGGek5ACbGIU&sid=176__170__157__169__1__49__217__12__207__24__99&sp=3KKlEJ9xWpUAzfIYFO_gVXkyqZ_HnIwDPbCrryDnde8&scp=glZtjxtR5xHzSvMhoXURkP0Pov_AyoNadhALoaY2BcQ&acu=TWD&scu=USD&sgcp=vrMhoMjoWxzMwYSGeVprnfNCKrPzGXSpXKBvb0dpXu4&gprice=z633qMmaY8JQ0CtEDy5C_FHvyA76-S8j7bsoPQeaG0M&gcp=aDnuYyBPGQ59JX5cAqDbcYNALfxNWLLdjSBkfH8kyJw&ah=tw.popin.cc&pb=m&de=star.setn.com&cat=politicsandsocial&iv=1&uidct=1668333536071&uu=9d644a1bae4cdd602d41668333536071&tst=1668333537755&ppvs=6&tss=5&aps=1&rp=1&fs=1&bs=1&caid=star-word-pc

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=Y2wxZD_cwAZq175yDjr3zcb9y6DVGTH-mpdlFq_ub5w&evt=102&rid=c4412ccd-9838-488e-9f36-fc160505f740&campaignid=1248994&impid=popin-star.setn.com-1&offerid=10584856&test=0&time=1668333536&cp=XTuIajmi5gwDLLWCJDb4V8k8lcW805QvWyhBLb6ZdtU&clickid=45_c4412ccd-9838-488e-9f36-fc160505f740_popin-star.setn.com-1&acid=1355&trackingid=1b081ac032f8092df42dc457bb6f04cb&uid=9d644a1bae4cdd602d41668333536071&jt=2&url=dUK97I5rogO7AsFsZIoL0s03BqOagQrZxz2t1YoaPqlu05Ecvpa-Fb8eYTgpYlzDx_qgyw7vuNQJF2tEHafuewsQpFJainCM0D2X60dCLk1iZkeptmWJpnkPaUR7ZXCqQzZ3DK5A0sa_h_A9tSWObzK2uIlQsUP5qTxJIwBUmUQ&bm=2&la=de&cn=tw&cid=3289899&info=9CAkSqcabYVUwM1PeqZuYt2ESPhbZBBBvIAACD8hBZw&sid=176__170__157__169__1__49__217__12__207__24__99&sp=Y2wxZD_cwAZq175yDjr3zcb9y6DVGTH-mpdlFq_ub5w&scp=glZtjxtR5xHzSvMhoXURkP0Pov_AyoNadhALoaY2BcQ&acu=TWD&scu=USD&sgcp=vrMhoMjoWxzMwYSGeVprnfNCKrPzGXSpXKBvb0dpXu4&gprice=ZDoyNN4x95X5TQ73xc1UxCScgtGp0cA3psMbXczgXAU&gcp=aDnuYyBPGQ59JX5cAqDbcYNALfxNWLLdjSBkfH8kyJw&ah=tw.popin.cc&pb=m&de=star.setn.com&cat=politicsandsocial&iv=1&uidct=1668333536071&uu=9d644a1bae4cdd602d41668333536071&tst=1668333537763&ppvs=6&tss=5&aps=1&rp=1&fs=1&bs=1&caid=star-word-pc-2

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=Z46f_yWFrtDWySueeV4IpV2ndRnt1ja3p1AafuJ38NQ&evt=102&rid=c4412ccd-9838-488e-9f36-fc160505f740&campaignid=1430438&impid=popin-star.setn.com-1&offerid=41215174&test=0&time=1668333536&cp=vot3NbZdoEvNqcyOF5CxUCAP1TLdVdst1CNC25CRYes&clickid=45_c4412ccd-9838-488e-9f36-fc160505f740_popin-star.setn.com-1&acid=21553&trackingid=6dd83dc7a06559d9cde1d2396b3b0b57&uid=9d644a1bae4cdd602d41668333536071&jt=2&url=ntoS5C_EEyklkLIX7RjrdoGvsskiaGqZJxZx57l0w78EYRfSKb57YFCr99s7nxuWx9mD0S2CYT1_Ab78gnloBF3kTmFkMEoJ23ciKfssdpEV7oclNR8wy1J72rJ1UrqZvBnWdJdk-rSUhdjKIi0v-gjXZnyWsRw0WEx7ztCPv9TWUEgOZhciEI7hdGGOAzpy7-QOlvlRDqB-ZccdtAHGwOLa4uEgCXzj-6ee227uxhQPk9kXnOr8mOcZKuKSNM7woC9fRZVnzoxTylG2YDYXt751JCcX7BWnYDts3A7YQOC-lzf2n6YUnI3ZJwyrXJ5nPXE2M1IRr_uQGo7VrVcIu3cyr_NsA8nQUoNp29F3szH8NLXZs5XGAW49auWNO9HhirEQKr2P9dUQT8HUfHRX0Xagfk-_gCceHJXRh9Q51DdeQV22kBIXCeXtRKBxpg9gBHPYKisqKV9ZPkW-wNxHsRXrMXk-p03IBREX21CuZymYSQiyIzJyxxC5oEEmRZbo4YGw-4YrWZS8hP2GIo1th5K9qg7ZiyU3tonqQ6nrMow1ADbQdoMUpLRqm1aXbDDL&bm=2&la=de&cn=tw&cid=4712476&info=m5bAh-uc95qNWnjflw3qBw5OKPCggGIe9qZ3tnPhREpC_jPy_elowQ3QrL06Gggy&sid=176__170__157__169__1__49__217__12__207__24__99&sp=Z46f_yWFrtDWySueeV4IpV2ndRnt1ja3p1AafuJ38NQ&scp=CyriSXTqgTO56_8410uevrvqlR3tLtxbDchOV-CTz-4&acu=USD&scu=USD&sgcp=X6cI5QCwCWniELX7vQWw7zRfisk2sJQvreHvL_esSQw&gprice=74L-Y9utKOL4V4nX88lCh76GJMyNRHpLYE4OE7ZjxEw&gcp=X6cI5QCwCWniELX7vQWw7zRfisk2sJQvreHvL_esSQw&ah=tw.popin.cc&pb=d&de=star.setn.com&cat=politicsandsocial&iv=1&uidct=1668333536071&uu=9d644a1bae4cdd602d41668333536071&tst=1668333537770&ppvs=6&tss=5&aps=1&rp=1&fs=1&bs=1&caid=star-word-pc-3

Search URL Search Domain Scan URL

URL: https://bit.ly/3rS6RMN
Title: 下載APP

Search URL Search Domain Scan URL

URL: https://bit.ly/3c5bTxB
Title: 訂閱

Search URL Search Domain Scan URL

URL: https://bit.ly/36vn7dK
Title: 加入

Search URL Search Domain Scan URL

URL: https://bit.ly/2ZEqQ7p
Title: 追蹤

Search URL Search Domain Scan URL

URL: https://bit.ly/3cA9fk9
Title: 加入

Search URL Search Domain Scan URL

URL: https://flipboard.com/@setn2021/-n9m3sh3ry
Title: 追蹤

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.setn.com%2FNews.aspx%3FNewsID%3D1202108%26tripid%3D4fc6038e58a808fc8e1f4dca012ed34d&data=eyJjdmlkIjoic2V0bl90dyIsImMiOiIxLjAiLCJ0eiI6InR3IiwiZiI6IjEiLCJuaWQiOiI2MzYzOTAxM2Y2ODZiNjQ2MzYxZTJmODQiLCJtX2NhdCI6bnVsbCwiY2FtcGFpZ24iOiI2MzYzODdlMGY2ODZiNjY1YWMwZmU0ZDQiLCJtZWRpYSI6InN0YXIuc2V0bi5jb20iLCJjYXRlZ29yeSI6InNvY2lhbCIsImRldmljZSI6InJlc2VydmVkX3BjIiwibF9jYXQiOm51bGwsIm0iOiIwIn0=&token=4fc6038e58a808fc8e1f4dca012ed34d&t=1668333536780&uid=9d644a1bae4cdd602d41668333536071&api_host=tw.popin.cc&de=star.setn.com&uidct=1668333536071&logid=c4412ccd-9838-488e-9f36-fc160505f740&extra=m_ch__popIn_standard_1B2infeed_pc&mode=20170420&referer_type=organic&td_client_id=8470fb64-0bb7-4fdd-bd11-cc80143aa261

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=gnMhRC_Cg4uzrjFV2m0qwnxR8T0v7JSFt8kDaVWJrTk&evt=102&rid=c4412ccd-9838-488e-9f36-fc160505f740&campaignid=1429325&impid=popin-star.setn.com-1&offerid=41133640&test=0&time=1668333536&cp=FImIcVhkIKJebud55wYrcMN-T-9NnLdWWrUi8aSezao&clickid=45_c4412ccd-9838-488e-9f36-fc160505f740_popin-star.setn.com-1&acid=21649&trackingid=ba8b71d4dc450f8d021a98eaf86609ff&uid=9d644a1bae4cdd602d41668333536071&jt=2&url=bBtNyXn-ZVLYlbt9gZyzWEnLYdUY2dqtP1AcJuIHmPLteUYa5Or6IVcQfJ8b4qxhPMDYhA5zauyd66FrwaXxnQ&bm=2&la=de&cn=tw&cid=4708290&info=Rb2ulx44jQwY5s6iCBF5H9pBSnxA_u7jBnwEx54mKqLPm1IQCiHSayADtP_qA0-L&sid=176__170__157__169__1__49__217__12__207__24__99&sp=gnMhRC_Cg4uzrjFV2m0qwnxR8T0v7JSFt8kDaVWJrTk&scp=xASjouTwpUPxwJIZMvyl26E0VZ62-vYkLK3RvPJy430&acu=TWD&scu=USD&sgcp=YT2kZRE5AqOanRJTvSjo2B1hvBSiclJ5EAiILHDj8PQ&gprice=R3mcQbgEsorCkre358p-3ZFhi5glISV51-wfQdMF0O4&gcp=7mhAeDQJ3lNBu2aEnQsj21gL7oiqtFJwVknBKnq3chE&ah=tw.popin.cc&pb=d&de=star.setn.com&cat=politicsandsocial&iv=1&uidct=1668333536071&uu=9d644a1bae4cdd602d41668333536071&tst=1668333537785&ppvs=6&tss=5&aps=2&rp=2&fs=4&bs=24&caid=_popIn_standard_1B2infeed_pc

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=46EyBNSI-blCdOtW6wlf5e70r1TaM67K9opw8Na61U0&evt=102&rid=c4412ccd-9838-488e-9f36-fc160505f740&campaignid=1452416&impid=popin-star.setn.com-1&offerid=44981927&test=0&time=1668333536&cp=XTuIajmi5gwDLLWCJDb4V8k8lcW805QvWyhBLb6ZdtU&clickid=45_c4412ccd-9838-488e-9f36-fc160505f740_popin-star.setn.com-1&acid=21101&trackingid=3a8293d9798a02570e55983b90285264&uid=9d644a1bae4cdd602d41668333536071&jt=2&url=58FGwJNHzgjVSFOlCcPl9POWy8IY-rTEQ0DLX12DXP0UPcxKTl15fThnKLszza4ZIgqLxTwISx1ju80X7Ng6A3cL4EJiJeL_yY7_bFkauOM_aPRItKmquhC6sommdpEN0uzUwsvToXDQKbn5tEIwdax7yX9VVJxpGjOqfNOtI6IBOt-HxAwcQtsDudYaADzrB806-pYvD4myD79rmUuwb4gK5xZ4BvHlUvQQO9x4PsI&bm=2&la=de&cn=tw&cid=4906053&info=6kLqnXW_faMvSb-JwzzYCZn1FutZF1FTeFdb5YQyrqVt1evBEVKS37peNsutghBH&sid=176__170__157__169__1__49__217__12__207__24__99&sp=46EyBNSI-blCdOtW6wlf5e70r1TaM67K9opw8Na61U0&scp=glZtjxtR5xHzSvMhoXURkP0Pov_AyoNadhALoaY2BcQ&acu=TWD&scu=USD&sgcp=vrMhoMjoWxzMwYSGeVprnfNCKrPzGXSpXKBvb0dpXu4&gprice=Pf9b-LIRhlopQkGNjxUFRZyHt_5b71ltYy43e40l0nQ&gcp=aDnuYyBPGQ59JX5cAqDbcYNALfxNWLLdjSBkfH8kyJw&ah=tw.popin.cc&pb=d&de=star.setn.com&cat=politicsandsocial&iv=1&uidct=1668333536071&uu=9d644a1bae4cdd602d41668333536071&tst=1668333537787&ppvs=6&tss=5&aps=3&rp=3&fs=4&bs=24&caid=_popIn_standard_1B2infeed_pc

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1206747

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=omEmlzQNunjxR3Bm2tge3ea2OKesVGshKYLyJT9Rq1o&evt=102&rid=c4412ccd-9838-488e-9f36-fc160505f740&campaignid=1467909&impid=popin-star.setn.com-1&offerid=47445773&test=0&time=1668333536&cp=xiXYVydnnpUghZ1jprk2LlovQIqeoxqJLgHLZW608U4&clickid=45_c4412ccd-9838-488e-9f36-fc160505f740_popin-star.setn.com-1&acid=19939&trackingid=a0ae6a722c4a8a510754cbf986b95a9c&uid=9d644a1bae4cdd602d41668333536071&jt=2&url=gMg_D5e2qegTNaUH1ZT41aVuYRRzM0ZT8fmr3UO_oakHtIkGoYmeNvMDRQhGpmvq37rClZwOLtEfu5gbs8Dt263ucqFbKjdnR_hJmrrQELfRL4_0XBI_ftnmqJlnZlbIKqNhOc5qDAFzDEId0oiSfC2X0I0gFcmAynoDnzY7CoM&bm=2&la=de&cn=tw&cid=5033111&info=rWY0WZSd7PJiLePjyw6OJ1C5JhhJabAaNanp-cYZ36-SPfkJAxxr3ug8L4RdvZeS&sid=176__170__157__169__1__49__217__12__207__24__99&sp=omEmlzQNunjxR3Bm2tge3ea2OKesVGshKYLyJT9Rq1o&scp=rQZvkGdRwWiHALvkHcBkgfulurHmXky_7qjhNUf3imA&acu=TWD&scu=USD&sgcp=ddi3hbTZP5h1uhLsfX3FSL4IbRDigJ2bp23C7nC057g&gprice=hW_CBDRpLXvvAbY_cWyuTucqn8z_Dd_MAlxGCR-S5Fg&gcp=iy6NoOvs9britTdhDbaeT5Kzips6YICpzHnqohRqx3I&ah=tw.popin.cc&pb=d&de=star.setn.com&cat=politicsandsocial&iv=1&uidct=1668333536071&uu=9d644a1bae4cdd602d41668333536071&tst=1668333537789&ppvs=6&tss=5&aps=4&rp=5&fs=4&bs=24&caid=_popIn_standard_1B2infeed_pc

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=LS9uKIOSB-JhSOyoAr5ab2WZRbwaqrU-au3VeG_RQAI&evt=102&rid=c4412ccd-9838-488e-9f36-fc160505f740&campaignid=1429325&impid=popin-star.setn.com-1&offerid=44190941&test=0&time=1668333536&cp=FImIcVhkIKJebud55wYrcMN-T-9NnLdWWrUi8aSezao&clickid=45_c4412ccd-9838-488e-9f36-fc160505f740_popin-star.setn.com-1&acid=21649&trackingid=42cd0b0e4c4b6bcc3c3b3506680c8767&uid=9d644a1bae4cdd602d41668333536071&jt=2&url=CgIQ2ew9WbvxqugPfZOTOwF2RbBHbc_v9VBqSx9J90GwY_aw1geojGgxUkA1joL3Xn0V1RGVNqYfa38JD3gS-Q&bm=5&la=de&cn=tw&cid=4865143&info=YCbK8-ZK7OAMgDg4AZGVKj3Lm8o3elynt71_RJnzVSxJe-PhlpfrLVAfwgQCtfza&sid=176__170__157__169__1__49__217__12__207__24__99&sp=LS9uKIOSB-JhSOyoAr5ab2WZRbwaqrU-au3VeG_RQAI&scp=xASjouTwpUPxwJIZMvyl26E0VZ62-vYkLK3RvPJy430&acu=TWD&scu=USD&sgcp=YT2kZRE5AqOanRJTvSjo2B1hvBSiclJ5EAiILHDj8PQ&gprice=X5m7UkpsximJULV5xATrxdi8dcdM2-5mkm0lrn1Fs0U&gcp=7mhAeDQJ3lNBu2aEnQsj21gL7oiqtFJwVknBKnq3chE&ah=tw.popin.cc&pb=d&de=star.setn.com&cat=politicsandsocial&iv=1&uidct=1668333536071&uu=9d644a1bae4cdd602d41668333536071&tst=1668333537791&ppvs=6&tss=5&aps=5&rp=6&fs=4&bs=24&caid=_popIn_standard_1B2infeed_pc

Search URL Search Domain Scan URL

URL: https://www.settv.com.tw/#!/
Title: 三立官網

Search URL Search Domain Scan URL

URL: https://tv.setn.com/
Title: 三立大入口

Search URL Search Domain Scan URL

URL: https://www.settv.com.tw/#!/about
Title: 關於三立

Search URL Search Domain Scan URL

URL: https://www.setn.com/about.aspx
Title: 關於三立新聞網

Search URL Search Domain Scan URL

URL: https://www.setn.com/Privacy.aspx
Title: 隱私權聲明

Search URL Search Domain Scan URL

URL: http://blog.iset.com.tw/news/?cat=1
Title: 三立新聞自律守則

Search URL Search Domain Scan URL

URL: https://www.104.com.tw/company/awmhkao?jobsource=n104bank1
Title: 企業徵才

Search URL Search Domain Scan URL

URL: https://www.settv.com.tw/#!/tvlist
Title: 頻道位置

Search URL Search Domain Scan URL

URL: https://www.setn.com/tellme.aspx?dtype=3
Title: 意見反應

Search URL Search Domain Scan URL

URL: https://www.setn.com/tellme.aspx
Title: 我要爆料

Search URL Search Domain Scan URL

URL: https://acts.setn.com/app/

Search URL Search Domain Scan URL

URL: https://vidol.tv/plans

Search URL Search Domain Scan URL

URL: https://acts.setn.com/event/2022iphone14/

Search URL Search Domain Scan URL

URL: https://www.setn.com/privacy.aspx
Title: 了解最新隱私權聲明

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 158

https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000 HTTP 307
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220221113%22,%22u%22:%2200000000.0000000000000%22%7D%7D

Request Chain 171

https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7 HTTP 302
https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7&__user_check__=1&sync_id=c96ab54d-6339-11ed-a6b3-1348667f0506

Request Chain 737

https://www.youtube.com/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20221106&foc_id=IU8ha-NHmLjtUwU7dFiXUA&label=followon_view&ptype=no_rmkt&random=667019442 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20221106&foc_id=IU8ha-NHmLjtUwU7dFiXUA&label=followon_view&ptype=no_rmkt&random=667019442&cv_attributed=0

737 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1181936 Show response
star.setn.com/news/ 104 KB
21 KB 474ms
394ms Document
text/html 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 509dc4a9ec513367cd98265b2966836fc5fc91c1042bc08935e5345b81fc627f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private no-cache="set-cookie"
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 13 Nov 2022 09:58:53 GMT
expires: Sun, 13 Nov 2022 10:08:53 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding,Cookie,User-Agent,CloudFront-Is-Mobile-Viewer,CloudFront-Is-Tablet-Viewer,Host
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-cf-id: DQthNw3KOOfJa4ZN_NPrB8NV19xjYJF94ioj2pJdB9gJtTKSDGh6JA==
x-amz-cf-pop: FRA56-C1
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-cache: Miss from cloudfront
x-powered-by: ASP.NET

GET
H2 200 reset.css
star.setn.com/Content/css/ 1 KB
1008 B 21ms
7ms Stylesheet
text/css 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/Content/css/reset.css
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f56e00fb627e19fb1be4d7cb356dea6e91fe6988d2f1c4ed0f7d6cc57c43c666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 03:56:18 GMT
content-encoding: gzip
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:00 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 23910
x-powered-by: ASP.NET
etag: W/"0e85cb863e4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: no-cache="set-cookie"
x-amz-cf-id: 7mlUGppfIVsvFm2-Rqc3D7R_uLn_YCxjBay5FmqGoJ4nA9cAJHzlMA==

GET
H2 200 owl.carousel.min.css
www.setn.com/resources/OwlCarousel2-2.3.4/assets/ 3 KB
1 KB 568ms
174ms Stylesheet
text/css 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/resources/OwlCarousel2-2.3.4/assets/owl.carousel.min.css
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 10:32:02 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:38:20 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 84412
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 544KStq8-i2uAsQJ8b4IQ9HC83fvPRSud1TpkC3jyi3_v7x4ZdcgxQ==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 owl.theme.default.min.css
www.setn.com/resources/OwlCarousel2-2.3.4/assets/ 1013 B
849 B 564ms
172ms Stylesheet
text/css 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/resources/OwlCarousel2-2.3.4/assets/owl.theme.default.min.css
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 10:32:02 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:38:20 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 84412
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: IpCbl7cPhDWjplGf6ANDneMX-1JS7T0aUTGrto1Pkdcpz_HkBPfJmQ==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 base.css
star.setn.com/Content/css/ 34 KB
8 KB 21ms
8ms Stylesheet
text/css 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/Content/css/base.css?20220217
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 54bbb392350ab5b5cffe9bd202bc37518ffb19ab7ad60e7a8f0c885d02afca6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 02:23:39 GMT
content-encoding: gzip
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 17:52:46 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 29282
x-powered-by: ASP.NET
etag: W/"0abe0bf4d69d81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: no-cache="set-cookie"
x-amz-cf-id: tC2k0V5Xq217U92diWXs085A1ALSpAhujtlsAev4IGzY7wScZMnX_g==

GET
H2 200 keyclock.css
www.setn.com/css/ 5 KB
1 KB 579ms
188ms Stylesheet
text/css 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/css/keyclock.css
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 70e4adc85bd25966a1d21d019e8e9f7a66109b1d4d8faa6c8caa131b71ef6b33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 06:19:32 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 18:09:26 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 99562
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: T5zHr48Ef5a4XpauuIn94iGfByGCCnC3fsbG39818MbsejBQfZ0ueA==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 style.css
star.setn.com/Content/css/ 42 KB
8 KB 21ms
9ms Stylesheet
text/css 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/Content/css/style.css?20220217
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8c64b0ec0a7209c802842f9921013ec87376747e5a95150b9a111653295d2f11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 00:35:53 GMT
content-encoding: gzip
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Fri, 25 Feb 2022 11:43:26 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 35129
x-powered-by: ASP.NET
etag: W/"0371e63c2ad81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: no-cache="set-cookie"
x-amz-cf-id: OCRo2P2bb_SuifYV1HFBAbrPgETXQ3D0BCClS9iCI7C8vx21NbMdPg==

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/ 68 KB
11 KB 46ms
15ms Stylesheet
text/css 2a06:98c1:3123::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.css

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3123:: , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5e8c6ad66d889f3f73d3bd1d0f2e4945ebfbe47d28162ee206cd1b9e75d561

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2727615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10234
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-111ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dNNNpOQFROjhxrbMuX5GM3nWLew3EmTwg1HPIjBqlIQr8UhocyrdGfTPbdkRjn61vZsHAvyX%2Bo9f%2BspUEiDX3bvti%2Fgw%2Bp9KmNVpPz8HKP63i%2FlOkFnsg39KtAAyUODod70%2F9aofZO4KGKwR6iB96CE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7696a6ca1d67bbb3-FRA
expires: Fri, 03 Nov 2023 09:58:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
960 B 57ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Quicksand:wght@500&display=swap

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f488db8e4f7d5bda392a599548088ca9fad45dcc045f20c3e805e3aecdcb0642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 09:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 09:58:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 09:58:53 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 41ms
7ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 22:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 22:14:08 GMT

GET
H2 200 jquery.cookie.js Show response
www.setn.com/js/ 2 KB
1 KB 722ms
335ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/js/jquery.cookie.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9fa0f4513eaf62288b7843b7cff59bd539d068488a802e3a3903d041038d7940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 21:34:26 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:35:54 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 131068
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gtGv3K3FqKUiGHaQ0ng6DXE2we3kYX5EoWWvWcuBAtkBt1-FYI8LRg==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 jquery.lazyload.min.js Show response
www.setn.com/js/ 3 KB
2 KB 571ms
184ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/js/jquery.lazyload.min.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 06:10:37 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:35:56 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 13697
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: L5fqs6ldCPjE8jeK9Kk6-EI1xDw7aE6ZXvMttx6RJEEjzGcX86z6Ng==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 CookieUtil.js Show response
www.setn.com/js/ 12 KB
3 KB 567ms
182ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/js/CookieUtil.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b96b75b78070db0e0e4f191160a255b674ec19773081599d0204580a47477609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 05:52:53 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:35:54 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 101161
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: m_VKJiRBNRH2L_7BbeQMxC8jW_rJxZf-De1edCAblx_d5wH38iaAfw==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 keyclock.js Show response
www.setn.com/js/ 4 KB
2 KB 576ms
191ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/js/keyclock.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7059cf37c91a6e02f19b47e7ba386fc320a01931bd608c51d728d95a17f5f163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 06:19:33 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 17:24:56 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 99561
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 06PMlq2xCJgjSSZ3RB5eWZHbJg0XW2FCaAXJjLBUhsXop4LCSRTacg==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 78ms
17ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8df3eed16af13a1c0a7c76240a20329f23ddd2efe0109fed0d6a08c68d68f4a0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Nov 2022 09:58:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20983
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "475ae4105839918b"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Nov 2022 09:58:54 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 57ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf1a2b466ff48453cfda266a98033b049ac7a18db810f797c4b209f94e459e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://star.setn.com/
Origin: https://star.setn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Nov 2022 09:58:54 GMT
content-md5: zrPCBTL9rsaLGCGGyT53bw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-ua-compatible: IE=edge
x-fb-debug: 03jCpSb6oeODzpuQLl1cMYkFee/LTZ8cXX2lSp8fYNVrAScpjRVuN/JlWMWGu57lh2SepwiyDBToWCGMA1He0Q==
x-fb-trip-id: 917726464
x-fb-content-md5: 65c01c15be015c10746f4ff54f5436d7
cross-origin-opener-policy: same-origin-allow-popups
etag: "d3a630090a55e12ff6784ec5a113632a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 10:11:46 GMT

GET
H2 200 audio.css
www.setn.com/css/ 4 KB
1 KB 561ms
176ms Stylesheet
text/css 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/css/audio.css
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8dc171e8db8becf9c8470090f60fdd6505e01429a47f54c144d03297f7d531f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 01:28:17 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Mon, 24 Oct 2022 18:00:52 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 117037
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: gidN6XU1BvDkuXNIP6KnhccHP20mHJ9dbpJAJOo-LiGOyb4DSWyicw==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 sticky-sidebar.min.js Show response
cdn.jsdelivr.net/npm/sticky-sidebar@3.3.1/dist/ 10 KB
4 KB 41ms
16ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sticky-sidebar@3.3.1/dist/sticky-sidebar.min.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cf54a6eb9676ef17b3890208b3af8b336f8c8c2b8efe0d820b2baf274f7bd65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20479016
x-jsd-version: 3.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19137-FRA, cache-hhn4078-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"2971-wG7M2MZQJ/NYLkce3ZjjlWDBQbw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97gMCh7O5TRbA1U0npmsMPj1jWvyzu1HbQuMhpcPml2gjUniufoDaZz9M6hMlnQ6O%2Fqk8YmVqZUZOmJG8OSoyok09LuEvFWp7uNXJjQBxbCX9ftXpyUfTMFlQ6kGpwPDCG1obIeKPKPy%2Bq0rcDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7696a6ca19839265-FRA

GET
H2 200 theia-sticky-sidebar.min.js Show response
cdn.jsdelivr.net/npm/theia-sticky-sidebar@1.7.0/dist/ 5 KB
2 KB 53ms
29ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/theia-sticky-sidebar@1.7.0/dist/theia-sticky-sidebar.min.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2186978
x-jsd-version: 1.7.0
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19164-FRA, cache-yyz4559-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1535-GPQWoTj8W89HhlhctVqNRq+ZdqY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5AiQcPUxSc60YpcjvJV2XU4svngzeAlq6B80CYe4GKM1uDnycR3tCO3uREvP2klRDpqKLqoee3H40WGARoX4MbbnC6jXfRc8E8%2F8zKq%2BDZ%2FCIzHTiu3kPX51hqeKZRvfUdqkO0%2BBzRHPSOx6%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7696a6ca19859265-FRA

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 61ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:54 GMT
Content-Encoding: gzip
Age: 682
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29221
x-amzn-internal-status: 304
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
Server: ECS (frb/6795)
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 js_base.js Show response
www.setn.com/js/ 53 KB
14 KB 569ms
186ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/js/js_base.js?ver=20200525
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d461cbc1b4996af6b92871a26194df7ed4c170a0386ed287a150d681b9007e42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 22:27:27 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Tue, 01 Nov 2022 09:27:08 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 41487
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: KGY0tFdaEBnSKaIxZbNNy5yNYbrmgQ-_60gkBz1hUCA1fnP7w3Acmg==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 star_setn_2020.png
attach.setn.com/images/ 18 KB
19 KB 135ms
38ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/images/star_setn_2020.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cc106e0958864cf8e0bb84b422b6cabc9fd7dc49a9c850bf3d5113506bcfd2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:10 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Tue, 19 May 2020 03:14:20 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 45
etag: "6188e6f8bd6d46f6cd6d894ae68d90e3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18703
x-amz-cf-id: 67UEaWaYPC8-regp8vUpNwnwaiwCBxOabh2QUoYGXV8NBdvHHoijUQ==

GET
H2 200 3834298-PH.jpg
attach.setn.com/newsimages/2022/09/21/ 43 KB
43 KB 1065ms
969ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/newsimages/2022/09/21/3834298-PH.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ae29ef2af637bea2fcb58732d4e2646bdee325bbbaa8f20bb36b9b98522e4a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Wed, 21 Sep 2022 03:23:10 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
etag: "0689679e4826e76d37b3cc7c7429c5a2"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 43654
x-amz-cf-id: OLdjVzGQYYZ_DZuERdVf0KrGJp9g_NZiCZD6uJrDQE5DpmKDikyo7g==

GET
H2 200 3837419-PH.jpg
attach.setn.com/newsimages/2022/09/22/ 88 KB
88 KB 1070ms
975ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/newsimages/2022/09/22/3837419-PH.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de83174e0ab93accde6e4dc8cf6880efe380384755f603a42c9a368094c9fddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Thu, 22 Sep 2022 14:30:43 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
etag: "7a6859935d8140a227e5521d5fa7381f"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 89867
x-amz-cf-id: A00LWkaqMExsHkb7I3XaBPL4B0BH4fkvRLEwr8NE7RSjmFCWNwr6pA==

GET
H2 200 DefaultImage.png
star.setn.com/content/images/ 67 KB
67 KB 28ms
13ms Image
image/png 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://star.setn.com/content/images/DefaultImage.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1da28d218a9234d1c2cc6c0459e7031f21d0679e66ce8aab5b7a742674104768

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:49:24 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:02 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 29370
x-powered-by: ASP.NET
etag: "0158eb963e4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache="set-cookie"
accept-ranges: bytes
content-length: 68269
x-amz-cf-id: JtOKr4bEcJVfAcecLENBqV_Pn2p_WxfoqU5SY8aVVI44HBTtYDe2eg==

GET
H2 200 setnApp.png
star.setn.com/Content/images/icon/ 2 KB
3 KB 28ms
14ms Image
image/png 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://star.setn.com/Content/images/icon/setnApp.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cb85a11a465d2b14325771eff9c3f3408de2ff334fec69a5c863bb9a557530df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:14:52 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:06 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 31647
x-powered-by: ASP.NET
etag: "06ff0bb63e4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache="set-cookie"
accept-ranges: bytes
content-length: 2402
x-amz-cf-id: WGcnecbf2m4ohgRbIiagG_kWGtyUUuzJUXSyJOB5Dm5xq7dVqonsLw==

GET
H2 200 entApp.png
star.setn.com/Content/images/icon/ 1 KB
2 KB 28ms
15ms Image
image/png 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://star.setn.com/Content/images/icon/entApp.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42d9fdc0ae8fcda3e7f8d3d962d9c3614448bbbe6096c8f19f6ebfbdef3b2a3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:14:52 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:04 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 31531
x-powered-by: ASP.NET
etag: "042bfba63e4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache="set-cookie"
accept-ranges: bytes
content-length: 1242
x-amz-cf-id: PIBnyIsKQrIM6phxfT_O5NpLVZpfSPZolafOV8xOKlMgYIDTNWsNyQ==

GET
H2 200 logo-title-s.png
star.setn.com/Content/images/logo/ 1 KB
2 KB 29ms
15ms Image
image/png 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://star.setn.com/Content/images/logo/logo-title-s.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 68f29ea116dfce2edab31f919c4aee8e884315852edabf3d894b54b4ba0cc4a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 03:56:19 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:06 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 33527
x-powered-by: ASP.NET
etag: "06ff0bb63e4d61:0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache="set-cookie"
accept-ranges: bytes
content-length: 1202
x-amz-cf-id: EclTI7tycQZAemIRv8tR0-OS71xRezZTQIRScjDFVlKmdY3CnCpaZw==

GET
H2 200 owl.carousel.min.js Show response
www.setn.com/resources/owlcarousel/ 42 KB
11 KB 187ms
187ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/resources/owlcarousel/owl.carousel.min.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 03:34:44 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:38:20 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 23050
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ME-hxq_e5kIIbYjpNEB2-Pr8C83kZ0CDUGCGgbnR1AYiqcXq680dDw==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 googleanalytics.js Show response
www.setn.com/js/ga/ 2 KB
1 KB 171ms
171ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/js/ga/googleanalytics.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c7d4f0248c14d5a5b76480239a78a841b2f25044c37e78e55ed78cbd746dca64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 10:32:06 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Fri, 25 Feb 2022 11:32:50 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 84408
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RY06dgn00CzqvuWanRP-Ys6-YWDwDKMJMB2YtKE5goLOreEqe9tMlg==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 base.js Show response
star.setn.com/Scripts/ 5 KB
2 KB 26ms
5ms Script
application/javascript 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/Scripts/base.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9cb23ffd20e676abfd95731e63a42cb86a8d38ffc2c7aea257a89e864ff0fb63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 05:49:41 GMT
content-encoding: gzip
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:10 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 14979
x-powered-by: ASP.NET
etag: W/"0c952be63e4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache="set-cookie"
x-amz-cf-id: 1RkXbu6CuwMQm67Xl59Jox09JB0H2jII5OIE6U5s1HNvcy5n_wrtBA==

GET
H2 200 script.js Show response
star.setn.com/Scripts/ 11 KB
3 KB 29ms
8ms Script
application/javascript 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/Scripts/script.js?20211115
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bd62d7815589b49ecc6b7eaa3ad46cd85afa6694162005517c6b25c255af8bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 02:23:39 GMT
content-encoding: gzip
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 11:27:56 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 29282
x-powered-by: ASP.NET
etag: W/"046ff2e1bd7d81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache="set-cookie"
x-amz-cf-id: -K8V6yrjGCze8e8DcyxPmwVONMCH5Iv8YsN9akucgrRWJxqbhmhDBA==

GET
H2 200 LogTracer.js Show response
star.setn.com/Scripts/ 3 KB
1 KB 31ms
10ms Script
application/javascript 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/Scripts/LogTracer.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 26c696c87b69f3effc2cb60cb5985ede563a03c7fa5cd8b526a1baec84faa413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 02:23:39 GMT
content-encoding: gzip
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:10 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 28427
x-powered-by: ASP.NET
etag: W/"0c952be63e4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache="set-cookie"
x-amz-cf-id: AkkX7qEDOpdoemQPCuP7WoL-FE3uBtMQCz7pumsJuVqB8pJZKoTmlw==

GET
H2 200 news.js Show response
star.setn.com/Scripts/ 8 KB
3 KB 32ms
11ms Script
application/javascript 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/Scripts/news.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 43fc41d5dd362a469882f2ec293f9064ff6200b77edfc4a8de8ddee3db6994d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:14:52 GMT
content-encoding: gzip
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Fri, 25 Feb 2022 11:43:26 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 33528
x-powered-by: ASP.NET
etag: W/"0371e63c2ad81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache="set-cookie"
x-amz-cf-id: TMGB6f8hzZBRO3LJVdEPAQeNP2I08Ptc0EnJOb6QVyahcaF4neeS7Q==

GET
H2 200 idleAD.js Show response
star.setn.com/Scripts/ 3 KB
1 KB 32ms
12ms Script
application/javascript 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/Scripts/idleAD.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c46d01e3b8219a7168f1613b4080cebb853d3255867c810f27d65b7007d29889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 06:36:00 GMT
content-encoding: gzip
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 11:27:56 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 13182
x-powered-by: ASP.NET
etag: W/"046ff2e1bd7d81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache="set-cookie"
x-amz-cf-id: hMMgWZewbk6kd5QwGX4tpRCjBl4h6qb9wjROZRpleIBFOApUOLBhRg==

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

20ms
7ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:02:06 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Sun, 13 Nov 2022 09:58:54 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: odn
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 audio.js Show response
www.setn.com/js/ 7 KB
2 KB 189ms
169ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/js/audio.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b84c84c465e0f531708b0947b39a936ab40e5b41cc2f1b5199b2220c5e06c245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 07:06:49 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Mon, 24 Oct 2022 18:00:52 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 10325
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: oKbBC8b8ix1EaAxD5d-tiqP9DHPoPb32pqacnPrihpLnQ_ZZSOd2SQ==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 51ms
7ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-107.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding: gzip
Via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 5730541
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=26920000
Connection: keep-alive
X-Amz-Cf-Id: NBrD7SSDsiV96UnlMl4jeuJ3tty_3Mcb6wDcC5VhsAS79nIK6Iv7IQ==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 52ms
8ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 19:01:21 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 53933
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: U0rcSqnsqXKbUXzN6RfesAp8AXWHgXGlaKh-wbHqEWxgyWWint7Y4Q==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 77ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d6f9a4f21d4766ec09fd436828354def461beed433f4d8fa16e31cde63f5a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27291
x-xss-protection: 0
server: sffe
etag: "1391 / 423 of 1000 / last-modified: 1668207947"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 13 Nov 2022 09:58:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
12ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Nov 2022 09:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2580
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 13 Nov 2022 11:15:54 GMT

GET
H2 200 matomo.js Show response
setana.setn.com/analytics/ 61 KB
20 KB 88ms
19ms Script
application/javascript 2600:9000:2315:1200:c:e0d9:2a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setana.setn.com/analytics/matomo.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:1200:c:e0d9:2a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 382843b96a3a0f2c2b38c583563caad12733ae44b4b5f1b97abe948fc461596f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
content-encoding: gzip
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
last-modified: Tue, 22 Dec 2020 05:05:51 GMT
server: nginx/1.12.2
x-amz-cf-pop: DUS51-P2
age: 14
etag: W/"5fe17eaf-f21c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache="set-cookie"
x-amz-cf-id: 2SBHv0CiEiopIwQfs5-m0h3vRVNpjC66zX0rbmNHYdc02Tc6Q6oqTQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 159 KB
56 KB 47ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZ3723M

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5cc0d1f19367797bd6aad2d5e9786131373962ab4056e6b041f2f98324b0af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56973
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Nov 2022 09:58:54 GMT

GET
H2 200 setn_m_top_300x250
ad.setn.com/Ads/ShowAds/SETN/ Frame 90F8 0
0 600ms
521ms Document
text/html 18.64.119.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.setn.com/Ads/ShowAds/SETN/setn_m_top_300x250
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.119.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-119-96.txl50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 13 Nov 2022 09:58:54 GMT
vary: Accept-Encoding
via: 1.1 04a40fe66992666426f66bb0ade3912a.cloudfront.net (CloudFront)
x-amz-cf-id: 3cGLshdPOGK0El_UZEs6hGtgodUzYUvzvNuzvBkaavW1rPUNUnARJA==
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront

GET
H2 200 login-check-iframe.html Show response
oauth.setn.com/auth/realms/SETGroup/loginstatus/ Frame 26B5 3 KB
969 B 81ms
9ms Document
text/html 2600:9000:2057:3800:1a:7b30:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oauth.setn.com/auth/realms/SETGroup/loginstatus/login-check-iframe.html
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:1a:7b30:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa57778bd7d7db9432b192b1cdb9f08e34d01846b15f84e75d017792db4f12fd

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15425
content-encoding: br
content-type: text/html
date: Sun, 13 Nov 2022 07:33:05 GMT
etag: W/"e8bcbe0e61badf4ca634840dd3d23c59"
last-modified: Wed, 13 Jan 2021 08:33:57 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-id: 6PWc-8URskPUb5gb5GjgZAv0zSw1DWWw0VlCFZQ0MGN8ls_B_Dmeeg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront

GET
H2 200 pattern.png
star.setn.com/Content/images/ 14 KB
15 KB 18ms
17ms Image
image/png 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://star.setn.com/Content/images/pattern.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/Content/css/style.css?20220217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eba4d3bf5611b8992dfdf23d77f65828dc011ec05f4b9816431cff06c0b979e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/Content/css/style.css?20220217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 07:59:14 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:04 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 18469
x-powered-by: ASP.NET
etag: "042bfba63e4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache="set-cookie"
accept-ranges: bytes
content-length: 14574
x-amz-cf-id: 4d7z70y3xnvLj5QSweu0Iq63veK6G3qykb_Zl-9lJc_7ytS-Xuhplg==

GET
H2 200 adBtn.png
star.setn.com/Content/images/ 4 KB
4 KB 17ms
17ms Image
image/png 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://star.setn.com/Content/images/adBtn.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/Content/css/base.css?20220217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7b3eaec5f195b43d0a5f36960e60adde228d0b0150f359353fdbc31f45363ad4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/Content/css/base.css?20220217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 04:01:47 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:02 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 21427
etag: "0158eb963e4d61:0"
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache="set-cookie"
accept-ranges: bytes
content-length: 4207
x-amz-cf-id: -LuYUEoERetvkRAJpHIDemB7TkLCmRsghWEPxRfOwREt7aASuhMVHw==

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/ 74 KB
74 KB 70ms
55ms Font
application/octet-stream 2a06:98c1:3123::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3123:: , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.css
Origin: https://star.setn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 233312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75440
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-126b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNuuUd%2FQEzJxy7WM%2BB2ckVltGA8ayI5GkHVDpQ9Q0pygOrf7UJALoqRuaW8PYLiz1HXP9OSLemLMB9a9xgQB53f3nQVb%2B6q77pCfN4nbVAkdghEumHB8mByvp5GaAKzmJa3vhdjgLd%2FpVgd1TlcbFcUr"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7696a6cf0f809012-FRA
expires: Fri, 03 Nov 2023 09:58:54 GMT

GET
H2 200 setn_footer Show response
ad.setn.com/Ads/ShowAds/SETN/ Frame EFC7 1 KB
769 B 297ms
254ms Document
text/html 18.64.119.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.setn.com/Ads/ShowAds/SETN/setn_footer?PageGroupID=8
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.119.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-119-96.txl50.r.cloudfront.net
Software: /
Resource Hash: 9d36f365bf5bbc704d3599feb0f4183bfc02ad2682a1aee8d9d84d1117db3cd2

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 13 Nov 2022 09:58:54 GMT
vary: Accept-Encoding
via: 1.1 04a40fe66992666426f66bb0ade3912a.cloudfront.net (CloudFront)
x-amz-cf-id: wPzh_hyjBFHpIT7qh3msnwsvZ7JgE9y9pQ8LJC_5nnADNOv43TF84Q==
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 108 KB
35 KB 63ms
8ms Script
application/javascript 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: d825ca238a05262a76be777cbfb43207caba6ee2fe9444f01af19f3c9be833b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: DjAuzCm.fTtMkzO9.KYvuGdpuC3GzAu5
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:54 GMT
Last-Modified: Mon, 17 Oct 2022 14:07:01 GMT
Server: nginx/1.20.0
x-amz-request-id: Q0FB39W5V6WQ9WH1
ETag: "2727d4c6a382308deea8d48f24b66f37"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=32864
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34973
x-amz-id-2: KIOuRxFJNSs13dI08hk979M5m/yQZJW4Ubc0RvGrOaFrrczD9BeZ7rLvy6Xg4anRoL0Ied+OzKM=

GET
H2 200 socialicon.png
star.setn.com/Content/images/icon/ 97 KB
98 KB 10ms
9ms Image
image/png 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://star.setn.com/Content/images/icon/socialicon.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/Content/css/style.css?20220217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e6f4f1f85dc79f55df0772f003fb9b2bacc470b7239a46eee7d29e2837bc5711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/Content/css/style.css?20220217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 03:56:18 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 01 Dec 2021 16:10:04 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 28599
x-powered-by: ASP.NET
etag: "09677e6cde6d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache="set-cookie"
accept-ranges: bytes
content-length: 99525
x-amz-cf-id: kJNT55CoNhOIAaQsJHCyQ1F7UjG69nHB71uaIbm8DlS_lr_xeUBowQ==

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/ 13 KB
14 KB 30ms
29ms Font
application/octet-stream 2a06:98c1:3123::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3123:: , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe9f0570e6ea6a6e5c70f2e83fd46883a62e5fdd1ffce04471bedf0dbd23166e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.css
Origin: https://star.setn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 146828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13580
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-350c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwCz6m2KruFRcXb%2BGqIn6t%2BvMv5PHhtWakuz77BTmueXb5moJ3otPaXsvilF0VacEwd%2BQxJ3HFa1Bp%2F4nURtF%2Bn6Vf6xHlbmAdoFWakQ7nD3tPwxpkCFxzJaigxNIyJ5cT7LgPiMIg%2FfMprYeUiukX1T"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7696a6cf0f829012-FRA
expires: Fri, 03 Nov 2023 09:58:54 GMT

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v30/ 14 KB
14 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58a-wg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2acebc85d9188ee80d3c9b04d3b5cda759566c88f2ca252b3cf4ba87e729d63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://star.setn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:18:23 GMT
x-content-type-options: nosniff
age: 477631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 21:18:23 GMT

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 83 KB
18 KB 1466ms
709ms Script
text/javascript 18.181.126.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4293422
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.181.126.176 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-181-126-176.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0945b312323f62567440d264b80f31c9135e6ac3812faa63a17835424a00f8d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 22078 Show response
star.setn.com/vod/live/ Frame 7BCE 19 KB
6 KB 11ms
10ms Document
text/html 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6a943eced0b26bc9046a54239e563b32d665bac9ccf8e462d52b3d9b178f16bf

Request headers

Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80
cache-control: public, max-age=120 no-cache="set-cookie"
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 13 Nov 2022 09:57:34 GMT
expires: Sun, 13 Nov 2022 09:59:34 GMT
last-modified: Sun, 13 Nov 2022 09:57:34 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding,Cookie,Host
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-cf-id: dPAvUugMbdLdM6BCp1qvuDR7JXAzeKY6butrJ5lrl3s2hCU8i_tWhg==
x-amz-cf-pop: FRA56-C1
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-cache: Hit from cloudfront
x-powered-by: ASP.NET

GET
H/1.1 200
OK setn_star.js Show response
api.popin.cc/searchbox/ 152 KB
38 KB 1055ms
517ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/setn_star.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: e26b96109b2963b95e44d197c3fdfa0a1ffebd26928e91323ee85e34a179c733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:55 GMT
x-amz-version-id: nK.kV2Lu.StFl6bHU4j37wCRgeCNTf51
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2022 09:40:13 GMT
Server: nginx
ETag: W/"e0887a2e6a22cce6dfed54fedf1aa64e"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Sun, 13 Nov 2022 10:58:55 GMT

GET
H2 200 titleBorder.png
star.setn.com/Content/images/ 604 B
990 B 11ms
7ms Image
image/png 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://star.setn.com/Content/images/titleBorder.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/Content/css/base.css?20220217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1148c667f57d1456ee9121f7d7da0719059918517a41c9dfcd1d45f917358461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/Content/css/base.css?20220217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 05:43:20 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:04 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 16525
x-powered-by: ASP.NET
etag: "042bfba63e4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache="set-cookie"
accept-ranges: bytes
content-length: 604
x-amz-cf-id: -oh3aqCUhpPaNA39dfACXZE8QxKxAOA1Njqz2XxSqpBqvPEcVY8sQg==

GET
H2 200 titleBg.png
star.setn.com/Content/images/ 4 KB
4 KB 11ms
8ms Image
image/png 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://star.setn.com/Content/images/titleBg.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/Content/css/style.css?20220217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 893f8d38e60607f41ebcf4feda1eebc53cad9eff78778925c78c1653ee755139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/Content/css/style.css?20220217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 03:56:18 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:04 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 29282
x-powered-by: ASP.NET
etag: "042bfba63e4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache="set-cookie"
accept-ranges: bytes
content-length: 3935
x-amz-cf-id: yRTnRVKBJdrsz4XjFoCIfxfOn3EdWFxCEer0TZCfn2qp6bMkW3SdzA==

GET
H2 200 hotBorder.png
star.setn.com/Content/images/ 499 B
883 B 11ms
9ms Image
image/png 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://star.setn.com/Content/images/hotBorder.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/Content/css/base.css?20220217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fc996ca5fe5850dce6f4968296018aba0d6babac30c90f36a671e03c87f0d45e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/Content/css/base.css?20220217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:08:16 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:02 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 18469
x-powered-by: ASP.NET
etag: "0158eb963e4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache="set-cookie"
accept-ranges: bytes
content-length: 499
x-amz-cf-id: Rr58506hTy6YEgm12sXIMIuZfR78-e9G2Ryse77PVqiOg8buRfgihw==

GET
H2 200 headlineBg.png
star.setn.com/Content/images/ 1 KB
2 KB 11ms
9ms Image
image/png 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://star.setn.com/Content/images/headlineBg.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/Content/css/base.css?20220217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d682bde21f3c0de169b625d3c64fab74e342c2a62c8838eabc43896facdb8938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/Content/css/base.css?20220217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 02:41:18 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:02 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 26255
x-powered-by: ASP.NET
etag: "0158eb963e4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache="set-cookie"
accept-ranges: bytes
content-length: 1478
x-amz-cf-id: 0rFxvi6iWN3BwQeu5JUqwiARDLGsM0IpA9W878_jB-fo6AWkWno5vw==

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ Frame 7BCE 91 KB
32 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 20:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 20:38:04 GMT

GET
H2 200 jquery.lazyload.min.js Show response
www.setn.com/js/ Frame 7BCE 3 KB
2 KB 174ms
172ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/js/jquery.lazyload.min.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 06:10:37 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:35:56 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 13697
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 0dxOQ1Tp01qjhG9xLWa9n7LvhGiuzxyj3dcOToTTLX2eULvgzkU2SA==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 jquery.cookie.js Show response
www.setn.com/js/ Frame 7BCE 2 KB
1 KB 174ms
172ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/js/jquery.cookie.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9fa0f4513eaf62288b7843b7cff59bd539d068488a802e3a3903d041038d7940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 21:34:26 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:35:54 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 131068
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: VQG0Z5dpo3joTQzc0wzchatamKjkXPqyEUqT7NGynS43emK4mWZzIQ==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 CookieUtil.js Show response
www.setn.com/js/ Frame 7BCE 12 KB
3 KB 180ms
178ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/js/CookieUtil.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b96b75b78070db0e0e4f191160a255b674ec19773081599d0204580a47477609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 05:52:53 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:35:54 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 101161
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: oSm4zqMs-eRBcdtKtmbhaILOag4Agw_bD342DmMv5x4Nf1DLdHpH5g==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H3 200 platform.js Show response
apis.google.com/js/ Frame 7BCE 54 KB
21 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8df3eed16af13a1c0a7c76240a20329f23ddd2efe0109fed0d6a08c68d68f4a0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Nov 2022 09:58:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20983
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "475ae4105839918b"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Nov 2022 09:58:55 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.2/css/ Frame 7BCE 53 KB
12 KB 60ms
29ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer: https://star.setn.com/
Origin: https://star.setn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: F08DAHH90DWRNZPN
age: 20344
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: yVgY9z1kubCY26DPttPeeR2bqViwb+cKuuyQHX0hFELA8gUVVwVpLwZyXaaq0l8BFZTo3jYy3CE=
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
server: cloudflare
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kC9RrqNsRYer%2Fi%2B1hCQSYV6qciBWhbKCy3bTQRe4YOvGN%2B36VHfc2FDqpyFRjjZgY0NcAEBQA9L%2F68iJNT%2F6M1EjISs7atM%2FXLrRP1NxMard4b9026ELgZeHGNOh3O0tozWfkoZ2VdYYl%2FoXNhy90I6m"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7696a6cfdc248ff4-FRA

GET
H2 200 owl.carousel.min.css
www.setn.com/resources/OwlCarousel2-2.3.4/assets/ Frame 7BCE 3 KB
1 KB 184ms
182ms Stylesheet
text/css 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/resources/OwlCarousel2-2.3.4/assets/owl.carousel.min.css
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 10:32:02 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:38:20 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 84412
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 328JUV5Rw3-Kwc66oFaDcXc3LV098i0UwIElBkXLCwn6KVibfaP87w==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 owl.theme.default.min.css
www.setn.com/resources/OwlCarousel2-2.3.4/assets/ Frame 7BCE 1013 B
849 B 184ms
183ms Stylesheet
text/css 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/resources/OwlCarousel2-2.3.4/assets/owl.theme.default.min.css
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 10:32:02 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:38:20 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 84412
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: zT2RQbBheWOa5kzZwLfF66SMFtsOzoN4QSHwLwCiPnwxdJqE6wSa_g==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 base.css
star.setn.com/Content/css/ Frame 7BCE 34 KB
8 KB 10ms
9ms Stylesheet
text/css 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/Content/css/base.css
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 54bbb392350ab5b5cffe9bd202bc37518ffb19ab7ad60e7a8f0c885d02afca6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/vod/live/22078?pagegroupid=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 02:23:39 GMT
content-encoding: gzip
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 17:52:46 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 29283
x-powered-by: ASP.NET
etag: W/"0abe0bf4d69d81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: no-cache="set-cookie"
x-amz-cf-id: rFKMQPOcCq8PwHKxSK7tx_sAO95ef0h-l2alIxnIRS3C47FOz1n1Fw==

GET
H2 200 videoSidebar.css
star.setn.com/Content/css/ Frame 7BCE 4 KB
1 KB 10ms
9ms Stylesheet
text/css 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/Content/css/videoSidebar.css
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b4da9a86b4b014e7589433619649f9c59df2ec599702f3183cdc30013ddb7497

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/vod/live/22078?pagegroupid=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 03:59:29 GMT
content-encoding: gzip
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:00 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 21564
etag: W/"0e85cb863e4d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: no-cache="set-cookie"
x-amz-cf-id: ci4mIEyH4-ay5Aa6ArG3OJDliAVBwwwC-cAW56tLH2bEe-WmBKjpPg==

GET
H2 200 star_setn_2020.png
attach.setn.com/images/ Frame 7BCE 18 KB
19 KB 22ms
17ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/images/star_setn_2020.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cc106e0958864cf8e0bb84b422b6cabc9fd7dc49a9c850bf3d5113506bcfd2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:10 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Tue, 19 May 2020 03:14:20 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 46
etag: "6188e6f8bd6d46f6cd6d894ae68d90e3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18703
x-amz-cf-id: Pt8fplU-YSEhEhBJWFJBLpEloSo0uH6L20vTxHLVMUifaEvR5iG1eQ==

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 7BCE 992 B
2 KB 59ms
27ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

874e87fa935e7bccb5fa562bb4796cb9016ffda5fe036c748cd6458de421bf67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 13 Nov 2022 09:58:55 GMT

GET
H2 200 owl.carousel.min.js Show response
www.setn.com/resources/owlcarousel/ Frame 7BCE 42 KB
11 KB 188ms
187ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/resources/owlcarousel/owl.carousel.min.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 03:34:44 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:38:20 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 23051
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3HdcVqANc249lcUrjxn8uyZrLCL2qzIkZhNuFhK8oCuoYBkUrbD9EQ==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 js_base.js Show response
www.setn.com/js/ Frame 7BCE 53 KB
14 KB 193ms
188ms Script
application/javascript 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/js/js_base.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d461cbc1b4996af6b92871a26194df7ed4c170a0386ed287a150d681b9007e42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 22:27:27 GMT
content-encoding: gzip
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Tue, 01 Nov 2022 09:27:08 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 41488
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: slhbb9MYBx13n_Qkz6ZvNmsqs_cQsGUBTqPz9bWTiRlkEkgf46q95w==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET atrk.gif
certify.alexametrics.com/ 0
0

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
49 B 413ms
111ms Image
text/plain 3.131.225.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.131.225.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-225-240.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
server: Server

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 306 KB
86 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=3160d71c4564ac2ee26754b66ad3f777

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dcb79b9a04a8308601c932a08fc133afdf2d4f8ff9a35c6c94ce2750938de8d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://star.setn.com/
Origin: https://star.setn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Nov 2022 09:58:54 GMT
content-md5: XYWD4M1/whVY4+hyEi+12Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88526
x-fb-rlafr: 0
x-ua-compatible: IE=edge
x-fb-debug: oQ8wRHK5qrm7PhiKWZlqEM1v2I3tPRLAQ/R9b9fRaSp0xuP70I2x+5zrFrsfW4dnQdWmQCQxEviUXiotdf9mhg==
x-fb-content-md5: aa06367aafcb4e03074e34435b7db1fb
cross-origin-opener-policy: same-origin-allow-popups
etag: "6770288325badcdc7f7288cba1472917"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 13 Nov 2023 09:51:46 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 9ms
8ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=20617561&cs_it=b3&cv=3.8.0.210223&ns__t=1668333534678&ns_c=UTF-8&c7=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&c8=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&c9=
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: QeJS9AVieFVQy8eF64Ap3h6-q2-uzBNWiBNTmMA81X4FXY7GuHOKnA==
x-cache: Miss from cloudfront

GET
H2 200 pubads_impl_2022110801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 08:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131898
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:38:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Nov 2023 08:14:32 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 776 B
883 B 52ms
16ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=star.setn.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff94105619d51a3a6c46603924e4f9f3af2dd42584789e25e2bcfffeb9f12c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Sun, 13 Nov 2022 09:58:54 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 66ms
17ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-82224611-1&cid=1838979132.1668333535&jid=1321499755&gjid=1247992851&_gid=341423187.1668333535&_u=IGhAgAABAAAAAEAAI~&z=1203267718

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 13 Nov 2022 09:58:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://star.setn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 31ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1984167710&t=pageview&_s=1&dl=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ul=en-us&de=UTF-8&dt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGhAAAABAAAAAGAAI~&jid=2102933654&gjid=110078997&cid=1838979132.1668333535&tid=UA-37193510-5&_gid=18956011.1668333535&_r=1&_slc=1&z=1496070959

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://star.setn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1984167710&t=pageview&_s=1&dl=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ul=en-us&de=UTF-8&dt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGhAgAABAAAAAAAAI~&jid=1321499755&gjid=1247992851&cid=1838979132.1668333535&tid=UA-82224611-1&_gid=341423187.1668333535&z=1454952985

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 19:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51366
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK prefs2 Show response
api.dable.io/plugin/services/star.setn.com/ 736 B
1 KB 1024ms
260ms Script
text/javascript 3.34.29.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/star.setn.com/prefs2?cached_uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.34.29.73 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-34-29-73.ap-northeast-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

c74a71803fa7a6543d5ba449b6b2bc2c127f5359f2135ba6e2716134be7324fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
etag: W/"2e0-fVUnTEgoY3J4BRZsmP+DXFMCET8"
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 13
Connection: keep-alive
Content-Length: 399

POST
H2 204 matomo.php
setana.setn.com/analytics/ 0
460 B 519ms
519ms Ping
text/plain 2600:9000:2315:1200:c:e0d9:2a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setana.setn.com/analytics/matomo.php?action_name=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&idsite=6&rec=1&r=753162&h=9&m=58&s=54&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&_id=19a8920cf5046ce9&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=m5l9iT&pf_net=79&pf_srv=394&pf_tfr=443
Requested by: Host: setana.setn.com
URL: https://setana.setn.com/analytics/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:1200:c:e0d9:2a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
server: nginx/1.12.2
x-amz-cf-pop: DUS51-P2
x-powered-by: PHP/7.2.34
x-cache: Miss from cloudfront
access-control-allow-origin: https://star.setn.com
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
x-amz-cf-id: v-DIM_DSC4tKIOKl1Odd_RTgthqWuPbDfFx8HjvVuTId-zL5Hw5ugg==

GET
H/1.1 200
OK widget_iframe.644279d1635fd969e87af94a98bd232b.html Show response
platform.twitter.com/widgets/ Frame F92C 320 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fstar.setn.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 905885
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Nov 2022 09:58:54 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
73 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37193510-5&cid=1838979132.1668333535&jid=2102933654&gjid=110078997&_gid=18956011.1668333535&_u=IGhAAAABAAAAAGAAI~&z=2101665548

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 13 Nov 2022 09:58:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://star.setn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 36ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=579792962597423&ev=fb_page_view&dl=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&rl=&if=false&ts=1668333534809&sw=1600&sh=1200&at=

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 13 Nov 2022 09:58:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 TextAD Show response
ad.setn.com/Ads/ 439 B
719 B 535ms
500ms XHR
application/json 18.64.119.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.setn.com/Ads/TextAD?PageGroupID=8&customtagid=13,24,28
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.119.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-119-96.txl50.r.cloudfront.net
Software: /
Resource Hash: dea2ff2105a4352af7208f2c8cf2e6adccfce0f3ca955482e2b7ab45d36c2188

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
via: 1.1 bc66fd12bea603144bf0b6c1578cb3e0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 439
x-amz-cf-id: oJunDJi5bmr5PMlZF4yqFPLJhGsZNz8YQqsBWsLhRQBeFBBCiBkZ8A==

GET
H2 200 ParamHandler.ashx Show response
www.setn.com/Extensions/ 46 B
481 B 536ms
176ms XHR
application/json 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/Extensions/ParamHandler.ashx?k=getnewuserid
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4691d63477ec4c86e69cce0a1d1c067ad1de02e00643134f38cbd7cf45726041

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:46 GMT
via: 1.1 644569daa9f87ded2625dfb4d910ec5e.cloudfront.net (CloudFront)
x-aspnet-version: 4.0.30319
x-amz-cf-pop: BOM78-P6
age: 9
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 46
pragma: no-cache
server: Microsoft-IIS/10.0
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-headers: Content-Type, Accept
x-amz-cf-id: HqrhgZOZ_LSS5RFYYmoxDoLc-BBgNi3RgJXS4OH5qIBAa9NqOj1itA==

GET
H2 200 3838916-XXL.jpg
attach.setn.com/newsimages/2022/09/23/ 30 KB
30 KB 998ms
996ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/newsimages/2022/09/23/3838916-XXL.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f14132b6c9d44f7b8e40d6e0b740b5a765bbdf0b5dcffc32760d035dbdf0d104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Fri, 23 Sep 2022 12:44:34 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
etag: "77e87d847bc7f98a7c25a312875e9c9f"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30544
x-amz-cf-id: O6wakTr1OnpJ4s8XtNTP6_PMIe0B6bCrPQ_G-NUbSMZHeGmrbAgxTg==

GET
H2 200 3837495-XXL.jpg
attach.setn.com/newsimages/2022/09/23/ 24 KB
25 KB 982ms
981ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/newsimages/2022/09/23/3837495-XXL.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34a0c92cbb0fb2ad74eb94341cd7e6087c4992080ab30bceb6affeacfb5218f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Thu, 22 Sep 2022 17:28:12 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
etag: "c6e9f19fff6afcfbf69e9606f4422992"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24831
x-amz-cf-id: nsrkmhYNSWkvxPJNCgCj2VOvJj7qQIMRM2Y1Wf_T7YcGsO4jZErpQg==

GET
H2 200 3916475-M.jpg
attach.setn.com/newsimages/2022/11/12/ 8 KB
8 KB 19ms
17ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/newsimages/2022/11/12/3916475-M.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c619e5d2a2c0091908f0bbd90efdf8cfcfd3383705c18dca8d50454446589d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 14:09:32 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Sat, 12 Nov 2022 13:01:03 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 71363
etag: "47c2e3bba5006ce9233e0393d2acfea1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7788
x-amz-cf-id: sG3b94Qi3Of-wU5rIXP-LgTOu0uZ1bU2dH4QHfbnrDTIRgZSdjTepQ==

GET
H2 200 2183075-M.jpg
attach.setn.com/newsimages/2019/10/14/ 7 KB
8 KB 17ms
16ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/newsimages/2019/10/14/2183075-M.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 062423ece8ef0a046c96ed541fb8d46b0b53ec1dfa8e2b8f19ca50944ea25c75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 00:55:46 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Mon, 14 Oct 2019 02:13:41 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 32589
etag: "a20350a66d191b77bdd25ffceeba499c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7533
x-amz-cf-id: gr02UYUeH6WCmfODP4HiDHmlv-za_lJ3f1JH743XLGHVnLhYcArREw==

GET
H2 200 3916734-M.jpg
attach.setn.com/newsimages/2022/11/13/ 9 KB
9 KB 20ms
19ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/newsimages/2022/11/13/3916734-M.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be3f949e506176f3b945667f012540a75bd591b53ead908bcda0781835f7b022

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 02:10:05 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Sun, 13 Nov 2022 01:23:45 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 28130
etag: "fccc9898a5e6abec4ae9d7878b0ed3ba"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9190
x-amz-cf-id: vg780__jL0zLpK_GoI0_0ARgSl4qC0-EjLIODhK9FvbY1xj9AnE1Mw==

GET
H2 200 3916803-M.jpg
attach.setn.com/newsimages/2022/11/13/ 8 KB
8 KB 21ms
20ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/newsimages/2022/11/13/3916803-M.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4096bcc51c1225f67cb49a8d2a3c07ce81f6fbf735f527893fad713f15faf8dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 03:35:50 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Sun, 13 Nov 2022 02:38:15 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 22985
etag: "38010b4450c11c3432740032ff605de8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7936
x-amz-cf-id: E37D8P6rMgp2bh9qWL_ZuBEWwWNYBitFu6J03MxH_Pdysvv9K8yLxg==

GET
H2 200 3913916-M.jpg
attach.setn.com/newsimages/2022/11/11/ 10 KB
11 KB 23ms
22ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/newsimages/2022/11/11/3913916-M.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc60173098c569a574fdd9c5c790150d95333878f2e1f518c0f750f5d85834e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 04:12:14 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 02:26:25 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 193601
etag: "ec1fa27f5ee5f55240ab1ae6100caeaf"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10394
x-amz-cf-id: vP_pL7ybjDnsaX7BRQckaltB-YfciUpjQa5skk8KAxGIuWE71Q-yHQ==

GET
H2 200 3916705-M.jpg
attach.setn.com/newsimages/2022/11/13/ 7 KB
7 KB 21ms
21ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/newsimages/2022/11/13/3916705-M.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7665ee3bb9b92902883817816f37f8ae075cd0915479d94561599d9b11f2d707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 02:10:05 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Sun, 13 Nov 2022 01:00:06 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 28130
etag: "b3fecda557c32093fbf826d7917433a3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6743
x-amz-cf-id: 0iekV-FGtwVYGjrw-_gg0IRbKdSnrCeqL6Xo4Jh7hnxKmAPDum2-QQ==

GET
H2 200 3915786-M.jpg
attach.setn.com/newsimages/2022/11/12/ 8 KB
8 KB 43ms
42ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/newsimages/2022/11/12/3915786-M.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a49519b0a8becc8e9660230a0e1fc36c2d6996ecd9d31677b17275b1b9f86981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 20:30:26 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Sat, 12 Nov 2022 05:11:23 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 48509
etag: "d8f3196f78bda41d4fa5dfc514816228"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7805
x-amz-cf-id: 71jCEfBhMT754E1icXq3OS_7TRFnShGSrHx1-GwlXkY_Rj9hewl-uw==

GET
H2 200 %E7%AC%AC%E4%BA%8C%E6%B3%A2%E7%9C%8B%E6%96%B0%E8%81%9E%E6%B4%BB%E5%8B%95watermark140x270.png
attach.setn.com/images/ 46 KB
47 KB 31ms
29ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/images/%E7%AC%AC%E4%BA%8C%E6%B3%A2%E7%9C%8B%E6%96%B0%E8%81%9E%E6%B4%BB%E5%8B%95watermark140x270.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c44e756923af119c6bf2c38c4f57b190d5ad3fb8692a3a01d1a353a2d491ab8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Thu, 10 Nov 2022 03:17:47 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 13
etag: "faf39b07f0a353f903600ea3530ffb67"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 47391
x-amz-cf-id: ifVeGUfVgquBPM6_WlsTHNyZTSym_YNFYp1iATf0klmxm3p8gQyDsw==

GET
H2 200 import.ashx Show response
ubas.setn.com/ 0
387 B 870ms
753ms XHR
text/plain 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ubas.setn.com/import.ashx?Username=1&Password=2&Invoice=23740512&EventID=STAR&ClickUser=1838979132.1668333535&ClickID=1181936&ClickPageID=8&ClickDevice=web&ClickPreURL=&ClickSearchKey=&ClickURL=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ClickIP=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&OnlineTime=
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: POST, GET
content-type: text/plain
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: *
content-length: 0

GET
H2 200 19a8920cf5046ce9 Show response
recommend.setn.com/recommend/news/v2/8/1181936/ 198 B
493 B 618ms
560ms XHR
application/json 2600:9000:2251:7e00:6:df3a:c980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommend.setn.com/recommend/news/v2/8/1181936/19a8920cf5046ce9
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7e00:6:df3a:c980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 02ae1c1bb6f0c680d2fcdbafa06bd4d35dcfd1d39609d60e9a31bbcc5d40589e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
server: nginx/1.12.2
x-amz-cf-pop: FRA60-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://star.setn.com
content-length: 198
x-amz-cf-id: AhfmTKiECBVyJtUSIqMvgNOfvzQFqaLHtxkiTtt9ghLGqOMHeJMIpg==

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 74 KB
16 KB 955ms
476ms Script
text/javascript 18.181.126.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4303238
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.181.126.176 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-181-126-176.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 81e673642cdd59c8f0d1db22e6d9972e9fa6fad913c838682e834caaa167775d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 74 KB
16 KB 953ms
475ms Script
text/javascript 18.181.126.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4303239
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.181.126.176 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-181-126-176.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e50a4006b43083477edf914b5314853cec6a152eb134313d8d1942ba661104b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 pics.png
star.setn.com/Content/images/icon/ 865 B
1 KB 8ms
8ms Image
image/png 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://star.setn.com/Content/images/icon/pics.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/Content/css/style.css?20220217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 04794fe635a21ea7666afce51e7d9ea566bd79e9a8d9f5862d3cf440bef1eb34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/Content/css/style.css?20220217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 22:54:47 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jan 2021 19:40:06 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
age: 39846
x-powered-by: ASP.NET
etag: "06ff0bb63e4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache="set-cookie"
accept-ranges: bytes
content-length: 865
x-amz-cf-id: HbmOcXL4w0QKYU7zg_-CBdtUfS0_Gg-OK6aKKMm8mx2-Phg7frDprA==

GET
H2 200 top_header_setn Show response
ad.setn.com/Ads/AdIsShow/SETN/ 43 B
319 B 495ms
495ms XHR
application/json 18.64.119.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.setn.com/Ads/AdIsShow/SETN/top_header_setn?customtagid=13,24,28
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.119.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-119-96.txl50.r.cloudfront.net
Software: /
Resource Hash: 790efbfcb8ef5b26f1eb56e9308b3270e6048e7117af62d4dcf1504be64311bb

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
via: 1.1 bc66fd12bea603144bf0b6c1578cb3e0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 43
x-amz-cf-id: Juon-Wei8HRkfi2z62HbaDe6WRriA2QPIziF7aUn0nPUv0yCEF9urw==

GET
H3 200 like.php Show response
www.facebook.com/v5.0/plugins/ Frame 1737 0
23 B 117ms
106ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=579792962597423&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22cd4c43f11a5%26domain%3Dstar.setn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fstar.setn.com%252Ff939a04450232c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=small&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=3160d71c4564ac2ee26754b66ad3f777

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 13 Nov 2022 09:58:55 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: UmcuUNx6a5QOidQH1pgxQlRabRsYlCnFHWxOe9iDwEDv5IxEWWCy+K+qbANyvTcAMFGXFWV/gZokwUvB8Bq+Bg==
x-xss-protection: 0

GET
H3 200 comments.php
www.facebook.com/v5.0/plugins/ Frame 7DBF 0
0 107ms
106ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/comments.php?app_id=579792962597423&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7aace04de8268%26domain%3Dstar.setn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fstar.setn.com%252Ff939a04450232c%26relation%3Dparent.parent&container_width=888&height=100&href=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&locale=zh_TW&numposts=10&order_by=reverse_time&sdk=joey&version=v5.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=3160d71c4564ac2ee26754b66ad3f777

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 13 Nov 2022 09:58:55 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: QAYa1tSYbmTQXcElUq4Zo0UVo6jfo+MRYaPxzniJSuaEhfsRJVYVliV0Znv2SEWSm7yAXv3o+U58PwPG4OFnvw==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
502 B 69ms
45ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-37193510-5&cid=1838979132.1668333535&jid=2102933654&_u=IGhAAAABAAAAAGAAI~&z=587318193

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
502 B 67ms
44ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-37193510-5&cid=1838979132.1668333535&jid=2102933654&_u=IGhAAAABAAAAAGAAI~&z=587318193

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F92C 913 B
698 B 164ms
125ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=05f1db4649feac3d1ace6d6866981c1c9c136d23

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fstar.setn.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 106
date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sun, 13 Nov 2022 09:58:55 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: a46312ba66a5458f
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 3adf1fe5b9881658d5c173036fdad3ce0c754ad7ba1fbdbf8bdb64e0bb267cf1
content-length: 374

GET
H2 200 213794966 Show response
fundingchoicesmessages.google.com/i/ 110 KB
39 KB 73ms
50ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/213794966?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eee15ed38381795603e305695c1790aad5720f432095c54b7ddd66b416916316

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vK_iWQynEJrvfTvSHFQB4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
content-security-policy: script-src 'report-sample' 'nonce-vK_iWQynEJrvfTvSHFQB4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 TextADTravel Show response
ad.setn.com/ads/ 2 B
278 B 485ms
485ms XHR
application/json 18.64.119.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.setn.com/ads/TextADTravel?device=1&customtagid=13,24,28
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.119.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-119-96.txl50.r.cloudfront.net
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
via: 1.1 bc66fd12bea603144bf0b6c1578cb3e0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 2
x-amz-cf-id: mRpBDcYe_6AIEu3IrR_NMtRe5v0Ha2Az0QXB0HKD04COwNbdmHUtRw==

GET
H2 200 getbigdatanews Show response
star.setn.com/api/datas/ 4 B
375 B 13ms
12ms XHR
application/json 2600:9000:206f:fe00:1d:27df:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://star.setn.com/api/datas/getbigdatanews?{%22newsIDs%22:[1182451,1181961,1182282,1182084,1182307,1182416,1180923,1182231,1181941,1181285,1181390,1181953,1181445,1182103,1182486,1181948]}
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:1d:27df:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:41 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA56-C1
age: 13
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
cache-control: no-cache, no-cache="set-cookie"
content-length: 4
x-amz-cf-id: Kr2kmu4953yettE9uw_G-82sab9ECfytfJ3GWhgjY-eZZn5g6KUm6g==
expires: -1

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ Frame 7BCE 3 KB
2 KB 25ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf1a2b466ff48453cfda266a98033b049ac7a18db810f797c4b209f94e459e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Nov 2022 09:58:55 GMT
content-md5: zrPCBTL9rsaLGCGGyT53bw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-ua-compatible: IE=edge
x-fb-debug: 03jCpSb6oeODzpuQLl1cMYkFee/LTZ8cXX2lSp8fYNVrAScpjRVuN/JlWMWGu57lh2SepwiyDBToWCGMA1He0Q==
x-fb-content-md5: 65c01c15be015c10746f4ff54f5436d7
cross-origin-opener-policy: same-origin-allow-popups
etag: "d3a630090a55e12ff6784ec5a113632a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Sun, 13 Nov 2022 10:11:46 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ Frame 7BCE 4 KB
2 KB 13ms
9ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-107.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding: gzip
Via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 5730542
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=26920000
Connection: keep-alive
X-Amz-Cf-Id: KAgdguzApgMa0I0wMlX80zJ6hwIlyx81_a-qZ2iJ5ph3z7GunqY-kA==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 7BCE 4 KB
2 KB 13ms
9ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 19:01:21 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 53934
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: WBf78Q_vptjim-avUJ9Yt2FenzIpEv2sF9FnBxoiE-ET5laz-60dSA==

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7BCE 79 KB
27 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d6f9a4f21d4766ec09fd436828354def461beed433f4d8fa16e31cde63f5a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27291
x-xss-protection: 0
server: sffe
etag: "1391 / 464 of 1000 / last-modified: 1668207947"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 13 Nov 2022 09:58:55 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 7BCE 49 KB
20 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Nov 2022 09:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2581
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 13 Nov 2022 11:15:54 GMT

GET
H2 200 matomo.js Show response
setana.setn.com/analytics/ Frame 7BCE 61 KB
20 KB 13ms
10ms Script
application/javascript 2600:9000:2315:1200:c:e0d9:2a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setana.setn.com/analytics/matomo.js
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:1200:c:e0d9:2a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 382843b96a3a0f2c2b38c583563caad12733ae44b4b5f1b97abe948fc461596f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:54 GMT
content-encoding: gzip
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
last-modified: Tue, 22 Dec 2020 05:05:51 GMT
server: nginx/1.12.2
x-amz-cf-pop: DUS51-P2
age: 15
etag: W/"5fe17eaf-f21c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache="set-cookie"
x-amz-cf-id: 6aIO6mFpHd0Sm5GLzNngI9UsZd9k3sWdYPMVqeDiNBba3bVf03cfNQ==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 7BCE 159 KB
56 KB 39ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZ3723M

Requested by

Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

564a6115ffed74668c64b239fd6c34397c98895a9161680a7c8b82eaa12efa03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56973
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Nov 2022 09:58:55 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/c4225c42/www-widgetapi.vflset/ Frame 7BCE 161 KB
53 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c64fcbaf5909fcab9ad263ef654d029a486aac70414f6504a0c7d3f04a93fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:16:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53867
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Nov 2023 09:16:39 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ Frame 7BCE 306 KB
86 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=3160d71c4564ac2ee26754b66ad3f777

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dcb79b9a04a8308601c932a08fc133afdf2d4f8ff9a35c6c94ce2750938de8d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://star.setn.com/
Origin: https://star.setn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Nov 2022 09:58:55 GMT
content-md5: XYWD4M1/whVY4+hyEi+12Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88526
x-fb-rlafr: 0
x-ua-compatible: IE=edge
x-fb-debug: oQ8wRHK5qrm7PhiKWZlqEM1v2I3tPRLAQ/R9b9fRaSp0xuP70I2x+5zrFrsfW4dnQdWmQCQxEviUXiotdf9mhg==
x-fb-content-md5: aa06367aafcb4e03074e34435b7db1fb
cross-origin-opener-policy: same-origin-allow-popups
etag: "6770288325badcdc7f7288cba1472917"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 13 Nov 2023 09:51:46 GMT

POST
H2 204 matomo.php
setana.setn.com/analytics/ Frame 7BCE 0
293 B 525ms
523ms Ping
text/plain 2600:9000:2315:1200:c:e0d9:2a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setana.setn.com/analytics/matomo.php?action_name=2022%E6%A1%83%E5%9C%92%E5%9F%8E%E5%B8%82%E9%9B%BB%E7%AB%B6%E5%98%89%E5%B9%B4%E8%8F%AF-%E7%AC%AC%E4%BA%8C%E5%A4%A9&idsite=6&rec=1&r=764366&h=9&m=58&s=55&url=https%3A%2F%2Fstar.setn.com%2Fvod%2Flive%2F22078%3Fpagegroupid%3D8&urlref=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&_id=19a8920cf5046ce9&_idn=0&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&_cvar=%7B%221%22%3A%5B%22ga_id%22%2C%221838979132.1668333535%22%5D%7D&pv_id=wKCA2k&pf_net=0&pf_srv=11&pf_tfr=1
Requested by: Host: setana.setn.com
URL: https://setana.setn.com/analytics/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:1200:c:e0d9:2a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
server: nginx/1.12.2
x-amz-cf-pop: DUS51-P2
x-powered-by: PHP/7.2.34
x-cache: Miss from cloudfront
access-control-allow-origin: https://star.setn.com
access-control-allow-credentials: true
x-amz-cf-id: z5FJ33k7eP9hM5a8Qteq2PD0uJvPzsw4V3HIHU1EYAbSaw8uXOtAIg==

GET atrk.gif
certify.alexametrics.com/ Frame 7BCE 0
0

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame 7BCE 0
48 B 114ms
111ms Image
text/plain 3.131.225.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.131.225.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-225-240.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
server: Server

GET
H2 204 b
sb.scorecardresearch.com/ Frame 7BCE 0
190 B 10ms
8ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=20617561&cs_it=b3&cv=3.8.0.210223&ns__t=1668333535570&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstar.setn.com%2Fvod%2Flive%2F22078%3Fpagegroupid%3D8&c8=2022%E6%A1%83%E5%9C%92%E5%9F%8E%E5%B8%82%E9%9B%BB%E7%AB%B6%E5%98%89%E5%B9%B4%E8%8F%AF-%E7%AC%AC%E4%BA%8C%E5%A4%A9&c9=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 6EJIbx2rjvggmIPSMwu3VnjgAifXXTfeRK7Q9Ast92X3OCOySiDvJg==
x-cache: Miss from cloudfront

GET
H3 200 pubads_impl_2022110801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7BCE 382 KB
129 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 08:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131898
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:38:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Nov 2023 08:14:32 GMT

GET
H3 200 AGSKWxV-J-QS-ePiTpZTHfjCwlrW4BELS63VacuAx-ZvVtHxYqC7d86Tw0bFZE0q4g5ydHq6Ms1mB8owZFwYHmUPAlo= Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 68ms
52ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV-J-QS-ePiTpZTHfjCwlrW4BELS63VacuAx-ZvVtHxYqC7d86Tw0bFZE0q4g5ydHq6Ms1mB8owZFwYHmUPAlo=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY4MzMzNTM1LDYzODAwMDAwMF0sIjY0ODZCRjFFLURCNTQtNDMzMS04Rjc3LTNBQkNDOEMzOUU5MyIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNiIsbnVsbCxbWzgsIlhxMWFDVFA0bVZNIl0sWzksImRlIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Xq1aCTP4mVM.es5.O/d=1/rs=AJlcJMzX0yK8mX64u1sofWEGuPTZhqaf0g/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64d9ea5c8f7241f5442f2c74b061b44a4d74c8fac3a53e8521b52d57f9be03a0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-cXq8tjzdhcdocQyAtDg24Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-cXq8tjzdhcdocQyAtDg24Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
550 B 53ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=star.setn.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 111 KB
18 KB 434ms
434ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2903788659094012&correlator=1050241093944084&eid=31070739&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21685920852%2Csetn_door_120x500_L%2Csetn_door_120x500_R%2Csetn_boom_1200x500_open%2Csetn_boom_1200x150_close&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=120x500%2C120x500%2C1200x500%7C1x1%2C1x1%7C1200x150&ifi=1&adks=3900048914%2C2484978038%2C1079254606%2C221920791&didk=3613156054~3834520468~1579257994~23100632&sfv=1-0-40&cust_params=website%3D8%26pagegroupid%3D8%26Tagid%3D700%252C39205%252C39206%252C521716%252C1556%252C21370%26newsid%3D1181936%26isvideo%3D0%26customtagid%3D13%252C24%252C28&sc=1&cookie_enabled=1&abxe=1&dt=1668333535656&lmt=1668333535&dlt=1668333533733&idt=1721&adxs=65%2C1415%2C200%2C-12245933&adys=0%2C0%2C0%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&frm=20&vis=1&psz=120x500%7C120x500%7C1200x500%7C1200x0&msz=120x-1%7C120x-1%7C1200x0%7C0x0&fws=0%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0&ga_vid=1838979132.1668333535&ga_sid=1668333536&ga_hid=1984167710&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85bb911b612374a910a2dae700bf8507c8bfa7db0d2d3828c6a053de027abde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18626
x-xss-protection: 0
google-lineitem-id: 6152238681,6152238687,-1,6135701728
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138412123749,138412123752,-1,138408441528
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://star.setn.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 58ms
57ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d985f2dd9e4201c2a08a79ca20b0d755278d5fe14a0f83ada46493e749af6ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9569
x-xss-protection: 0
google-lineitem-id: 6108060179
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138404502403
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://star.setn.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 161 KB
19 KB 974ms
973ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2903788659094012&correlator=1050241093944084&eid=31070739&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21685920852%2Csetn_star_page_300x600_1%2Csetn_star_page_side_300x250_1%2Csetn_star_page_side_300x250_2%2Csetn_star_page_side_300x250_3%2Csetn_star_page_side_300x250_4%2Csetn_star_page_end_300x250_1%2Csetn_star_page_end_300x250_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=300x250%7C300x600%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&ifi=6&adks=3671669531%2C3938882674%2C3439317728%2C1476069605%2C1803395951%2C582376881%2C254559633&didk=1087696673~1087696687~1087696672~2744189917~2744189916~3868075479~3868075464&sfv=1-0-40&cust_params=website%3D8%26pagegroupid%3D8%26Tagid%3D700%252C39205%252C39206%252C521716%252C1556%252C21370%26newsid%3D1181936%26isvideo%3D0%26customtagid%3D13%252C24%252C28&sc=1&cookie_enabled=1&abxe=1&dt=1668333535669&lmt=1668333535&dlt=1668333533733&idt=1721&adxs=1100%2C1100%2C1100%2C1100%2C1100%2C306%2C694&adys=5950%2C775%2C1040%2C2548%2C4528%2C4946%2C4946&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2%7C0%7C0%7C3%7C4%7C5%7C6&ucis=6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&frm=20&vis=1&psz=300x0%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250&msz=300x0%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1&fws=0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1838979132.1668333535&ga_sid=1668333536&ga_hid=1984167710&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9051b3f8f11b99260dad8ab0fa02f0f4ae2d7db53fefb5fc76764192f4c82eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19901
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,5385471786,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,138313011977,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://star.setn.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 219ms
218ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2903788659094012&correlator=1050241093944084&eid=31070739&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21685920852%2CsetnE_expand_all&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x90%7C970x250%7C970x400%7C1x1&ifi=13&adks=742162314&didk=2538613249&sfv=1-0-40&cust_params=website%3D8%26pagegroupid%3D8%26Tagid%3D700%252C39205%252C39206%252C521716%252C1556%252C21370%26newsid%3D1181936%26isvideo%3D0%26customtagid%3D13%252C24%252C28&sc=1&cookie_enabled=1&abxe=1&dt=1668333535676&lmt=1668333535&dlt=1668333533733&idt=1721&adxs=200&adys=760&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&frm=20&vis=1&psz=1200x0&msz=1200x0&fws=0&ohw=0&ga_vid=1838979132.1668333535&ga_sid=1668333536&ga_hid=1984167710&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00ca25b6b052861666220275725c4d98e96c34819a2f081761892357f9e24284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10240
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://star.setn.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C41F 6 KB
3 KB 120ms
19ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:55 GMT
expires: Mon, 13 Nov 2023 09:58:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 7BCE 4 B
25 B 110ms
37ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-117496391-1&cid=1838979132.1668333535&jid=293484365&gjid=1784753000&_gid=18956011.1668333535&_u=SCCAiEABFAAAAEAAI~&z=1481109830

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 13 Nov 2022 09:58:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://star.setn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 7BCE 103 KB
27 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Nov 2022 09:58:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: NRa580LeXLEgutXmQNwiudaySH1DXgVx2GQFhCKLOdBFZWYUIK/S1PQRxR0myxtDSMr3RsykFwZF7s8NOZwmwA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7BCE 215 KB
75 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8NJ3QZRCY6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ3723M

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e1ab444bf337a36629ce37b42c8eb707a6009b07e9fbb789f3b3d2288670215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76645
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Nov 2022 09:58:55 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 7BCE 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1328619493&t=pageview&_s=1&dl=https%3A%2F%2Fstar.setn.com%2Fvod%2Flive%2F22078%3Fpagegroupid%3D8&ul=en-us&de=UTF-8&dt=2022%E6%A1%83%E5%9C%92%E5%9F%8E%E5%B8%82%E9%9B%BB%E7%AB%B6%E5%98%89%E5%B9%B4%E8%8F%AF-%E7%AC%AC%E4%BA%8C%E5%A4%A9&sd=24-bit&sr=1600x1200&vp=888x500&je=0&_u=SCCAiEABFAAAAAAAI~&jid=293484365&gjid=1784753000&cid=1838979132.1668333535&tid=UA-117496391-1&_gid=18956011.1668333535&gtm=2wgb90NZ3723M&z=1164114099

Requested by

Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 19:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51367
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 NA9Jlcekyik Show response
www.youtube.com/embed/ Frame C662 69 KB
28 KB 82ms
82ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be19ae37d7a6f4f4c1d1c7f56d9e4cd025012443430f20fd7dd5c6b9fe2d9a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58EF 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssl2fyGshORG5uR_rHK_Nt3WpYVfo1uXkAW98i_wSSEbkRizTpIxE1fbx_kixxC4fSlfEB58xDtfxpT3hGN4SZ8qrB3yKe8IMbEcfYiUgPfA5jk74v2vNMqs2etxWoAGamueJFaJNvNK78FRTJUCt8wItJv97mRYgWgIn3k7diA8OXkDRZiSgDreMPEajUizfxjh-iK9Q5kuI0TimaWR5a_TWZdwbxxLQqc17nAEPUTbUH0W-Wg-rjaGDCBDz1xmvTzS-E_R3R982-vJ5q0xL4s8tzVkDgAgCXUjgJ-Z00M3-nXr-JUc9k_onbnWxsgVbVO7iJrrg_E9-lgJaab199Caw&sai=AMfl-YQCRNHfuTwlAp9ZHbBRIRPYMzWvVJJBrUmFNXNS28Drvp3A7KPKug7zwAgGu_4N6vNFvgSfp4bNRVzDvHsG_re7M1G6QjihE2kyo29HRc9HCFI02Pn3SmW2FSt7HDWS9Vr6&sig=Cg0ArKJSzIuakA8nFOPEEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Nov 2022 09:58:55 GMT

GET
H2 200 tw_starsetn_desktop Show response
player.gliacloud.com/player/ Frame 58EF 130 KB
30 KB 105ms
41ms Script
application/javascript 2606:4700:3038::6815:eb5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/player/tw_starsetn_desktop
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 865a88958ead6a317ef0e0661a8712b65d3276a8d1eb90e8eff40e71865aca22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: Public
date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 13 Nov 2022 04:06:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2fGk%2Ff4E8kDK07KpPt7VdMKdYoNtPbS3jDL1QgQqeHCsiqM6KAltHNVXgpkqAbkZipsLr9MSlAqJOrN7X2XNutzEvLAMHAWIlMX6Ev%2Bcqhvx8i2ZQAmlDFaMLNeESpNr17JqjVNj35vr%2BGeTS0zEdZ1hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: f17cf5591e6398dca8d0508865c0d084
cache-control: public, max-age=900
cf-ray: 7696a6d6ff25dd2f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 13 Nov 2022 10:11:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58EF 154 KB
47 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:55 GMT

GET
H3 200 AGSKWxV5qZIUu08zwhkTx42GDbUWtwCDuVvRKCk3MrJWMgiGFUts92elB63K01cnm5hwEohjTiSvRGzhehGje4IEh7_MUZP-4e11Sp-7ff08-9bLQ5rYxj91znf614OgcD8TNVpJXrWDLg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 91ms
91ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV5qZIUu08zwhkTx42GDbUWtwCDuVvRKCk3MrJWMgiGFUts92elB63K01cnm5hwEohjTiSvRGzhehGje4IEh7_MUZP-4e11Sp-7ff08-9bLQ5rYxj91znf614OgcD8TNVpJXrWDLg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY4MzMzNTM1LDc3OTAwMDAwMF0sIjY0ODZCRjFFLURCNTQtNDMzMS04Rjc3LTNBQkNDOEMzOUU5MyIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNiIsbnVsbCxbWzgsIlhxMWFDVFA0bVZNIl0sWzksImRlIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

406b06c70302d6e49a9840e6ac273d35a2789bed16f6d5cf1f88e3f5266587ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aQRF_wctjimWqezBPCFlOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
content-security-policy: script-src 'report-sample' 'nonce-aQRF_wctjimWqezBPCFlOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ParamHandler.ashx Show response
www.setn.com/Extensions/ Frame 7BCE 46 B
479 B 179ms
179ms XHR
application/json 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setn.com/Extensions/ParamHandler.ashx?k=getnewuserid
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4691d63477ec4c86e69cce0a1d1c067ad1de02e00643134f38cbd7cf45726041

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:46 GMT
via: 1.1 644569daa9f87ded2625dfb4d910ec5e.cloudfront.net (CloudFront)
x-aspnet-version: 4.0.30319
x-amz-cf-pop: BOM78-P6
age: 9
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 46
pragma: no-cache
server: Microsoft-IIS/10.0
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-headers: Content-Type, Accept
x-amz-cf-id: NuzQmUYW27aNlPgyzEkY_mrHYz_9wl-xsqWgmmplQUrIMlsQhHrdig==

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 7BCE 0
346 B 74ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8NJ3QZRCY6&gtm=2oeb90&_p=1328619493&cid=1838979132.1668333535&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668333535&sct=1&seg=0&dl=https%3A%2F%2Fstar.setn.com%2Fvod%2Flive%2F22078%3Fpagegroupid%3D8&dr=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&dt=2022%E6%A1%83%E5%9C%92%E5%9F%8E%E5%B8%82%E9%9B%BB%E7%AB%B6%E5%98%89%E5%B9%B4%E8%8F%AF-%E7%AC%AC%E4%BA%8C%E5%A4%A9&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8NJ3QZRCY6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://star.setn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2685869604962668 Show response
connect.facebook.net/signals/config/ Frame 7BCE 293 KB
84 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2685869604962668?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

329c909d41d7ceb47b6543bc2681f578af80d6e0f659b0addafa8937c54c153e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 13 Nov 2022 09:58:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86208
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: qAfuTrh0qoA4IO/wXy8z3afmcQ1CgaeFN+VfanoHdMb8fUUms+CwQ6uvvUhiHYCPiUyLFq8+WSfuMXfWbeIkTg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 7BCE 42 B
63 B 77ms
44ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-117496391-1&cid=1838979132.1668333535&jid=293484365&_u=SCCAiEABFAAAAEAAI~&z=1251036145

Requested by

Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame 7BCE 42 B
63 B 77ms
46ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-117496391-1&cid=1838979132.1668333535&jid=293484365&_u=SCCAiEABFAAAAEAAI~&z=1251036145

Requested by

Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/c4225c42/ Frame C662 359 KB
49 KB 11ms
7ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 06:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49779
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Nov 2023 06:47:17 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/ Frame C662 309 KB
96 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 06:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98095
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98145
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Nov 2023 06:44:00 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame C662 2 MB
576 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 06:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98097
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589644
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Nov 2023 06:43:58 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/ Frame C662 9 KB
3 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 15:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238788
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Nov 2023 15:39:07 GMT

GET
DATA 200
OK truncated
/ Frame 58EF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c542d1db2a3484621f08d1e051b8208e59c02d027ac89ea8177992212086c97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view Show response
r-log.dable.io/s/star.setn.com/u/00000000.0000000000000/ 54 B
200 B 724ms
239ms Script
text/javascript 52.78.160.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r-log.dable.io/s/star.setn.com/u/00000000.0000000000000/view?url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&lang=en-US&items%5B0%5D%5Bid%5D=1181936&items%5B0%5D%5Bc1%5D=%E5%A8%9B%E6%A8%82&items%5B0%5D%5Blink%5D=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&cid=00000000.0000000000000&gdpr=1&z=18719&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.78.160.161 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-78-160-161.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:56 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK 00000000.0000000000000 Show response
api.dable.io/widgets/id/w7WPZ4l2/users/ Frame 7478 31 KB
7 KB 379ms
378ms Document
text/html 3.34.29.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.34.29.73 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-29-73.ap-northeast-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 0b216ee87a644caf3104f2b7bcdfa4f1c983a2eaca2fc735b70a8d9e9fbe59f8

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 6570
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 13 Nov 2022 09:58:56 GMT
server: istio-envoy
x-envoy-upstream-service-time: 131

GET
H/1.1 200
OK 00000000.0000000000000 Show response
api.dable.io/widgets/id/3706DvXx/users/ Frame 9221 26 KB
6 KB 461ms
461ms Document
text/html 3.34.29.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.34.29.73 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-29-73.ap-northeast-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 0d14b8e10cd57b277f42d921ea10b3cc0f271ebb430ab03e6585751530834576

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 5535
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 13 Nov 2022 09:58:56 GMT
server: istio-envoy
x-envoy-upstream-service-time: 232

GET
H/1.1 200
OK 00000000.0000000000000 Show response
api.dable.io/widgets/id/Ql9VZYX4/users/ Frame E67F 6 KB
3 KB 678ms
315ms Document
text/html 3.34.29.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/Ql9VZYX4/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_Ql9VZYX4_2o2jvAoe&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=860&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.34.29.73 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-29-73.ap-northeast-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 0e63b389b39a6ad92fa2ad6b5a5a29bda0ca175b2e9942ded49973b8cbd35db7

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 2374
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 13 Nov 2022 09:58:56 GMT
server: istio-envoy
x-envoy-upstream-service-time: 68

GET
H/1.1 200
OK 00000000.0000000000000 Show response
api.dable.io/widgets/id/WXpMPyoY/users/ Frame AABD 22 KB
5 KB 803ms
356ms Document
text/html 3.34.29.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.34.29.73 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-29-73.ap-northeast-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 5a9ad4cac06401d8e1ecf2f6b89e8e23eddcf165ae21f01f9157468619dc27e6

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 5008
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 13 Nov 2022 09:58:56 GMT
server: istio-envoy
x-envoy-upstream-service-time: 129

GET
H2

200

match2
act.ds.kakao.com/
Redirect Chain

https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220221113%22,%22u%22:%2200000000.0000000000000%22%7D%7D

0
492 B

711ms
239ms

Image
text/plain

211.249.220.158
DREAMX-AS DREAMLI...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220221113%22,%22u%22:%2200000000.0000000000000%22%7D%7D

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Server

211.249.220.158 , Korea, Republic Of, ASN9457 (DREAMX-AS DREAMLINE CO., KR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location: https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220221113%22,%22u%22:%2200000000.0000000000000%22%7D%7D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
503 B 80ms
18ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK idsync
idsync.admixer.co.kr/ 43 B
884 B 1423ms
282ms Image
image/gif 183.110.238.136
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.admixer.co.kr/idsync?pid=120&uid=00000000.0000000000000
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13-Nov-2022 18:58:57 +0900
Content-Type: image/gif;
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control: private, max-age=0, no-cache, no-store
Connection: close
Content-Length: 43
Expires: Mon, 01 Jan 2000 00:00:00 +0900

GET
H/1.1 204
No Content pixel
cm-exchange.toast.com/ 0
609 B 780ms
249ms Image
text/plain 103.243.202.190
NHN-AS-KR NHN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=00000000.0000000000000&toast_push
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.243.202.190 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:56 GMT
Server: nginx
Connection: close
P3P: CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C662 15 KB
15 KB 27ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 165830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 11:55:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C662 15 KB
15 KB 29ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 473856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 22:21:19 GMT

GET
H3 200 container.html Show response
3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F7F4 6 KB
3 KB 26ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:55 GMT
expires: Mon, 13 Nov 2023 09:58:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
700 B 109ms
7ms Script
text/javascript 2a02:26f0:3500:c::5c7b:6834
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4303238
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6834 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Content-Type: text/javascript
Cache-Control: public, max-age=3600, s-maxage=10800
Connection: keep-alive
Content-Length: 445

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 771ms
678ms Script
text/plain 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4303238&widget_id=48036&auc_id=&callback=_lgy_lift_callback_4303238&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4303238
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 09:58:56 GMT
Via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: q8WC8lNzS4jD-1nz9RrHnrEZUEU317jkrbRdIWe2trmVTwcgkr6aPg==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 736ms
673ms Script
text/plain 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4303239&widget_id=48037&auc_id=&callback=_lgy_lift_callback_4303239&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4303239
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 09:58:56 GMT
Via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: aHtGP_tWvmE3R_xo5S25Tdth8ljI7L6l1zRPgt-54vn0HQRpmJaCrQ==

GET
H3 200 /
www.facebook.com/tr/ Frame 7BCE 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2685869604962668&ev=PageView&dl=https%3A%2F%2Fstar.setn.com%2Fvod%2Flive%2F22078%3Fpagegroupid%3D8&rl=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&if=true&ts=1668333536014&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668333536014.2057579595&it=1668333535829&coo=false&exp=a1&rqm=GET

Requested by

Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 13 Nov 2022 09:58:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
53 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQ3GKRX&l=gliaDataLayer&cb=166833

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/tw_starsetn_desktop

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8160d33da742994ee63e5d165cf3605bc8b8ec15f2054c2e0d8f2aef0f5f2de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53880
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H/1.1

204

partner
sync.search.spotxchange.com/ Frame 58EF
Redirect Chain

https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7
https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7&__user_check__=1&sync_id=c96ab54d-6339-11ed-a6b3-1348667f0506

0
588 B

29ms
28ms

Image
text/plain

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7&__user_check__=1&sync_id=c96ab54d-6339-11ed-a6b3-1348667f0506
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Sun, 13 Nov 2022 09:58:56 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 38
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Sun, 13 Nov 2022 09:58:56 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?source=283156&sync_limit=7&__user_check__=1&sync_id=c96ab54d-6339-11ed-a6b3-1348667f0506
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 141
Connection: keep-alive
Content-Length: 0

GET
H3 200 gliaplayer-dm.js Show response
player.gliacloud.com/p/embed/ 325 KB
99 KB 60ms
35ms Script
application/javascript 2606:4700:3038::6815:eb5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.80
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/tw_starsetn_desktop
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b4d2c289fa7f9dbb281f71737ef39faffe1c21eb39d737052e9eff849452b6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20676
cf-polished: origSize=333189
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: Public
cf-bgj: minify
last-modified: Sun, 13 Nov 2022 04:14:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAwjkHNUVr%2Fb6lxWVF36i4LAgM7X7gcYR8ckUyQJwqPbPPhrRPYon4rSkFqjz2LSs9LdnLGBDCOoGf%2F0aQPsGtsExCoqh2aow%2BSXUdHJU%2B2bR0PRHIT5DH1V1E8j5McfpWnfbzg1qNx8jiid4rYlnLAORA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 408efa415eb792d31896577b683eaada
cache-control: public, max-age=86400
cf-ray: 7696a6d889fa8924-LHR
priority: u=3,i=?0
expires: Mon, 14 Nov 2022 04:14:20 GMT

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ Frame 58EF 43 B
201 B 327ms
279ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=loader.init&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=4665296343090528
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F7F4 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsPC5379wY_2lLPzk7_UPnLuNmAnJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSNAk_Q3Y_SpYNTCo_tEFMbPc5Ye3D7qFn8LW-0T_gUeZDDnL_LT8-ULTPjySouv7aXYeMOzg56LP87VhXIjoCG8CIzR9PQuk10trd8PT1TuQyW_uQkR6u00zxF4vgEQW7D_ewrLJaRi63zKN9Ku_I6zPE23IFhWRWysNeqVYI2gN2d-uIgyEzuQArxTOoIkkK7HDDwU5ffBZtQPnPe_MN4FQIdBDVabGVBqPr9h-KpydPCzVyyKlOgzni3GY7iOh-8b_icQt_vC5hL59_vI4UUmhOSwFhkBnNOry8N6B4PgMelO873Arl_9ExxGfljt-av-YqRyjYxeKgos8GBRAb-3NOX_XbLOg6Mc1YpuODg4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjUyMzU2OTU4OTk4OTU0NRjh4Gs&sigh=I_xSLDd4h5g&uach_m=[UACH]&cid=CAQSPwDq26N9PkXQ4Ou7lhnb5YI6ecgddkzBS27cB3_9UZFsYTSWjZelWiEO1v2OkNQ9ql63VNcUinE0BQ3z3Hw3ShgBIBM
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame F7F4 0
0 44ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kZCTFOfCMMoHWp2DYgICAAAAnHWfca_FmDS2FzadEN-_cGOjrr--q1bp_7o52QASAAA&wp=Y3C_3wALEv0Iu_J8AANdnC_82bYNuC9WZaJ4pg

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 284561
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A64B 144 KB
48 KB 124ms
93ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_3wALEv0Iu_J8AANdnC_82bYNuC9WZaJ4pg&u=%7CTn3fSisJDwBq%2BHsw0rHrtayKFCEZOa0KYHK3C6wLqho%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSH_psvOX1t_f03DoE_bII4RmQ34I_0U2qcD7SqMsJJOPu28-gJP_rTr_yrrnvQNykW56uXR1xiH3XdyalWqjhNBtFDxomuSuKCHQmrM5H-pV-ZpK8igfoXGnaRlKROo3ijJTBf2aus-I8slyOclvkp0-FRPm31_7TtnIqjZ3OrMipUWl4jwW9FIGm09AX_WUjSJY1vXO2ceCidQ20DAW6wgHtvPMWNC-dQrxnUMgm3SefD63xOLCVMM2EMRFbJ9n6sr1DH0tppwIlrsaRtl2asNnhz5d9JJg1TKk0rJPJxY8b4Tu_xnPLDCFAqwMbsfpmy_5CNUwvfAltcvcN-imkCx2sjeUY1utGplJwYpxyt4NCkOE8AaIL5mmWeFA23B80THSG8eFtDq2LE9U_9S_oqcClxNQEaqHjwzcYcupGkcak4QKHobLRCOiQvchcy82CXadPSPamvciMFghZIKr-Jx7rLk_EWpXQB0Xvo6s4fkOeh7Tfy1U3ARXvexcGEJ2rNEWut6tEHLhl8Rb1JA3uxUSUQe__OxBeN8OyD0W-nj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPcL4379wY_2lLPzk7_UPnLuNmAnJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSQAk_Q3Y_SpYNTCo_tEFMbPc5Ye3D7qFn8LW-0T_gUeZDDnL_LT8-ULTPjySouv7aXYeMOzg56LP87VhXIjoCG8CIzR9PQuk10trd8PT1TuQyW_uQkR6u00zxF4vgEQW7D_ewrLJaRi63zKN9Ku_I6zPE23IFhWRWysNeqVYI2gN2d-uIgyEzuQArxTOoIkkK7HDDwU5ffBZtQPnPe_MN4FQIdBDVabGVBqPr9h-KpydPCzVyyKlOgzni3GY7iOh-8b_icQt_vC5hL59_vI4UUmhOSwFhkBnNOry8N6B4PgMelO873Arl_9A5zOGvkOHq8RhaFaeYM3lAhp8s3TijmXmdfwNA5hRCga9ODPPNf9N2L4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0XC-QyS8X6sdejPiX2tFI-DsmHdg%26client%3Dca-pub-2523569589989545%26adurl%3D

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5fd52c862b8e1d4414e19fd079b0fa8fb96e96e219c8b58533e75f631317f6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Cz3QQtdP54n_9EJND-4Gdh1mN4sql7SwY5Jukrc0wTONX3NdqNQXAqrb1agZjmbwpCpqvYPUJSIeN4A-eO9j0Qz5u5b8hWhfKQFLPvHGojDQ0n1QK9Y0r3_se6gVQJfGSJMGbz0Xxh4fKVLtxYm9p66qBvC1lLOY7LrZJllRDQufJ90tvqB9ULdn4lAwj8B2ji0GCqSh-vT0fcUE4CdgxS-VRdJzlBUt9gyu6JeWqN422X89wMgcYV4-_ctTLVaw9V6viQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 78567411
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame F7F4 3 KB
1 KB 45ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame F7F4 18 KB
8 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F7F4 0
0 17ms
16ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4Vz37uCxMdeE6ghQjm1IMxvTIxAnj4Pfx5_QQ4TAuIeBQM9XEml4Sa3_3R2NHsulxtaGWz33RSV86SZuhW8etzxS5UQ
Requested by: Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F7F4 24 KB
7 KB 44ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 22:10:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F7F4 154 KB
47 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 258ms
258ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/setn_star.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:56 GMT
x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Sun, 13 Nov 2022 10:58:56 GMT

GET
H2 200 recommend Show response
tw.popin.cc/popin_discovery/ 119 KB
30 KB 1189ms
657ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&&device=pc&media=star.setn.com&extra=windows&agency=bfm&topn=50&ad=20&r_category=all&country=tw&redirect=true&uid=9d644a1bae4cdd602d41668333536071&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTA3LjAuNTMwNCIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDcuMC41MzA0LjExMCBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9uZXdzLzExODE5MzYiLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiJUU1JTkxJUE4JUU3JThFJTg5JUU4JTk0JUJCJUU1JTg1JUE4JUU4JUFBJUFBJUU0JUJBJTg2JUVGJUJDJTgxJUU4JTk0JUEzJUU1JUFEJTlEJUU1JTlBJUI0JUUzJTgwJThDJUU2JTk5JUI2JUU4JThGJUFGJUU3JUI3JThCJUU4JTgxJTlFJUU2JUExJTg4JUUzJTgwJThEJUU1JUE1JUIzJUU0JUI4JUJCJUU4JUE3JTkyJUU3JUFCJTlGJUU2JTk4JUFGJUU1JUE1JUI5JUVGJUJDJTlBJUU2JThGJUFEJUU5JTk2JThCJUU1JUE0JTlBJUU1JUI5JUI0JUU3JTlDJTlGJUU3JTlCJUI4JTIwJTdDJTIwJUU1JUE4JTlCJUU2JUE4JTgyJUU2JTk4JTlGJUU4JTgxJTlFIiwidXNlcl90ZF91cmwiOiJodHRwczovL3N0YXIuc2V0bi5jb20vbmV3cy8xMTgxOTM2P2Zyb209eSZDbGlja0lQPTE5OC41OS4xOTEuMjQ5IiwidXNlcl90ZF9wbGF0Zm9ybSI6IldpbjMyIiwidXNlcl90ZF9ob3N0Ijoic3Rhci5zZXRuLmNvbSIsInVzZXJfZGV2aWNlIjoicGMiLCJ1c2VyX3RpbWUiOjE2NjgzMzM1MzYwNzEsImZydWl0X2JveF9wb3NpdGlvbiI6IiIsImZydWl0X3N0eWxlIjoiIn0=&alg=ltr&callback=_p6_97bbeac74932
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/setn_star.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 09b01593a09b647524a0971192bbf8a7ad4164c490b286ad1a9bf033da2c3508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.13.5
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 155 KB
43 KB 511ms
511ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/setn_star.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 366a810ba441442ffcbd5433a3c68c35249fbb5f816291bcc9ba476188b33921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:56 GMT
x-amz-version-id: e9lBlVGNjJ.yL4pMGlV1hM4.ne0mvBuM
Content-Encoding: gzip
Last-Modified: Fri, 14 Oct 2022 04:18:47 GMT
Server: nginx
ETag: W/"fd54c7a009bed31b94333816b96717da"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Sun, 13 Nov 2022 10:58:56 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 806ms
260ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoic3Rhci5zZXRuLmNvbSIsInVybCI6Imh0dHBzOi8vc3Rhci5zZXRuLmNvbS9uZXdzLzExODE5MzYiLCJsb2MiOiJodHRwczovL3N0YXIuc2V0bi5jb20vbmV3cy8xMTgxOTM2P2Zyb209eSZDbGlja0lQPTE5OC41OS4xOTEuMjQ5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDcuMC41MzA0LjExMCBTYWZhcmkvNTM3LjM2IiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDcuMC41MzA0In0=&t=1668333536073
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 747ms
261ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InN0YXIuc2V0bi5jb20iLCJ1cmwiOiJodHRwczovL3N0YXIuc2V0bi5jb20vbmV3cy8xMTgxOTM2IiwidWlkIjoiOWQ2NDRhMWJhZTRjZGQ2MDJkNDE2NjgzMzM1MzYwNzEiLCJ0ZF90aXRsZSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2LCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNy4wLjUzMDQiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNy4wLjUzMDQuMTEwIFNhZmFyaS81MzcuMzYifQ==&t=1668333536075
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 247ms
231ms Script
text/plain 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4293422&widget_id=25672&auc_id=&callback=_lgy_lift_callback_4293422&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4293422
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 09:58:56 GMT
Via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: mP2-o6BnOykJthjtaye1_6YVw86OKupRSqlpruBVqdWg99vV5LnLyw==

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:c::5c7b:6834
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6834 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0fe40c5652ce04b1e56ca22a7ab824498d35aaff5e4fa1d06771260a46339c6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: GqMhJUeqm2nlsAjQPEaS4RkVkn9zD3Zz
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Tue, 13 Sep 2022 05:29:25 GMT
ETag: "484902e01849ef7afab23dd06d623c25"
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2442

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 38BE 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0yfzIpEGtXcjpThP37m4g9MMQeEHhr_nST_N1QOk-1f5kCOYw4aA-vxvAKwqsAdirP-S35OVgMeRkUKMchoqrD3VvD1cEOcmntCpZyKSQNOgxiyFjfYZ8I3j7aTWrHW6QcbhL1VzmR3QZm81wJFOFrUJey9KnY8X4We9x9L4FFaIDEKQQMYDFKl993uU55eCwrYnLnMwbN4bAO6u2DpIAkOPJKiV71A5A5_-88AvbVqG8YCiMJNn6CFL0Knaa8T2D62VQUleFfqfHEzzwpv_pnqBBEc5hi0cQ7a1cP-RorFiiHGBmvOfg2TRwb9EP_ADhM9KqNcKTROE&sai=AMfl-YRBgl_m4U5Tth1Ac-v0-91fKOeck5o28BlFDEu28pyeMi9s1fdoKBoJLXtQJPCG4OOG6MWJXHwpujMA6XFmJyJKZIt7X1As6f3VwX5_dHYx6wAWNdyLZqvgcgpjv23ZIlPN&sig=Cg0ArKJSzCAuvQqJut_REAE&uach_m=[UACH]&adurl=

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 38BE 3 KB
1 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 38BE 154 KB
47 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H3 200 975823827725927635
tpc.googlesyndication.com/simgad/ Frame 38BE 77 KB
77 KB 27ms
10ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/975823827725927635

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7ac711772c9ce24a45ee87b6f3a920a6b150dc7c5cbef8b5492d1b7b869d8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 14:00:57 GMT
x-content-type-options: nosniff
age: 71879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78656
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 11:27:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Nov 2023 14:00:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 38BE 0
0 15ms
15ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRD68iHy4UWqvLS2soe7_74BmtDRne7cpIftduLhMsuqIPKA2As2GC2zL1lSm51Ee-o7FkL4Cw2F1TpbUfJzrtn1EVXDA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2818 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5WJBGOrfV5A_pl9i9NK7zycaLvfOPJR8IWfLRCIzcv0N1BNO-TsOKKkOUzSeg5FcW5Lq42YQfxvGic5JDmxSHGCV9IeOxvT72mSkR18xIV2LgHw69flRt-sxGVpencClIKmGO21dFgc2OFkjtaf6Bcbn7NQOO8fx3bml_UUvZeEAGkxoOKEfBwhyAHC1UtHGLK4SQwi-tDRndN-TSyLuleXf_SerWzqs0sDfg6LACFDzOSEeaVMSRGaDL60zIJi6g9G0o5JjuR6qbrsTxcv7Ia3AffPwPtfGLanyGLAZ-7mf5gZ2HUVkREglZG2BIwr8d6DUtCgsfbGw&sai=AMfl-YSj7He0BOO2ZFKZ3vMyRAa1tgaKtEWWk_-KwjU968ayZSY_pKK3TZeS5TBwAFHU59kQpEQRHleXLwxRHN8v4jT3pMjzAKCzO5MfM3Kuxar6R_6Crimet9XyHtXWFjz8QKAJ&sig=Cg0ArKJSzOIPuuAKsXmdEAE&uach_m=[UACH]&adurl=

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 2818 3 KB
1 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2818 154 KB
47 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H3 200 15172095428934607387
tpc.googlesyndication.com/simgad/ Frame 2818 57 KB
57 KB 21ms
14ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15172095428934607387

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b7d7f9015fcb6dd5066c5065a970e8d3d467756475eb193d7e5647f5ea7cdd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:26:04 GMT
x-content-type-options: nosniff
age: 106372
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58743
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 11:29:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Nov 2023 04:26:04 GMT

GET
H3 200 container.html Show response
3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8094 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:55 GMT
expires: Mon, 13 Nov 2023 09:58:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 375F 0
0 47ms
44ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlMrBRNLLyPBoIfDSumH5C3IGbgGBjIWqZIzStROM_0wROJ1EujoRVot8LPvELVGEqjcmKwk5MEUC5giXxDWP25BxKDCmljGu4Ehil8Y38221ju34fZhwvSsIOPlLq82xmHs64f_panh4JrmiLCI7UT9NzXHErY8QBj4JbLBcP7Cti9hzshKJtBogktnsp81GOl9IMba1qDi9LTMMPjp_emdBc6epkMQg3f4Ond1Ja2I0918-x04R7zzdQkCAqCPCYEuZIqji3c5LfO2HgkvpIrPynAAEyBmV9re9QH2sn4F_OMo2JGn-6ilZYPTcLtal9R_xK7wsJkfz5Fxqiww&sai=AMfl-YSF-eq3_S8DOQR3o5S4LSZcBrifiYP5KomlL-3jjlKEuvSPb91qHhBAzK-52b6crTnXu8fgQeyS7A6QnnS106mmB8EyLicm0kt9ukIPFev9gfamhl_n8Hh1GTfFCUr3_Cec&sig=Cg0ArKJSzFpK01bTGmqKEAE&uach_m=[UACH]&adurl=

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 375F 3 KB
1 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 375F 154 KB
47 KB 60ms
57ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H3 200 2265749936298371865
tpc.googlesyndication.com/simgad/ Frame 375F 135 KB
135 KB 14ms
11ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2265749936298371865

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d013d114dbc16f0cba554581c553d999367a739d6a60bf0c3c4a7463eb923da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 16:12:39 GMT
x-content-type-options: nosniff
age: 150377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138563
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 11:36:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Nov 2023 16:12:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 375F 0
0 17ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXRmk7WRPktiHHLta8ISifUwUXSwOsYiuDG8lCb7V0paM8D86kpGl6TCTVzdseOGxd--kkarabcs4N4Bb8SHg3hF9dPQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 38BE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c47bf24d842f42552e6fa09fc5206bb5014680b92b11f57d7d4e2e1fe85df8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2818 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bfc9ee4b4c849581327cffaa3b10a499181933e5cd11fc3eee2696d74d9e23d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame C662 113 B
724 B 37ms
14ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65efdc7a64ca5bcc8cb0369e47a24116557b9c5513e2ce558f7780fd5b092f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C662 29 B
588 B 60ms
15ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:50:09 GMT
x-content-type-options: nosniff
age: 527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Nov 2022 10:05:09 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A64B 2 KB
1 KB 43ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_3wALEv0Iu_J8AANdnC_82bYNuC9WZaJ4pg&u=%7CTn3fSisJDwBq%2BHsw0rHrtayKFCEZOa0KYHK3C6wLqho%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSH_psvOX1t_f03DoE_bII4RmQ34I_0U2qcD7SqMsJJOPu28-gJP_rTr_yrrnvQNykW56uXR1xiH3XdyalWqjhNBtFDxomuSuKCHQmrM5H-pV-ZpK8igfoXGnaRlKROo3ijJTBf2aus-I8slyOclvkp0-FRPm31_7TtnIqjZ3OrMipUWl4jwW9FIGm09AX_WUjSJY1vXO2ceCidQ20DAW6wgHtvPMWNC-dQrxnUMgm3SefD63xOLCVMM2EMRFbJ9n6sr1DH0tppwIlrsaRtl2asNnhz5d9JJg1TKk0rJPJxY8b4Tu_xnPLDCFAqwMbsfpmy_5CNUwvfAltcvcN-imkCx2sjeUY1utGplJwYpxyt4NCkOE8AaIL5mmWeFA23B80THSG8eFtDq2LE9U_9S_oqcClxNQEaqHjwzcYcupGkcak4QKHobLRCOiQvchcy82CXadPSPamvciMFghZIKr-Jx7rLk_EWpXQB0Xvo6s4fkOeh7Tfy1U3ARXvexcGEJ2rNEWut6tEHLhl8Rb1JA3uxUSUQe__OxBeN8OyD0W-nj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPcL4379wY_2lLPzk7_UPnLuNmAnJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSQAk_Q3Y_SpYNTCo_tEFMbPc5Ye3D7qFn8LW-0T_gUeZDDnL_LT8-ULTPjySouv7aXYeMOzg56LP87VhXIjoCG8CIzR9PQuk10trd8PT1TuQyW_uQkR6u00zxF4vgEQW7D_ewrLJaRi63zKN9Ku_I6zPE23IFhWRWysNeqVYI2gN2d-uIgyEzuQArxTOoIkkK7HDDwU5ffBZtQPnPe_MN4FQIdBDVabGVBqPr9h-KpydPCzVyyKlOgzni3GY7iOh-8b_icQt_vC5hL59_vI4UUmhOSwFhkBnNOry8N6B4PgMelO873Arl_9A5zOGvkOHq8RhaFaeYM3lAhp8s3TijmXmdfwNA5hRCga9ODPPNf9N2L4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0XC-QyS8X6sdejPiX2tFI-DsmHdg%26client%3Dca-pub-2523569589989545%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:56 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A64B 2 KB
1 KB 46ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:56 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A64B 308 B
636 B 21ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 08 Nov 2023 09:58:56 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A64B 293 B
621 B 18ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 08 Nov 2023 09:58:56 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame A64B 43 B
348 B 55ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=J_ZjoC2baUd9GNlCru91jJc3IQIItLqUe4E3cq-LUJmjqOWLPaLaDOPrQBS2w9-WeN7GfCvQtTUfJKI_7IRzPpS7zjHYD2x7jlWZpLoEdlBft7FbZwqbb9XoaOa7EU8WVeGr3hRjQIUGp38HUcpQ7iUGOasNHT5nCMgMIiJkThxR8klpDnUeEcdfG5Wd2Uj1vPRudZMDZZ_dFTX0ZxUX8leTNaFW7TIsOnCsL7w8PgMkkmWqap4MlGCSfX1F0KYHN97vS8m3p3rki0G-kWaER5q-zmKaJPnI6USonGmKUVbORTLi1jMZuIE_IDTXIIhdKOSIIy-2g1SGSOQ0XgalSHV-gkQ8cQyiRFLyGys66JA88qn5c7F6yZJGcYpJQxDBOSTw4ZoNzVlZTdtM7wtEQ-JODXgu05D01B1NJWpbEReshFcM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2898945
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame A64B 44 B
755 B 196ms
132ms Image
image/gif 2600:9000:225a:b600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1668333535
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_3wALEv0Iu_J8AANdnC_82bYNuC9WZaJ4pg&u=%7CTn3fSisJDwBq%2BHsw0rHrtayKFCEZOa0KYHK3C6wLqho%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSH_psvOX1t_f03DoE_bII4RmQ34I_0U2qcD7SqMsJJOPu28-gJP_rTr_yrrnvQNykW56uXR1xiH3XdyalWqjhNBtFDxomuSuKCHQmrM5H-pV-ZpK8igfoXGnaRlKROo3ijJTBf2aus-I8slyOclvkp0-FRPm31_7TtnIqjZ3OrMipUWl4jwW9FIGm09AX_WUjSJY1vXO2ceCidQ20DAW6wgHtvPMWNC-dQrxnUMgm3SefD63xOLCVMM2EMRFbJ9n6sr1DH0tppwIlrsaRtl2asNnhz5d9JJg1TKk0rJPJxY8b4Tu_xnPLDCFAqwMbsfpmy_5CNUwvfAltcvcN-imkCx2sjeUY1utGplJwYpxyt4NCkOE8AaIL5mmWeFA23B80THSG8eFtDq2LE9U_9S_oqcClxNQEaqHjwzcYcupGkcak4QKHobLRCOiQvchcy82CXadPSPamvciMFghZIKr-Jx7rLk_EWpXQB0Xvo6s4fkOeh7Tfy1U3ARXvexcGEJ2rNEWut6tEHLhl8Rb1JA3uxUSUQe__OxBeN8OyD0W-nj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPcL4379wY_2lLPzk7_UPnLuNmAnJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSQAk_Q3Y_SpYNTCo_tEFMbPc5Ye3D7qFn8LW-0T_gUeZDDnL_LT8-ULTPjySouv7aXYeMOzg56LP87VhXIjoCG8CIzR9PQuk10trd8PT1TuQyW_uQkR6u00zxF4vgEQW7D_ewrLJaRi63zKN9Ku_I6zPE23IFhWRWysNeqVYI2gN2d-uIgyEzuQArxTOoIkkK7HDDwU5ffBZtQPnPe_MN4FQIdBDVabGVBqPr9h-KpydPCzVyyKlOgzni3GY7iOh-8b_icQt_vC5hL59_vI4UUmhOSwFhkBnNOry8N6B4PgMelO873Arl_9A5zOGvkOHq8RhaFaeYM3lAhp8s3TijmXmdfwNA5hRCga9ODPPNf9N2L4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0XC-QyS8X6sdejPiX2tFI-DsmHdg%26client%3Dca-pub-2523569589989545%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:b600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
via: 1.1 cf058b286fa80390c08073fa68269f12.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: l5pRbIiiRcAjRv8TvFzLISvCIFPxswfz5qXp3jk3pxYHzjo9-qjzQw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 40ms
15ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 13 Nov 2022 09:58:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C662 66 KB
30 KB 38ms
22ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cb81fa74ef83534bd8bd180064d98d45e4c906f26048da854fece3708613b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31012
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame C662 118 KB
36 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 20:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 136311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37223
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Nov 2023 20:07:05 GMT

GET
H3 200 4SYq0xIO-MK2Jr4OcNDxUBrGM44TY0h05pr7aY6Tf6c.js Show response
www.google.com/js/th/ Frame C662 36 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/4SYq0xIO-MK2Jr4OcNDxUBrGM44TY0h05pr7aY6Tf6c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1262ad3120ef8c2b626be0e70d0f1501ac6338e13634874e69afb698e937fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14246
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 17:54:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame C662 26 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 00:03:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8304
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Nov 2023 00:03:17 GMT

GET
DATA 200
OK truncated
/ Frame C662 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jJSnrZfMCOM6ri36PtfGpD9Mr8GMCfzNd864HuUs_nlYKSsxulY3A0B3hAeAMvynXI_9JlkCFw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C662 3 KB
3 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/jJSnrZfMCOM6ri36PtfGpD9Mr8GMCfzNd864HuUs_nlYKSsxulY3A0B3hAeAMvynXI_9JlkCFw=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f61350c8888a7d8365fad31a72f8e316db6237789edad198a258176675f400ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 07:58:01 GMT
x-content-type-options: nosniff
age: 7255
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2671
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 11 Nov 2022 03:51:24 GMT

GET
H2 200 maxresdefault_live.jpg
i.ytimg.com/vi/NA9Jlcekyik/ Frame C662 173 KB
173 KB 54ms
17ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/NA9Jlcekyik/maxresdefault_live.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ab4883f3623d0ce25db88d1901ba4d1983219d862fd67055001e1f0163c1510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 176760
x-xss-protection: 0
server: sffe
etag: "1668064977"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 13 Nov 2022 10:03:56 GMT

GET
DATA 200
OK truncated
/ Frame F7F4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf32c22443eb80f8929595fe7ed9cb4ee17cfadf906b15b1036d152a6600a7dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8094 0
0 48ms
47ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9Qs6379wY7mXNt-O7_UPtvGL-APJntKxXM3x4t2IAcCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJqQJAMbvREFyxPuACAKgDAaoElwJP0GZSmonSe7xdmTpOn8YOT7xSlsNRKvDlq0mjLlls-66v-JC_7R10gplGZdYSs37asdsiEOBn8-FIEGIpmE6l0FuyPBAbWHyVqocHDyohJKD4mGYYSO-b3u1nFTmW7Y9A8Hyegrx918AvsmJ2w6zRTBdt8hmRNk1C8xq9t4pVGCqgkUGjs2lDtxPQJqcHEOO2TUDubkEHbDfIVZDBl8cjG-JvUwqlDJXL1FlyY31EhC9-7fZJCzzdAV6pMccGkIZgmXdvkff7vzYlHk6kQ31M7l1MrndZrTrWjNaw192-qbOGorU49T_xxqIOoiAqjeWSSjchQWpBrJaXQ1YlQCKpXwLhxjOtbgHV3QC76s6XH55T0OLAhLHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03NDE1ODMxNDI4MjAyMTc0GOHgaw&sigh=L1fc0irn9hg&uach_m=[UACH]&cid=CAQSPgDq26N9q5up_dr9_7gfMKwg0-rAvcFnWWNrnM_EFW07cDFnS0yM9Afi6QABJ3Fx4QiIS2_rwKLtjM9brRE4GAEgEw
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 8094 0
0 14ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFLr5RLAJ9AOdg2ICAgAAANOjIdpU4-hxBKukA7vod08Q379wY3uKs65kqUoQ--_SABIAAA&wp=Y3C_3wANi7kIu8dfAAL4tp4nJcDNc3UtvF9BcQ

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 397791
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6A1D 142 KB
48 KB 111ms
111ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_3wANi7kIu8dfAAL4tp4nJcDNc3UtvF9BcQ&u=%7CTn3fSisJDwCgMobSJEhC1YiURZlscio06rWewsgSAa8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXE5ihGz2e14vxT7vyE9DxfvV041Kl1BgSlZlIuarGosYIYW21-6acrA3X3NgCl_seaNEDiB_bNdg-lCiGt49Dm-DalYdWzpYMSkoP-6IS_k2F72tz4f5q2aXsN9ES_2Qf-BpSFIOp02gvQ-6y34WAnWRTPOxLba3RKkqi5pbuEaXnVE9vQoQfi6xXtVe_la5-J8e19WjGtf9lFVDhybnnMFglM6RKuUTdD53nwOgq7Mjfp6eUQvEx17twnOqMRtn4PRXi5I53IG5XoR8mwEbhV-eQm27TqrZ6LiK1gFMP5zfUoJumiy6HmDocRClnseGUk770nvzVc1794qckVxV3hJ9-0Th244EWaz7m74U7NRui5vxt13xaEFSnjxcFZkwwPd2w56yEoDseRpWEVhy9Nh4HIB4w52QDlubRclO-y61YmC855VvMssRveutFmqODb0d2AEEJRMzB_YBXihofA-vxSmQxPrBzDsZMHPCmK07D0G0__DdOczxSXBGerfdXiQHqTWeX6IzZfZoAujr0pMfncrlVYOCCJjvzw90dnl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_qux379wY7mXNt-O7_UPtvGL-APJntKxXM3x4t2IAcCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJqQJAMbvREFyxPuACAKgDAaoEmgJP0GZSmonSe7xdmTpOn8YOT7xSlsNRKvDlq0mjLlls-66v-JC_7R10gplGZdYSs37asdsiEOBn8-FIEGIpmE6l0FuyPBAbWHyVqocHDyohJKD4mGYYSO-b3u1nFTmW7Y9A8Hyegrx918AvsmJ2w6zRTBdt8hmRNk1C8xq9t4pVGCqgkUGjs2lDtxPQJqcHEOO2TUDubkEHbDfIVZDBl8cjG-JvUwqlDJXL1FlyY31EhC9-7fZJCzzdAV6pMccGkIZgmXdvkff7vzYlHk6kQ31M7l1MrndZrTrWjNaw192-qbOGorU49T_xxqIOoiAqjeWSCDUA0-3OMIUo30KGkB8Ppwv1zIWnQBlXaciGTDwoAbJLVUhElw7JptfgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JGH4XaY4kLT-NNYp6iX6rke64HA%26client%3Dca-pub-7415831428202174%26adurl%3D

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2679a5543d689ad417b6658cf46ad70d940762842a90435d3543ebe79c7c1a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2Vc_8ddP54n_9EJNiJjrqv8LJALAG10JM2KA2SFwmGefvOW8yLGFKSbyfVBw0gnTZr6W-OUaEyXxFFiFEUbQtyKfnw8FgpR-PmWTlVf0Z28JnP6iJlXOwyPA-j4x6koNkUJNL85VKlk5xsPFbdKOs_OVUcKp-2dNFFX_hMG8kJuSrjIVMQar4pY6v8kEaOFA-ncofOsPRTUPzCHENe3elxylGOIilszX-ZRQrlxJHXYqBCiIk8sUfriZ0K8VJi0U5loG1g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 92229852
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 8094 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 8094 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8094 24 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 22:10:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8094 154 KB
47 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame 7478 830 B
852 B 8ms
7ms Stylesheet
text/css 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: df4cd6f3b2e248d442621dc6ce284302b126f9af816cab8b60281725200d5190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: sqefXKKZut4R2qR5lqBr0nSjDUJXu83C
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Sun, 10 Apr 2022 22:35:09 GMT
Server: nginx/1.20.0
x-amz-request-id: CCXNZ11WX9DCSFGM
ETag: "9b3834ee614ba231efec8c8aafe8b092"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: oFuXg95UkfHMxmZr+yiqXue+HL0oEHYohBmaIHy+mLmj7fUV5NaqDBG2I8bPV/qJDWfW7MCqhtk=

GET
H/1.1 200
OK widget.min.css
static.dable.io/dist/ Frame 7478 73 KB
10 KB 17ms
7ms Stylesheet
text/css 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.css?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3b6a9f90ec8304834f717de38bd2d8721a7b602d9557ee81593a8059ee39698e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: vhEKAQMtMwHCbv1zntOLld7ykyHm2Ieo
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Wed, 23 Jun 2021 08:27:13 GMT
Server: Apache
x-amz-request-id: H3GSJ3XSS7B7MSGG
ETag: "b21f082c8bf7c670dc2314e542e4dcd4"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10090
x-amz-id-2: CV49zchxyfrJ7A0uDlnesP8HJgUzPO5F5jg+mvemxg6m3fTF41RU5lMczudu2y1+N0FssM5UFFQ=

GET
H/1.1 200
OK 16by10
images.dable.io/ad/thumbnails/legacy-resize/221011031349112/3x/ Frame 7478 27 KB
28 KB 68ms
7ms Image
image/jpg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/ad/thumbnails/legacy-resize/221011031349112/3x/16by10
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 0f78fe76350f763d3ba780e0e1bd25414ed8d55276a5c419c22d10ba750dac7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Jx_EYJ3YwZMJnGH2toD9Pv6N_vefafkk
Date: Sun, 13 Nov 2022 09:58:56 GMT
x-amz-request-id: VXKMG0B56TCM4NG0
Connection: keep-alive
Content-Length: 27579
x-amz-id-2: uWh+A5Yw74bfdIohLOaCiLv+tT5eQPBtZze46YbB4o7ktdOvxq1df4/IdQODoT9tuR8WjyxV9SU=
Last-Modified: Tue, 11 Oct 2022 03:16:20 GMT
Server: nginx/1.20.0
ETag: "9bd8a2e9b6950f80e44abe681202a7b1"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK c1a2bdf028e3f82c35e1ea18cc2b4504bf828.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/74d/ Frame 7478 19 KB
19 KB 68ms
8ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/74d/c1a2bdf028e3f82c35e1ea18cc2b4504bf828.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 2203ed6fcf532e8035b03fb2bd0f913eac59636dd1fcd3495829b7d9653a4286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: EOS33tqfVsgDilVkq1_AVLz9gOxvKvR0
Date: Sun, 13 Nov 2022 09:58:56 GMT
x-amz-request-id: 7P9VWXAWQZJ39W6V
Connection: keep-alive
Content-Length: 18987
x-amz-id-2: 5KvOwLakRwThohJsQj4peTaBRTejTq+TggcYrkJRxpfzx+DOnzLohWvjbYZjKjrGSamFGmvFHCM=
Last-Modified: Sun, 13 Nov 2022 06:49:09 GMT
Server: nginx/1.20.0
ETag: "23be7e9602d0720bc47c6f3836271c41"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 16by10
images.dable.io/ad/thumbnails/legacy-resize/221011031016302/3x/ Frame 7478 18 KB
19 KB 69ms
8ms Image
image/jpg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/ad/thumbnails/legacy-resize/221011031016302/3x/16by10
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 2fb2848b49479ff8bfab46cbdfdd0b8d929c295fa5ad20270a668a133d3f27a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: TdCPAo8DErDSrwf3orS2QXSQ1G8GARnv
Date: Sun, 13 Nov 2022 09:58:56 GMT
x-amz-request-id: PMKYF81P0RB21QMN
Connection: keep-alive
Content-Length: 18776
x-amz-id-2: RHrIvcq4u3cEkPpEZog/j0NwnW7NFHzO7ubNXkFoEhBwoN2CDqf1VPeEBSVnL3yR0o3wiGA5Tq0=
Last-Modified: Tue, 11 Oct 2022 03:16:21 GMT
Server: nginx/1.20.0
ETag: "5eb951ff63ef8c128b6588dc624624e0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 8d4674b8b23d5b43de42e6b7bc3648549ef90.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/a6d/ Frame 7478 39 KB
39 KB 68ms
7ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/a6d/8d4674b8b23d5b43de42e6b7bc3648549ef90.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 9bb7d289ee069435c87b7952e8e218726d934e5d2d2fd55b66ad5a317c87dfb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: _rUyfEUWjbysTGjrA4M1QXj6TbEglEzX
Date: Sun, 13 Nov 2022 09:58:56 GMT
x-amz-request-id: AGRGKMF5KSGJT1BC
Connection: keep-alive
Content-Length: 39682
x-amz-id-2: qHF31Bsmr02q9kgohPh5xhXJZ8pFI82jpAENw0FjxD9RKdZZNro5clzJp7vEhPKyPUZh3Ed1kDs=
Last-Modified: Sun, 13 Nov 2022 01:37:47 GMT
Server: nginx/1.20.0
ETag: "32acfa95e3f24d6796edba0ae490ee4f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 18f7d30b56b84e589b59bc26b001fbb5abb56.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/59c/ Frame 7478 21 KB
22 KB 75ms
15ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/59c/18f7d30b56b84e589b59bc26b001fbb5abb56.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 87755f241d10ae4ef67d080f39e282796b5cc86a9685396e66975977ea695cec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: yShmpsD7uodKsuS7YPaaBd4HeBsuv4qL
Date: Sun, 13 Nov 2022 09:58:56 GMT
x-amz-request-id: D96RVRKE3MEAA152
Connection: keep-alive
Content-Length: 21841
x-amz-id-2: 6wqF4f4tPf5/taaC2KbNuU+KRojHNER583GtI1OaD9EP7owtKokXLRF/57zurR3PT4rYtCZ7N4I=
Last-Modified: Sun, 13 Nov 2022 07:13:15 GMT
Server: nginx/1.20.0
ETag: "acc2e93d9b0eff8244ec216b03871775"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK f6f6f6.png
static.dable.io/static/i/ Frame 7478 83 B
611 B 12ms
11ms Image
image/png 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dable.io/static/i/f6f6f6.png
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 448BD5D7E9F8B243
ETag: "c684e92ff40cdf977c18be6a031e6e54"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96
x-amz-id-2: UflmDDoCoj5+6HP9Nzvdn7T7+jkvam8rZmOI0/rJ6bgdNGN4QRZR6EdzVPF+L1YB6r9V9QrLNCU=

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 7478 95 KB
33 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 09:44:12 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame 7478 55 KB
18 KB 12ms
10ms Script
application/javascript 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 701dd48c67a7d58eb2fb2751ee7d3e72e35b2b4a0600dc7eebaf4e413e2439fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 8arvkVhdyuo1uPGOTQJEaJtxuMPBQXZ_
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Sun, 16 Oct 2022 23:21:52 GMT
Server: nginx/1.20.0
x-amz-request-id: BMK2EW8SR0T5QT9S
ETag: "621af62e834f0cbb9166ab5b9e710b9f"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17608
x-amz-id-2: YjIm4bDSL8rrUmJ9Vtp0RhJCYrK2vZfZu6DmU63jByeowununrMM9qpriGqbAUH/b4fVoy+dvZQ=

GET
H3 200 gliaplayer-dm.css
player.gliacloud.com/p/embed/ 25 KB
5 KB 28ms
27ms Stylesheet
text/css 2606:4700:3038::6815:eb5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.css?v=0.3.80
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db2bf97ae5e4b1ad85644f41bc9e515b6b742bd413b8dccc1291050026225b8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20674
cf-polished: origSize=25853
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: Public
cf-bgj: minify
last-modified: Sun, 13 Nov 2022 04:14:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6sTWY3leHESMwiZv3pqAYYUYf%2B6J%2BjvZsb0mgxCRR1NXaryAosiLOeXX1ywneh0BIwQpIc5aXfLL%2BbbpPz22qCpEg2gfC27p2pb4No0Nzs0OrYu89NDNFGrTJoVwdYM2IKwtukb%2ByZnhc0NLHASjnVu%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-cloud-trace-context: 8a456e8c1c89fe4b59f934369d8fe505
cache-control: public, max-age=86400
cf-ray: 7696a6da8c5e8924-LHR
priority: u=0,i=?0
expires: Mon, 14 Nov 2022 04:14:22 GMT

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 287ms
270ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=player.init&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=3671073435968559.5
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 star.setn.com.my%7CDailyMotion Show response
player.gliacloud.com/article/ 5 KB
2 KB 61ms
37ms Fetch
application/json 2606:4700:3038::6815:eb5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/article/star.setn.com.my%7CDailyMotion
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6417540f542003ef58a3e2d90ca762c9e4a7e403b75d6e5cb2f6e1643d857048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: Public
last-modified: Sun, 13 Nov 2022 09:42:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sB5rFGzokrZ1mAzZBeZm576ddFMLUzH3zQM6%2B9eKELzxam%2FFEi5FO9yeq3mSV%2FkmOG6GEtj%2BhDgUx91G0PSggoxmfXdLQxgLZywmeDmrl0aHhSfl%2FlOno%2FXk9PPSi4zRD1dadur4Bs5eCq7FmPo5ME9gaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: bb767c1f3f6d00751586aba61e9c29a6
cache-control: public, max-age=900
cf-ray: 7696a6dabf6c769e-LHR
priority: u=1,i=?0
expires: Sun, 13 Nov 2022 10:01:47 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A64B 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A64B 7 KB
7 KB 108ms
16ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=256&s=Ztz4HcK_1CUe8izFWU-TMUXT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29706282
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7142
expires: Mon, 23 Oct 2023 05:43:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A64B 2 KB
2 KB 119ms
28ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=479176
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1584
expires: Fri, 18 Nov 2022 23:05:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A64B 2 KB
2 KB 107ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoExyte-Management-GmbH-213960DE.gif%3Feb%3D1&v=3&w=400&s=wc_qkiw2xZropug7jkn2H9uR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

23dcf4c89871124e658e9ceb0069b07ea56ac09cfb416f898846c9f561546b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2030
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A64B 1 KB
2 KB 120ms
28ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FW%2FlogoWieland_Electric_GmbH_30129DE.gif%3Feb%3D1&v=3&w=400&s=innJkep_3Xxbis3N2czGkYtb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8c0a44794ae15b9d01f889c0284fe6adae0d3252a95d67b5216d787bb503cc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=425762
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1402
expires: Fri, 18 Nov 2022 08:14:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A64B 617 B
874 B 120ms
28ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoManz-AG-93428DE-2104150957.gif%3Feb%3D1&v=3&w=400&s=GEIkwWlh5WK0RZ-M1EKwWhRU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1b130abb9f803a330d2995975d403ed0b6ec0bce34f4028bf4ba61c1ca269a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 617
expires: Sun, 13 Nov 2022 09:58:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A64B 0
128 B 53ms
15ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Cz3QQtdP54n_9EJND-4Gdh1mN4sql7SwY5Jukrc0wTONX3NdqNQXAqrb1agZjmbwpCpqvYPUJSIeN4A-eO9j0Qz5u5b8hWhfKQFLPvHGojDQ0n1QK9Y0r3_se6gVQJfGSJMGbz0Xxh4fKVLtxYm9p66qBvC1lLOY7LrZJllRDQufJ90tvqB9ULdn4lAwj8B2ji0GCqSh-vT0fcUE4CdgxS-VRdJzlBUt9gyu6JeWqN422X89wMgcYV4-_ctTLVaw9V6viQ&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A64B 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:56 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A64B 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 375F 0
0 68ms
46ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfLXYbdalvA14ystfowOkD1km4SXd6v7AHjWE8hlx9YuVjQgCFWFxMxM4sON_FWwBrjfB32x3NQ6r3v7GGoB9lADaFnUfJE9PbNrBTpd4KgqsXgu3jN4jzzk7rRZhI7RENeJgV5wVlOWHYnfwl-mFAVYPUeYHaz27_w19ClsaMRqZ41D_-SNRLOhBcGjpYJVPoXRWmRR6r1_H-PkLhgVLqVZu3iWXTBFHQPcGqUdGBCfpw2MJc3goBeLJf9-NzxpDDfzjJU5GroFr-KZdayZyaPvzlu4VdYDlQBAUWp_dNjsI9YK1W7prwAX7W__6hVRGmbzJaQeOfBmpLZP49EkWa&sai=AMfl-YRj1H8bgbc5MV0888FwYSl6_RPd4IdrPYk78u9BokKR0JNvTLdf_ffLWRsrNV5gVAHY7kENODcu754xSoXrProGVh5z6IuBi-CK33W-38uXiqX-TkbONT_UJXxjmK3SOoYN&sig=Cg0ArKJSzCHYui2l5OqSEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame 9221 830 B
852 B 9ms
8ms Stylesheet
text/css 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: df4cd6f3b2e248d442621dc6ce284302b126f9af816cab8b60281725200d5190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: sqefXKKZut4R2qR5lqBr0nSjDUJXu83C
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Sun, 10 Apr 2022 22:35:09 GMT
Server: nginx/1.20.0
x-amz-request-id: CCXNZ11WX9DCSFGM
ETag: "9b3834ee614ba231efec8c8aafe8b092"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: oFuXg95UkfHMxmZr+yiqXue+HL0oEHYohBmaIHy+mLmj7fUV5NaqDBG2I8bPV/qJDWfW7MCqhtk=

GET
H/1.1 200
OK widget.v2.min.css
static.dable.io/dist/ Frame 9221 13 KB
4 KB 10ms
9ms Stylesheet
text/css 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.v2.min.css?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d86c8d510fc7334badac90c7e5413bac08c068cb403e85f49e299c13895fe113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Unused62: 8096267
x-amz-version-id: i1vBFAb888FUxvTqQ.wEtcmM5r9D8F30
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Wed, 23 Jun 2021 08:27:13 GMT
Server: Apache
x-amz-request-id: H3GPB0KH3X70A3NC
ETag: "229cc68f6258d0aa0bef6b143d748991"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3373
x-amz-id-2: DVlYRSu7cXPH2d7rAIquNBLLLChGnH4a06ClpLZanXkHTaNJjMyCcmlHv1VwyzpvfV36Vbc6r2o=

GET
H/1.1 200
OK 16by10
images.dable.io/ad/thumbnails/legacy-resize/221011031349112/3x/ Frame 9221 27 KB
28 KB 9ms
8ms Image
image/jpg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/ad/thumbnails/legacy-resize/221011031349112/3x/16by10
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 0f78fe76350f763d3ba780e0e1bd25414ed8d55276a5c419c22d10ba750dac7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Jx_EYJ3YwZMJnGH2toD9Pv6N_vefafkk
Date: Sun, 13 Nov 2022 09:58:56 GMT
x-amz-request-id: VXKMG0B56TCM4NG0
Connection: keep-alive
Content-Length: 27579
x-amz-id-2: uWh+A5Yw74bfdIohLOaCiLv+tT5eQPBtZze46YbB4o7ktdOvxq1df4/IdQODoT9tuR8WjyxV9SU=
Last-Modified: Tue, 11 Oct 2022 03:16:20 GMT
Server: nginx/1.20.0
ETag: "9bd8a2e9b6950f80e44abe681202a7b1"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 16by10
images.dable.io/ad/thumbnails/legacy-resize/221011034659262/3x/ Frame 9221 33 KB
34 KB 10ms
9ms Image
image/jpg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/ad/thumbnails/legacy-resize/221011034659262/3x/16by10
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 7c74ff68c718ab5620c7ddf97bbed63e90938647ea09ccebba43a3e97f22a18c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: v48AAkwy9jr0tntBohBhgHL7QUXR2X1_
Date: Sun, 13 Nov 2022 09:58:56 GMT
x-amz-request-id: A8RGPC1CXDNQPAVS
Connection: keep-alive
Content-Length: 33823
x-amz-id-2: cGi3P8ySz5tj2SOMaT7AV0HACl6ZIPp6MP5i5MECIOMXliQql41z4b+r/6TeU84utPtvTmhpfwE=
Last-Modified: Tue, 11 Oct 2022 03:56:19 GMT
Server: nginx/1.20.0
ETag: "a0369b16bc566e65301f624156191922"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 90e32c0b6c1b4e2c42346d3667dc6d029019f.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/58e/ Frame 9221 32 KB
32 KB 10ms
9ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/58e/90e32c0b6c1b4e2c42346d3667dc6d029019f.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 01fdceb9c31d9dc6f0f54c522f78cd14793dc6d5c25dfc9012bd5277180b7833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Vztn5P6nSCG4l_PfE7usCt15ossSh0q6
Date: Sun, 13 Nov 2022 09:58:56 GMT
x-amz-request-id: PYXA6VTRTK926DD8
Connection: keep-alive
Content-Length: 32557
x-amz-id-2: 9ltH3QERft0p5wiZF0YyB1zB2YBcKxNUS3iWzB7uGBeJSER1doqtc8fxiHn/IcYinyCrVfcxgH0=
Last-Modified: Sat, 12 Nov 2022 13:45:50 GMT
Server: nginx/1.20.0
ETag: "1e67429670c7d78b250754ab1e66a739"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK f6f6f6.png
static.dable.io/static/i/ Frame 9221 83 B
611 B 11ms
10ms Image
image/png 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dable.io/static/i/f6f6f6.png
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 448BD5D7E9F8B243
ETag: "c684e92ff40cdf977c18be6a031e6e54"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96
x-amz-id-2: UflmDDoCoj5+6HP9Nzvdn7T7+jkvam8rZmOI0/rJ6bgdNGN4QRZR6EdzVPF+L1YB6r9V9QrLNCU=

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 9221 95 KB
33 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 09:44:12 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame 9221 55 KB
18 KB 10ms
8ms Script
application/javascript 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 701dd48c67a7d58eb2fb2751ee7d3e72e35b2b4a0600dc7eebaf4e413e2439fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 8arvkVhdyuo1uPGOTQJEaJtxuMPBQXZ_
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Sun, 16 Oct 2022 23:21:52 GMT
Server: nginx/1.20.0
x-amz-request-id: BMK2EW8SR0T5QT9S
ETag: "621af62e834f0cbb9166ab5b9e710b9f"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17608
x-amz-id-2: YjIm4bDSL8rrUmJ9Vtp0RhJCYrK2vZfZu6DmU63jByeowununrMM9qpriGqbAUH/b4fVoy+dvZQ=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 38BE 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRn48DHg3U9qkCirF6vB5Gn-S9IH04iqAgXVsRxf2h1zjpRFUy_zyly4JDReSr7xKMkmNWCrlPX0VN5IG99mmXfgrOfBGRCizm_6DRXNcEWiUpxsLz-dHspIgc-0RYW8u-3URSObQVYn2gvsZNTV7K_A7RYIQkI0iUfObRX9O0e16SBjIDeGoE9jf_42QGmffGXMGkySDupzj_6IRpZ3JTcK1yy76IaKjL9CJ5JOsOm2G6aovQ16GCSZ1b--IWm5HZvtiQ2OKRRdv_okWHyvoZ5tc048eaDA9j_E5dd1D7dQfW6tYJdz55fgvLXhkQZRV_4gI7CXGy5xclDQ&sai=AMfl-YThCs9xmFx34YisTYtDBZ90dAqP_eSalxXnNwDEJzdyvGZYv2JD3SOijCqCO0ZhDSlhXDrhputDR14Lx4yLORt-Keac6NLb7wNGvIa_G8U-f8MMlEGBztnN5z_CqZjVUo0t&sig=Cg0ArKJSzMfkU7Q2hWxlEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2818 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv74aSirn-raTR7ESRxL4dLRvHiTwwqvc_sRBhgyCN8cVYhNHLBMXWM-P9PvP1vLhlpkSY46IdBlRcY8qK8yJEQMsJTY1388lMjyZK1bsVPRMp9tLTEP9-vidOkwN-lUD2Y06xaGWE7sQlQE0crsbq4XIuwViHQLPgO69QOnYaRgOA5sdwTkTFmO9pxz2zBdzHmo9UVOol0ksQRISAzd7L5iHy-2EEhz6MaGftk4qXBYobG8YCqWInr9G4ZfCs5HQzFDDSaH0fkErHacKGVw-UxoyEcfXuVXufbJ-p3yFZ2-04NNdhn0mprdgTnUh8CIgXSblorpspoBKFa0A&sai=AMfl-YSaI6w_JXyfiLBngK3Ep0p5IssQtedlHfH-KTkwld9_NMERChjYhT4xRXiV5Exjln6XNPiHuLfcDYvR-XEHhn6218Mxin28qEIzjWzUj_de7blvcpiVZH1ACBYI2al855vW&sig=Cg0ArKJSzE9qZXA0q8DtEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
562 B 32ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.css?v=0.3.80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63e55165cb26efa3df20628f8c2dfc0b13e7d7e7629761fe9f43b34d5498ea46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 08:24:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H3 200 css
fonts.googleapis.com/ 117 KB
33 KB 34ms
19ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap&subset=chinese-traditional

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.css?v=0.3.80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c9f7cf605fe9b7997cd43da48328bdfc7166b1d3cc48a69fdc120ca09440ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 09:51:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H3 200 css
fonts.googleapis.com/ 4 KB
636 B 32ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.css?v=0.3.80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 09:23:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H3 200 icon
fonts.googleapis.com/ 569 B
367 B 33ms
18ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.css?v=0.3.80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 09:58:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 09:58:56 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C662 90 B
134 B 20ms
19ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f6c02abdfc91241a2d141f9ea82c1266a94e382ae3fa942805867f66c8720db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
16ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 13 Nov 2022 09:58:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6A1D 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_3wANi7kIu8dfAAL4tp4nJcDNc3UtvF9BcQ&u=%7CTn3fSisJDwCgMobSJEhC1YiURZlscio06rWewsgSAa8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXE5ihGz2e14vxT7vyE9DxfvV041Kl1BgSlZlIuarGosYIYW21-6acrA3X3NgCl_seaNEDiB_bNdg-lCiGt49Dm-DalYdWzpYMSkoP-6IS_k2F72tz4f5q2aXsN9ES_2Qf-BpSFIOp02gvQ-6y34WAnWRTPOxLba3RKkqi5pbuEaXnVE9vQoQfi6xXtVe_la5-J8e19WjGtf9lFVDhybnnMFglM6RKuUTdD53nwOgq7Mjfp6eUQvEx17twnOqMRtn4PRXi5I53IG5XoR8mwEbhV-eQm27TqrZ6LiK1gFMP5zfUoJumiy6HmDocRClnseGUk770nvzVc1794qckVxV3hJ9-0Th244EWaz7m74U7NRui5vxt13xaEFSnjxcFZkwwPd2w56yEoDseRpWEVhy9Nh4HIB4w52QDlubRclO-y61YmC855VvMssRveutFmqODb0d2AEEJRMzB_YBXihofA-vxSmQxPrBzDsZMHPCmK07D0G0__DdOczxSXBGerfdXiQHqTWeX6IzZfZoAujr0pMfncrlVYOCCJjvzw90dnl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_qux379wY7mXNt-O7_UPtvGL-APJntKxXM3x4t2IAcCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJqQJAMbvREFyxPuACAKgDAaoEmgJP0GZSmonSe7xdmTpOn8YOT7xSlsNRKvDlq0mjLlls-66v-JC_7R10gplGZdYSs37asdsiEOBn8-FIEGIpmE6l0FuyPBAbWHyVqocHDyohJKD4mGYYSO-b3u1nFTmW7Y9A8Hyegrx918AvsmJ2w6zRTBdt8hmRNk1C8xq9t4pVGCqgkUGjs2lDtxPQJqcHEOO2TUDubkEHbDfIVZDBl8cjG-JvUwqlDJXL1FlyY31EhC9-7fZJCzzdAV6pMccGkIZgmXdvkff7vzYlHk6kQ31M7l1MrndZrTrWjNaw192-qbOGorU49T_xxqIOoiAqjeWSCDUA0-3OMIUo30KGkB8Ppwv1zIWnQBlXaciGTDwoAbJLVUhElw7JptfgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JGH4XaY4kLT-NNYp6iX6rke64HA%26client%3Dca-pub-7415831428202174%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:56 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6A1D 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:56 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6A1D 308 B
636 B 18ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 08 Nov 2023 09:58:56 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6A1D 293 B
621 B 17ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 08 Nov 2023 09:58:56 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 6A1D 43 B
347 B 21ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=H6TeUgJ6N5xdH3oldp0yrA2cxHUzDAlgE6gZdCVLKumClpArwK0xUPedj1CsxjizeIe0uS2pehcHFrejOdm4k8IuRq-wRvP8Dufw1dUBCRG0a4mPeABw6L_Qmy8VVdycMFOMEM7jBOIcF6D4wnSeBL_JT2BCXQ28FEPKUvFfcbwtm4Nqkmy5Xf1ND1Rh-YUC1QpUr8GQR4Qm5gFdPnAazhReL1G_X2aAyg0SHnP8tY2_rQANoNM7ZuhSRi4qcMSGfXC0wnU5Z6T36XXdPg253I5oZxwECTdmmQfw-T6qsuNx77p8qjI4skRxaospPASiT7wgkRupmQah2mufk6yWg5yNdZ99zbx924tOlC3cV9Zvp3IEvnkU-itOzRA0sxfY10ksn7duqBdaCieiJ4ytoaPlfevqDT5pGkjx3t-KXpyxOoUc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3210004
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 6A1D 44 B
754 B 134ms
131ms Image
image/gif 2600:9000:225a:b600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1668333536
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_3wANi7kIu8dfAAL4tp4nJcDNc3UtvF9BcQ&u=%7CTn3fSisJDwCgMobSJEhC1YiURZlscio06rWewsgSAa8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXE5ihGz2e14vxT7vyE9DxfvV041Kl1BgSlZlIuarGosYIYW21-6acrA3X3NgCl_seaNEDiB_bNdg-lCiGt49Dm-DalYdWzpYMSkoP-6IS_k2F72tz4f5q2aXsN9ES_2Qf-BpSFIOp02gvQ-6y34WAnWRTPOxLba3RKkqi5pbuEaXnVE9vQoQfi6xXtVe_la5-J8e19WjGtf9lFVDhybnnMFglM6RKuUTdD53nwOgq7Mjfp6eUQvEx17twnOqMRtn4PRXi5I53IG5XoR8mwEbhV-eQm27TqrZ6LiK1gFMP5zfUoJumiy6HmDocRClnseGUk770nvzVc1794qckVxV3hJ9-0Th244EWaz7m74U7NRui5vxt13xaEFSnjxcFZkwwPd2w56yEoDseRpWEVhy9Nh4HIB4w52QDlubRclO-y61YmC855VvMssRveutFmqODb0d2AEEJRMzB_YBXihofA-vxSmQxPrBzDsZMHPCmK07D0G0__DdOczxSXBGerfdXiQHqTWeX6IzZfZoAujr0pMfncrlVYOCCJjvzw90dnl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_qux379wY7mXNt-O7_UPtvGL-APJntKxXM3x4t2IAcCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJqQJAMbvREFyxPuACAKgDAaoEmgJP0GZSmonSe7xdmTpOn8YOT7xSlsNRKvDlq0mjLlls-66v-JC_7R10gplGZdYSs37asdsiEOBn8-FIEGIpmE6l0FuyPBAbWHyVqocHDyohJKD4mGYYSO-b3u1nFTmW7Y9A8Hyegrx918AvsmJ2w6zRTBdt8hmRNk1C8xq9t4pVGCqgkUGjs2lDtxPQJqcHEOO2TUDubkEHbDfIVZDBl8cjG-JvUwqlDJXL1FlyY31EhC9-7fZJCzzdAV6pMccGkIZgmXdvkff7vzYlHk6kQ31M7l1MrndZrTrWjNaw192-qbOGorU49T_xxqIOoiAqjeWSCDUA0-3OMIUo30KGkB8Ppwv1zIWnQBlXaciGTDwoAbJLVUhElw7JptfgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JGH4XaY4kLT-NNYp6iX6rke64HA%26client%3Dca-pub-7415831428202174%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:b600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
via: 1.1 cf058b286fa80390c08073fa68269f12.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: zYrUZoOvis7dmL784T5PhpSDGfEyfqY0EYOD46TFQZNPRw1XyCAuYA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 4F67 495 B
664 B 727ms
237ms Document
text/html 54.64.101.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4303238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.101.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-101-191.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Sun, 13 Nov 2022 09:58:57 GMT
etag: "636e6da0-1ef"
last-modified: Fri, 11 Nov 2022 15:43:28 GMT
server: nginx

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 1E2F 495 B
666 B 724ms
236ms Document
text/html 54.64.101.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4303239
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.101.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-101-191.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Sun, 13 Nov 2022 09:58:57 GMT
etag: "636fdcdd-1ef"
last-modified: Sat, 12 Nov 2022 17:50:21 GMT
server: nginx

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58EF 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6oBrCFB5Ln2Rex6KUJ23uf0oCeqyJeb8Nv1KbJqEJOl30SCz_jQEN_ZTZNG7qziwysMKS1b1gp6HqnN1IthQal8j_rpbpQZzNQew4b_6Lje0mYx_Uo-HfZQPu8z6uN2c7B5zLCyh7udfJ1GCk3X1hWlJrzuYBPGKmBAQTwvXsmHxZ6iazU9DyCZAMdYaKh12b8cUcvJoVWnTr7TwX0mcZ3kAVarhnGvmcU6y429ehFeV4EpCaRZVZ84u4QbZBHJIQtyCxW_Hw-KFGqtZR86vetNhBjtKXDgNLCw_IxQLbHI2U0Mfvxh81J6QDgOZsSVHpt9rkTQ7S9eKYN8y87_ayLwtD&sai=AMfl-YSWzyhVaeygEdmlz8aHd1Sz9XuL1y6UlSWS-vhNk_cq0P6iMuWoADD-1q8PUTwQ7TnhYmxYkXutPz3RhkHSE3naqW3D4vjwSPNXdesOMjVxSrIJtF39aeiU70tyT_eSnXS1&sig=Cg0ArKJSzN521u84gyazEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Nov 2022 09:58:56 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame C662 55 KB
21 KB 113ms
113ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

accc03e429ddb0f993efcdf689adefff20bbd78701c2631f3da650a336b221a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20221106.00.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Visitor-Id: CgtmM1RmSjBBTEJQWSjf_8KbBg%3D%3D
Content-Type: application/json

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21633
x-xss-protection: 0

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame E67F 830 B
852 B 31ms
30ms Stylesheet
text/css 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9VZYX4/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_Ql9VZYX4_2o2jvAoe&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=860&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: df4cd6f3b2e248d442621dc6ce284302b126f9af816cab8b60281725200d5190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9VZYX4/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_Ql9VZYX4_2o2jvAoe&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=860&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: sqefXKKZut4R2qR5lqBr0nSjDUJXu83C
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Sun, 10 Apr 2022 22:35:09 GMT
Server: nginx/1.20.0
x-amz-request-id: CCXNZ11WX9DCSFGM
ETag: "9b3834ee614ba231efec8c8aafe8b092"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: oFuXg95UkfHMxmZr+yiqXue+HL0oEHYohBmaIHy+mLmj7fUV5NaqDBG2I8bPV/qJDWfW7MCqhtk=

GET
H/1.1 200
OK widget.v2.min.css
static.dable.io/dist/ Frame E67F 13 KB
4 KB 32ms
31ms Stylesheet
text/css 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.v2.min.css?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9VZYX4/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_Ql9VZYX4_2o2jvAoe&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=860&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d86c8d510fc7334badac90c7e5413bac08c068cb403e85f49e299c13895fe113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9VZYX4/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_Ql9VZYX4_2o2jvAoe&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=860&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Unused62: 8096267
x-amz-version-id: i1vBFAb888FUxvTqQ.wEtcmM5r9D8F30
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Wed, 23 Jun 2021 08:27:13 GMT
Server: Apache
x-amz-request-id: H3GPB0KH3X70A3NC
ETag: "229cc68f6258d0aa0bef6b143d748991"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3373
x-amz-id-2: DVlYRSu7cXPH2d7rAIquNBLLLChGnH4a06ClpLZanXkHTaNJjMyCcmlHv1VwyzpvfV36Vbc6r2o=

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame E67F 95 KB
33 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9VZYX4/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_Ql9VZYX4_2o2jvAoe&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=860&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9VZYX4/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_Ql9VZYX4_2o2jvAoe&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=860&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 09:44:12 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame E67F 55 KB
18 KB 20ms
7ms Script
application/javascript 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9VZYX4/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_Ql9VZYX4_2o2jvAoe&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=860&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 701dd48c67a7d58eb2fb2751ee7d3e72e35b2b4a0600dc7eebaf4e413e2439fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9VZYX4/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_Ql9VZYX4_2o2jvAoe&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=860&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 8arvkVhdyuo1uPGOTQJEaJtxuMPBQXZ_
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Sun, 16 Oct 2022 23:21:52 GMT
Server: nginx/1.20.0
x-amz-request-id: BMK2EW8SR0T5QT9S
ETag: "621af62e834f0cbb9166ab5b9e710b9f"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17608
x-amz-id-2: YjIm4bDSL8rrUmJ9Vtp0RhJCYrK2vZfZu6DmU63jByeowununrMM9qpriGqbAUH/b4fVoy+dvZQ=

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 1A3C 495 B
664 B 643ms
237ms Document
text/html 54.64.101.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4293422
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.101.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-101-191.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Sun, 13 Nov 2022 09:58:57 GMT
etag: "636e81aa-1ef"
last-modified: Fri, 11 Nov 2022 17:08:58 GMT
server: nginx

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://star.setn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 16:06:09 GMT
x-content-type-options: nosniff
age: 409967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 16:06:09 GMT

GET
H3 200 container.html Show response
3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 49EF 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:55 GMT
expires: Mon, 13 Nov 2023 09:58:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F496 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:55 GMT
expires: Mon, 13 Nov 2023 09:58:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9278 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:55 GMT
expires: Mon, 13 Nov 2023 09:58:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7984 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:55 GMT
expires: Mon, 13 Nov 2023 09:58:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B1C 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_C2dfpGZRK90w9Kqhm_clG-ZN9-wElwD8YwmsOa9uqJbQJqP7iB-ONhC4Hql02_erP9paeG7wVyiJPPb4E96qzd5IZZbynjbCmxcbtB4qhYrCb9vyphH_YGXhO6zGqTvPUwQyD83GKYlXzCW4OCrp6vPWPmLQfayIn3jJQsYxsLWN0xjRHthPPN54KECHpaNg-BNc-n0hQzZPXQA0utrdY3MLGq6yZ7djekc6eyShcG2Cj2EHC1Gq5iQE91mq5zZiVwpjXsBh4nzjJzrvhFz0o8tvGs85IjswSYsba4oxi_aa1veuyvu6X2WeUjQy0cPIvInCoe3efVNFh9FzEO_tD47_R0F6&sai=AMfl-YSqOF2Em1NIP4kGD9gFqpt4HqLDoHGc5wm9-oSZJ9WEtvmQDpX6EXeRAgWAn2PKai7KGl8V5o7Ck9Atb1QraKCIFFkSZnZWpUwWQ37IoQzQ2tdKvi0ajU58V338wK-Mh9tT&sig=Cg0ArKJSzN3IrP3op1OpEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ Frame 9B1C 76 KB
16 KB 241ms
240ms Script
text/javascript 18.181.126.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4293419
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.181.126.176 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-181-126-176.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bdb688e68d6d2d262aff549485e3e4d7ee0bec2d9d9e767a39e4105d8c4afcd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B1C 154 KB
47 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H3 200 container.html Show response
3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 29ED 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:55 GMT
expires: Mon, 13 Nov 2023 09:58:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D7EF 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:55 GMT
expires: Mon, 13 Nov 2023 09:58:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK logo-text-tiny-gray.png
images.dable.io/static/i/ Frame 7478 661 B
1 KB 9ms
8ms Image
image/png 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Unused62: 8096267
x-amz-version-id: null
Date: Sun, 13 Nov 2022 09:58:56 GMT
x-amz-request-id: 16DB178742EEC089
Connection: keep-alive
Content-Length: 661
x-amz-id-2: zEYBbuAR9Qv465XZzNopbYoH3t8enMToI1eVKNd34kvlV8lBw6P9XxaNRSwsqJrgjR7RLeUFdas=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
ETag: "2260fca7dca92761058aace21a176daa"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9723 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://star.setn.com
Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://star.setn.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:56 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame AABD 830 B
852 B 8ms
7ms Stylesheet
text/css 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: df4cd6f3b2e248d442621dc6ce284302b126f9af816cab8b60281725200d5190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: sqefXKKZut4R2qR5lqBr0nSjDUJXu83C
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Sun, 10 Apr 2022 22:35:09 GMT
Server: nginx/1.20.0
x-amz-request-id: CCXNZ11WX9DCSFGM
ETag: "9b3834ee614ba231efec8c8aafe8b092"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: oFuXg95UkfHMxmZr+yiqXue+HL0oEHYohBmaIHy+mLmj7fUV5NaqDBG2I8bPV/qJDWfW7MCqhtk=

GET
H/1.1 200
OK widget.min.css
static.dable.io/dist/ Frame AABD 73 KB
10 KB 8ms
8ms Stylesheet
text/css 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.css?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3b6a9f90ec8304834f717de38bd2d8721a7b602d9557ee81593a8059ee39698e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: vhEKAQMtMwHCbv1zntOLld7ykyHm2Ieo
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:56 GMT
Last-Modified: Wed, 23 Jun 2021 08:27:13 GMT
Server: Apache
x-amz-request-id: H3GSJ3XSS7B7MSGG
ETag: "b21f082c8bf7c670dc2314e542e4dcd4"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10090
x-amz-id-2: CV49zchxyfrJ7A0uDlnesP8HJgUzPO5F5jg+mvemxg6m3fTF41RU5lMczudu2y1+N0FssM5UFFQ=

GET
H/1.1 200
OK 16by10
images.dable.io/ad/thumbnails/legacy-resize/221011031016302/3x/ Frame AABD 18 KB
19 KB 11ms
9ms Image
image/jpg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/ad/thumbnails/legacy-resize/221011031016302/3x/16by10
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 2fb2848b49479ff8bfab46cbdfdd0b8d929c295fa5ad20270a668a133d3f27a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: TdCPAo8DErDSrwf3orS2QXSQ1G8GARnv
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: PMKYF81P0RB21QMN
Connection: keep-alive
Content-Length: 18776
x-amz-id-2: RHrIvcq4u3cEkPpEZog/j0NwnW7NFHzO7ubNXkFoEhBwoN2CDqf1VPeEBSVnL3yR0o3wiGA5Tq0=
Last-Modified: Tue, 11 Oct 2022 03:16:21 GMT
Server: nginx/1.20.0
ETag: "5eb951ff63ef8c128b6588dc624624e0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 90e32c0b6c1b4e2c42346d3667dc6d029019f.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/58e/ Frame AABD 32 KB
32 KB 12ms
9ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/58e/90e32c0b6c1b4e2c42346d3667dc6d029019f.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 01fdceb9c31d9dc6f0f54c522f78cd14793dc6d5c25dfc9012bd5277180b7833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Vztn5P6nSCG4l_PfE7usCt15ossSh0q6
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: PYXA6VTRTK926DD8
Connection: keep-alive
Content-Length: 32557
x-amz-id-2: 9ltH3QERft0p5wiZF0YyB1zB2YBcKxNUS3iWzB7uGBeJSER1doqtc8fxiHn/IcYinyCrVfcxgH0=
Last-Modified: Sat, 12 Nov 2022 13:45:50 GMT
Server: nginx/1.20.0
ETag: "1e67429670c7d78b250754ab1e66a739"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 16by10
images.dable.io/ad/thumbnails/legacy-resize/221011033930572/3x/ Frame AABD 36 KB
37 KB 13ms
11ms Image
image/jpg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/ad/thumbnails/legacy-resize/221011033930572/3x/16by10
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 958f3b968255285c5047e47b2b7da8dcec0d61c2606496e900a2a9c73ebba714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: xvZZobfwUt3XzAFwYiQx9o5fV0Mk.F.W
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: R8NB2F1EZR57NEDV
Connection: keep-alive
Content-Length: 36951
x-amz-id-2: +AUaFtMu+z0SpLbh5tk/382cXdhLP0ljMHt3yU7qeMqZ2/8shbG4oZY9gBZxA8OFMc/lr3RgjTE=
Last-Modified: Tue, 11 Oct 2022 03:46:19 GMT
Server: nginx/1.20.0
ETag: "6112356e150ff599171f20791d50282e"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK c1a2bdf028e3f82c35e1ea18cc2b4504bf828.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/74d/ Frame AABD 19 KB
19 KB 11ms
9ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/74d/c1a2bdf028e3f82c35e1ea18cc2b4504bf828.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 2203ed6fcf532e8035b03fb2bd0f913eac59636dd1fcd3495829b7d9653a4286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: EOS33tqfVsgDilVkq1_AVLz9gOxvKvR0
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: 7P9VWXAWQZJ39W6V
Connection: keep-alive
Content-Length: 18987
x-amz-id-2: 5KvOwLakRwThohJsQj4peTaBRTejTq+TggcYrkJRxpfzx+DOnzLohWvjbYZjKjrGSamFGmvFHCM=
Last-Modified: Sun, 13 Nov 2022 06:49:09 GMT
Server: nginx/1.20.0
ETag: "23be7e9602d0720bc47c6f3836271c41"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 8d4674b8b23d5b43de42e6b7bc3648549ef90.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/a6d/ Frame AABD 39 KB
39 KB 13ms
11ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/a6d/8d4674b8b23d5b43de42e6b7bc3648549ef90.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 9bb7d289ee069435c87b7952e8e218726d934e5d2d2fd55b66ad5a317c87dfb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: _rUyfEUWjbysTGjrA4M1QXj6TbEglEzX
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: AGRGKMF5KSGJT1BC
Connection: keep-alive
Content-Length: 39682
x-amz-id-2: qHF31Bsmr02q9kgohPh5xhXJZ8pFI82jpAENw0FjxD9RKdZZNro5clzJp7vEhPKyPUZh3Ed1kDs=
Last-Modified: Sun, 13 Nov 2022 01:37:47 GMT
Server: nginx/1.20.0
ETag: "32acfa95e3f24d6796edba0ae490ee4f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 18f7d30b56b84e589b59bc26b001fbb5abb56.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/59c/ Frame AABD 21 KB
22 KB 23ms
8ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/59c/18f7d30b56b84e589b59bc26b001fbb5abb56.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 87755f241d10ae4ef67d080f39e282796b5cc86a9685396e66975977ea695cec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: yShmpsD7uodKsuS7YPaaBd4HeBsuv4qL
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: D96RVRKE3MEAA152
Connection: keep-alive
Content-Length: 21841
x-amz-id-2: 6wqF4f4tPf5/taaC2KbNuU+KRojHNER583GtI1OaD9EP7owtKokXLRF/57zurR3PT4rYtCZ7N4I=
Last-Modified: Sun, 13 Nov 2022 07:13:15 GMT
Server: nginx/1.20.0
ETag: "acc2e93d9b0eff8244ec216b03871775"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 70afe8241826053714b4577f906c4180cd998.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/5ae/ Frame AABD 27 KB
28 KB 9ms
8ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/5ae/70afe8241826053714b4577f906c4180cd998.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 11f18b23897d17af52bd234d18155abf2e7248c99f37f90519a2dd3a51a928e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: BX3bsvMOclgf6SApCv6XuRZpCQVPz4tn
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: N8JJ2KYRD9E76E1B
Connection: keep-alive
Content-Length: 28087
x-amz-id-2: 99CRLXzvGjrpl5Cvd/U6E645/L6oXTb9/YvwstmJVYe0SmdgYQEm/9JNuhNtJhUwfT8J/DQea/E=
Last-Modified: Sat, 12 Nov 2022 10:05:40 GMT
Server: nginx/1.20.0
ETag: "52ea76427eb48772fad0d8009d869a6a"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK f6f6f6.png
static.dable.io/static/i/ Frame AABD 83 B
611 B 222ms
221ms Image
image/png 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dable.io/static/i/f6f6f6.png
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:57 GMT
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 448BD5D7E9F8B243
ETag: "c684e92ff40cdf977c18be6a031e6e54"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96
x-amz-id-2: UflmDDoCoj5+6HP9Nzvdn7T7+jkvam8rZmOI0/rJ6bgdNGN4QRZR6EdzVPF+L1YB6r9V9QrLNCU=

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame AABD 95 KB
33 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 09:44:12 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame AABD 55 KB
18 KB 11ms
8ms Script
application/javascript 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 701dd48c67a7d58eb2fb2751ee7d3e72e35b2b4a0600dc7eebaf4e413e2439fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 8arvkVhdyuo1uPGOTQJEaJtxuMPBQXZ_
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:57 GMT
Last-Modified: Sun, 16 Oct 2022 23:21:52 GMT
Server: nginx/1.20.0
x-amz-request-id: BMK2EW8SR0T5QT9S
ETag: "621af62e834f0cbb9166ab5b9e710b9f"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17608
x-amz-id-2: YjIm4bDSL8rrUmJ9Vtp0RhJCYrK2vZfZu6DmU63jByeowununrMM9qpriGqbAUH/b4fVoy+dvZQ=

GET
H3 200 css2
fonts.googleapis.com/ Frame AABD 234 KB
65 KB 32ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@400;500&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

408b4ed9241e6ee8881099b166dd8fa76419d6f5e7d2cc55b20c46d611866aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 09:52:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 09:58:57 GMT

GET
H2 404 / Show response
ad.setn.com/api/Tracker/Create/1/22078/ Frame 7BCE 119 B
424 B 483ms
483ms XHR
application/json 18.64.119.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.setn.com/api/Tracker/Create/1/22078/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.119.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-119-96.txl50.r.cloudfront.net
Software: /
Resource Hash: d9e024a450a3a5e409bf59da97b53bed49ccf1b669bf84f3cc74d12073ea9a8b

Request headers

Accept: */*
Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:56 GMT
via: 1.1 bc66fd12bea603144bf0b6c1578cb3e0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P4
x-cache: Error from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 119
x-amz-cf-id: lWR5UC7Ix7RbJDq6GaEmw8KZQApKEqE_SebhQcSXOWH5ibgen4Wxwg==
expires: -1

GET
H2 200 202211130200 Show response
ad.setn.com/api/Tracker/Get/1/22078/ Frame 7BCE 17 B
346 B 40ms
40ms XHR
application/json 18.64.119.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.setn.com/api/Tracker/Get/1/22078/202211130200
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.119.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-119-96.txl50.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: ca33434aee7a3d5d2e4a269eb32ab6e1b5ce8fd727a20be25f725ea9afc1e0b6

Request headers

Accept: */*
Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:53 GMT
via: 1.1 bc66fd12bea603144bf0b6c1578cb3e0.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: TXL50-P4
age: 2
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 17
x-amz-cf-id: 7srwNWacE8NNMDSiNEWKxbTxrHA5--PR6KVHUS1Za6XFwijKZn-9qA==
expires: -1

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 370 KB
124 KB 54ms
17ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4c52d065f54f30b3944ed6d83d97e3eec06f305c9ecaab134ff7ee6170077c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126378
x-xss-protection: 0
expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
125 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://star.setn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:29:58 GMT
x-content-type-options: nosniff
age: 376138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 01:29:58 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame C662 0
19 B 16ms
16ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=244&afmt=140&cpn=GtbrCDB2vZGbVKBV&el=embedded&ns=yt&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24230619%2C24255165%2C24288488%2C24292955%2C24293803%2C24406605%2C24407199%2C24408610%2C24413559%2C24416290&cl=486528943&live=dvr&seq=1&docid=NA9Jlcekyik&ei=4L9wY86DLv63x_APgdeRkAc&event=streamingstats&plid=AAXtVyvT8G98Dour&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FNA9Jlcekyik%3Fwidget_referrer%3Dhttps%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fstar.setn.com%26widgetid%3D1&cbr=Chrome&cbrver=107.0.5304.110&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.010:B,0.231:S,0.239:S,0.239:S&cmt=0.010:0.000,0.231:0.000,0.239:0.000&afs=0.239:140::i&vfs=0.239:244:244::r&view=0.239:888:500&bwe=0.239:130000&bat=0.239:1:1&vis=0.239:0&bh=0.239:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmM1RmSjBBTEJQWSjf_8KbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668333536119&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C888%2C500&vis=1&wgl=true&ca_type=image&bid=ANyPxKpaJ06RQtHHzIQ7LIz9x6f-zJZVgE5E447DIISEqBl2M7faGXLpdEPjN0X_Qy4HK3hSgX4KLABlTX-DwEJK8Jxmcq5K0Q

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:56 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C662 4 KB
3 KB 48ms
19ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:57 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame C662 32 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7bdadbdbc5d982af1dfbc9c02b8b0cdacaa166b325ad0d8d7589a985516dc03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:48:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8793
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Nov 2023 23:48:52 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame C662 68 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eeae2f294ccddab4a568911b9962c87e5ae20c3b46f3710c9e78385f781a109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 09:07:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175891
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20270
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Nov 2023 09:07:25 GMT

GET
H3 200 heartbeat.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame C662 27 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/heartbeat.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4316741edab180807083eaafab69a7b53ddbe5bc14d637e3c410ab0573a78178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 03:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9413
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Nov 2023 03:56:48 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame C662 33 KB
6 KB 392ms
391ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

79ee2b95817d9e8f81038fa64d80387ede9018841a5fe48422908c988cc58ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20221106.00.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Visitor-Id: CgtmM1RmSjBBTEJQWSjf_8KbBg%3D%3D
Content-Type: application/json

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6398
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6A1D 12 KB
6 KB 21ms
21ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6A1D 7 KB
7 KB 43ms
42ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=996&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=3ObwWuMBOrfIMJ6r7-oMSCQ5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30929544
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6722
expires: Mon, 06 Nov 2023 09:31:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6A1D 617 B
874 B 19ms
18ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoManz-AG-93428DE-2104150957.gif%3Feb%3D1&v=3&w=800&s=ZtPQa0kaYiaywObkrkstXJBe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1b130abb9f803a330d2995975d403ed0b6ec0bce34f4028bf4ba61c1ca269a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 617
expires: Sun, 13 Nov 2022 09:58:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6A1D 2 KB
2 KB 18ms
18ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoExyte-Management-GmbH-213960DE.gif%3Feb%3D1&v=3&w=800&s=PRJBO6Kfi1SjaXnA5S5u1BD5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

23dcf4c89871124e658e9ceb0069b07ea56ac09cfb416f898846c9f561546b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2030
expires: Sun, 13 Nov 2022 09:58:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6A1D 1 KB
2 KB 21ms
21ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FW%2FlogoWieland_Electric_GmbH_30129DE.gif%3Feb%3D1&v=3&w=800&s=dwo4t3fwh5WbEOR2XPcK_LEZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8c0a44794ae15b9d01f889c0284fe6adae0d3252a95d67b5216d787bb503cc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=425762
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1402
expires: Fri, 18 Nov 2022 08:14:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6A1D 2 KB
2 KB 22ms
21ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=800&s=HYbmSDVtbe5wAnm1TH3AhaIB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=479176
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1584
expires: Fri, 18 Nov 2022 23:05:13 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6A1D 0
127 B 21ms
21ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=2Vc_8ddP54n_9EJNiJjrqv8LJALAG10JM2KA2SFwmGefvOW8yLGFKSbyfVBw0gnTZr6W-OUaEyXxFFiFEUbQtyKfnw8FgpR-PmWTlVf0Z28JnP6iJlXOwyPA-j4x6koNkUJNL85VKlk5xsPFbdKOs_OVUcKp-2dNFFX_hMG8kJuSrjIVMQar4pY6v8kEaOFA-ncofOsPRTUPzCHENe3elxylGOIilszX-ZRQrlxJHXYqBCiIk8sUfriZ0K8VJi0U5loG1g&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6A1D 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6A1D 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
DATA 200
OK truncated
/ Frame 8094 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d876e13e1aba02c05619198cef978e67140b92607836e2f93937e3cabbd42d77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 49EF 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvMdS4L9wY6LBBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgScAk_QdtTnpHuD3ONR1s6kasveEzGOJVOrFjJnw-fR8OzZQ9JlQi2-cf5Xvlo2hlr3-VY769QR8mCcKxh8jaxRXhpByDAJmoHy6gC5AN_s9b3ETUq6H3ceRYig1AKh8JegPz6OvSmrYOqJwPeLdDwZdXqYlohhh_bLzmW3jdWWbD8a3gRFwf3BP7TZeTfHuSylRgwGRFNLgbtS5-R_L3EjtzGW_LOFRwM5mrZKtFQgyfRMp_1zs0fNJ3DflI0M8ArE2vgRY9MAaAmwLE49SOaZwoz0FWGQ5OGhbnXjyNIa_Dw98zPCMUXeSzGod-JUnegcRf0P9CIRxA4M6H8pI-wEzCOZNXMjgqdNrwks_sGg5YVr24Y3mBmyai2YmPwq4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzQxNTgzMTQyODIwMjE3NBjh4Gs&sigh=TJOabwMSuwo&uach_m=[UACH]&cid=CAQSPgDq26N9foeqwta28mx2hlZRXisCJI1hrlcLjQewZIKGW7NB-ucqGjdLuW_zdvd5d3KUX4_xIRiOlmtlzC1nGAEgEw
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 49EF 0
0 15ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFI-lBKwC2ASdg2ICAgAAANOjIdpU4-hxBKukA7vod08Q379wYwvd3C1zmHaHSlcBABIAAA&wp=Y3C_4AABoKIH_ZYDAA_IwugnknPl2qu9qSJHWg

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 167595
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 03BC 131 KB
45 KB 106ms
105ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABoKIH_ZYDAA_IwugnknPl2qu9qSJHWg&u=%7C1Kfx12T1NYnbebnYX%2BLUsg0xRreAqG8C2bo4T2j%2FUi4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1TjkATbGV5IcvQV_6vMqq0IGuOYWpWCY8gQWMUQ0yOZOs5_u3rYzrGtG6SYrhvuK-K_DHyuJJkJkwOcZl3UIwyXEMSaGHmnbCF3otqr9t0vlfAh3MCaltkPwlRTYqZZPLBzl__ltW7hkkyVENd2czHmPx8VfixKdd1ZqNqTthoDI-cWI1DlXaO_kwjToNRtfaPhCq8X9buT-OUzSeGs_KczlLaNi125kMCwQQaF5b9wnb19m1tiYVY6hI7fbPyBOqf660MbeU0CxQh1yeVGfzVhRaUTe39qFsUWYxoxiZ-F96ORCWm4QhEOozErTY_McoQQOO0XiKJuFVpzFVJAdg0GOzPING1c3EfhZFktRHjh4g-OOuDApHEIiL8GCLjz1k3mw4meliDQMmXbIsGpzsC5lvLfb1hOEaEgxqIHmeI-20u18nyjiDIgVYQE0wNxAPaVMTOxzZgWAbjX0ZTwzkoqkaWXFx9xYCTUpCpBZpaZ1y3mCCNrjJ8NWFpmERvJ8CblPJ58WyL9pub-X2SHK3f7m76ps4Z_tz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC15Hr4L9wY6LBBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgSfAk_QdtTnpHuD3ONR1s6kasveEzGOJVOrFjJnw-fR8OzZQ9JlQi2-cf5Xvlo2hlr3-VY769QR8mCcKxh8jaxRXhpByDAJmoHy6gC5AN_s9b3ETUq6H3ceRYig1AKh8JegPz6OvSmrYOqJwPeLdDwZdXqYlohhh_bLzmW3jdWWbD8a3gRFwf3BP7TZeTfHuSylRgwGRFNLgbtS5-R_L3EjtzGW_LOFRwM5mrZKtFQgyfRMp_1zs0fNJ3DflI0M8ArE2vgRY9MAaAmwLE49SOaZwoz0FWGQ5OGhbnXjyNIa_Dw98zPCMUXeSzGod-JUnegcRf0P9CIRxEwOye2urHAXc7-NlqMeJF9EuwOa9O-4ZzGj5iDFJweecqgyHO-Vyy_o4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_30Z7ysOjLmtHF2038djS85GANhGg%26client%3Dca-pub-7415831428202174%26adurl%3D

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fb16012742455b5e0fac64e502681e5df685d281134735b9bf1876feb1787fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=xkrjCtdP54n_9EJNriTd3D6c26LcBbCndh971pJH22njEPaFVA-ZmSPd7TR-Y9XVkNhooTAvqEpaEKzasCwuaq7JXCOsbUeNXT1CnhrlbJny2GhMtK15UpY1L3A0i-VldVCLMenpFpYzBA6hHCtOdWWNCVFY_p4NEYHqkKXysVKWtyciqdSVN6BfXif2xyYq-iT3_R16eTJwBYWVGydVEEpOAgBDDsSfEgD4_qjSfPw0YXlGhXpdabBNpvRqkEZ867N4lA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 90131702
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 49EF 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 49EF 18 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 49EF 0
0 16ms
15ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWMXsvbPQZMc8v50a8afVZPYBIHkbd-jp6Hq522JZ1Lz09AnYvcHXAgBO5Q-mLPiMywAajnmp2e0Upu93XHza0Jp82iA
Requested by: Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 49EF 24 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 22:10:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49EF 154 KB
47 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:57 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F496 0
0 57ms
46ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVkg54L9wY8vCBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgSeAk_QWEulNBLib9MQARYhT2LFaowIMeKD9x-gtvgsk40a1CsbzQJgtOkdAGELN9isVq_W-rUmJ3lTajOuWp5EXb5cf9nkxS3tOfAHQQvdATlxcI4mmztAdG5CxxTyeuEYEXer6Hn8joBo3nQ1ZiBGCz-JFRT8z_X6RKfCP_uqyJly0bsdRbM6x9vhS8wVnA9un2YyIhZzdwvXEtyy4wABeLVZqRx-5M5QradRaTZEzU4SEFiWyfXqBL2VP_pORmXUTHn4n9jPaVFpb4nTmU3drL28OMsNZVfHB4_efWdw69rGB3FW3rRmntRk5t5hSHFNWLXaUwjJtBZy1-kXGjOgGwazxeuSoO5pV9f3uSr27391PNgxhpw6K-7120H1vRrgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03NDE1ODMxNDI4MjAyMTc0GOHgaw&sigh=tnwdGOm1rMM&uach_m=[UACH]&cid=CAQSPgDq26N9foeqwta28mx2hlZRXisCJI1hrlcLjQewZIKGW7NB-ucqGjdLuW_zdvd5d3KUX4_xIRiOlmtlzC1nGAEgEw
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame F496 0
0 28ms
11ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFMc1rAL6AZ2DYgICAAAA06Mh2lTj6HEEq6QDu-h3TxDfv3BjYaLTb7Me9RBlxG0AEgAA&wp=Y3C_4AABoUsH_ZYDAA_Iwgte4ydZUWbU4iKnXQ

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 321982
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame FE76 137 KB
46 KB 100ms
85ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABoUsH_ZYDAA_Iwgte4ydZUWbU4iKnXQ&u=%7C1Kfx12T1NYnSSLI7SlDsLEg88cJ4d2fi9KoHiC16n0k%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oYr6Qf_MMHYyYnnkQ1IWvQNEIJv2G7G0ESrLpS_JAdQW7bxE-WMJbSuNt-pqh9_WdcyFExGsZD8AYvnK7cJegciGi0PIlXVbS-0tsquiY_pT4IKBjP4yPTG8rEXKdXyqzQEpd5v-Oyprbcu3EHxlReeS7ubcrfkaDmUN5Q9qBUCZE7CE4c_a_scm_26NtlvZhcO4e5daDuvaST4J6hpl3L7rRCvTmVG5eAX015vjjlgxasEwgcT8cDHcns2a4w_WBR4CRqU5PJOV4XRmpRMBsVbX5f8np7kVxWSjiY8yVgf20a77AMfMlIC4weTYpLrHFF5AW1sOEzqObRgtPysGk3Qhs05KMI5I4yi2LzRmtj4YyWN5f9l81epF3vpL1KU-evOgfucJOojWy5OP-RkmmHcnnmJdi7DgtlUPYQQ0ak4AUKYl-CXJ1r_bYGOTgKiUYe2pvkw_OhqqTnefIhcZHe6jvQnChU90meJpkSlxh5zAvY3y-_C0R4U3cS2w89f7cu3ic7I1PEf6SbhoPXnl4vsQ36rMAS_HSE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0nKG4L9wY8vCBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgShAk_QWEulNBLib9MQARYhT2LFaowIMeKD9x-gtvgsk40a1CsbzQJgtOkdAGELN9isVq_W-rUmJ3lTajOuWp5EXb5cf9nkxS3tOfAHQQvdATlxcI4mmztAdG5CxxTyeuEYEXer6Hn8joBo3nQ1ZiBGCz-JFRT8z_X6RKfCP_uqyJly0bsdRbM6x9vhS8wVnA9un2YyIhZzdwvXEtyy4wABeLVZqRx-5M5QradRaTZEzU4SEFiWyfXqBL2VP_pORmXUTHn4n9jPaVFpb4nTmU3drL28OMsNZVfHB4_efWdw69rGB3FW3rRmntRk5t5hSHFNWLXaUwjJtBZyles2iLQvhxUMWf8xcNPPr97js5z8wWf3iBAMIG6FNcLtXutxrqV_083gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13Ghnl38B3S1GXxRKHcvBmmHSL0A%26client%3Dca-pub-7415831428202174%26adurl%3D

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0b9725d592211cafba44740c9c2571a1c1a1cc77636001c31b34c4f9396b990f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jFP0rNdP54n_9EJNVmytsW1U0xbodaJeJggYGQW4W734mxL4iWm_NQPdXdCwzYhG_XSGAHg2CgRinh0Dfvp4KG7GpUzIqo6GRsE7BN1yiEqxrJTw9m5RTB3mYm1QdqOfZRZVJPDyBtCHL4cJRdJa53cZx8Q67_6gjvwZG0Kg-Z9QgSvvHblvhhT1u-kOAKnERmu-R3V0isjFm5rFPBg_vAtm1QHvrtWdI39V323ZM1XYVe9On0PS58CEDtgAA-hT4SiOUg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 67852617
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame F496 3 KB
1 KB 18ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame F496 18 KB
7 KB 18ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F496 0
0 33ms
22ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRM_egUC362jirfEVY2Ni_fvMSNjeJMukQ0Nzv0jEwIu2DkTiINYtD_61MO1kx-6zhrogEwUdjMqJlDcQ2lMBJeCvV5g
Requested by: Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F496 24 KB
6 KB 18ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 22:10:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F496 154 KB
47 KB 45ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:57 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9278 0
0 60ms
51ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyGMz4L9wY__DBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSkAk_QDvJU7lglhGsE5mH0myy4MDnzvGSEZn1TRDKPM6r9UwTX_pIP5vkVie75T6sBOlnlWKUn5lvzZG15ZtQg3ZqABMCeVEGopF_XP6kO_YmQP9_V8O5VMdtsWrC55BTqJf0epWXK2wnTSiOn1HWQh_Iv8JdjGhpGd56wXetiUa4S79oAjU8MugvoAn1AxoPwuovY8XOMfcv4cfA3NsZA_GgrsoWROBwAATTS8ymnnthtWp2T4SHkXt8cfA6rqyIsYrU_fF9RY8N59uovk0cdAoP__Di4bXwhEyb5fY-_9H3of12Vjhxd8ewhOoGVJIfXywsHdffO5Jyzy-sohOZy-jqvcGNHxe5F_qkYduG8RIsQkcizwcJu_Bzs6Fk4YgUD6VfXqg7gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yNTIzNTY5NTg5OTg5NTQ1GOHgaw&sigh=n5NrNVT74fo&uach_m=[UACH]&cid=CAQSPgDq26N9foeqwta28mx2hlZRXisCJI1hrlcLjQewZIKGW7NB-ucqGjdLuW_zdvd5d3KUX4_xIRiOlmtlzC1nGAEgEw
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 9278 0
0 24ms
11ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kZCTFN2BMKwC-gGdg2ICAgAAAFYj9lY0iLeFthc2nRDfv3BjjPFZhxiObsVKLtEAEgAA&wp=Y3C_4AABof8H_ZYDAA_IwrkosZe-Zwe-Cg2IrA

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 154549
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 09E5 211 KB
58 KB 156ms
144ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABof8H_ZYDAA_IwrkosZe-Zwe-Cg2IrA&u=%7C1Kfx12T1NYkOYQnHE7rv%2B3YxSfUOqYXvAVB9qq2IPag%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVzcD2jXM_JE6f0199SpINL9uiCdoIuY8tQTNBzN0oY4BE2F0myJ53YIN_a-9_fanflp5HCqqGTRQmXTfHnzMG-zJGm9TNUBTh8b_TccQxpAQ7VpS_6X1WbIleyXYWf7bCAH5gSeUU__moTAVZWu6Jydj0LyDbma5hfGQy6ZzpJ1jnI4bficyfZapSiDHKF2Q9057sQsx-5g2lj5rVjZ8RZqY48KzE8hzc8awXkioaaKob_PDaqFiwy8SvU9lC_R11l9FdaXR9dZa0wX10819ejnEsc6fMdB0tjPlTfiF2YfELJzgsGWS534uA80s3feTXm8ckwAPVKI4aFCaa4Jcwdl4zj5c_3Og3k8cNGcFDno6n1UeS78opxtTCoIAGzIOMwma2LfWKHfCVipcKXpwlO6NBP9ruyynfw1j1VS5wJI8_hY9AT-lA6rhsUkPjrICGJNzY7WCyjItHi7bklFJT9q3bu0xDXeSpTrFZNdA5Fp9e730msHtaucRsadJRltTaHL9TJ9RWElffjnOdWlLcomQGMISBvxwYCfNy3Pmjrs4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjkg94L9wY__DBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSnAk_QDvJU7lglhGsE5mH0myy4MDnzvGSEZn1TRDKPM6r9UwTX_pIP5vkVie75T6sBOlnlWKUn5lvzZG15ZtQg3ZqABMCeVEGopF_XP6kO_YmQP9_V8O5VMdtsWrC55BTqJf0epWXK2wnTSiOn1HWQh_Iv8JdjGhpGd56wXetiUa4S79oAjU8MugvoAn1AxoPwuovY8XOMfcv4cfA3NsZA_GgrsoWROBwAATTS8ymnnthtWp2T4SHkXt8cfA6rqyIsYrU_fF9RY8N59uovk0cdAoP__Di4bXwhEyb5fY-_9H3of12Vjhxd8ewhOoGVJIfXywsHdffO5Jyzy-sohOZyuDiO4uTIWf36Yr27ptwavIIEm36579rsSNTRTquHfCkbbP1TubHl8bXgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0g8pF1UaP1llPCcOWIAXkUmZvB4w%26client%3Dca-pub-2523569589989545%26adurl%3D

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

67eff95953a83f57a424313f80bbe3e5d4f7f751f0e7ec7e733e7f8ffa31a554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=kEEJ19dP54n_9EJNdhwTN4WOww1lEaulYl6j5lwY0f-H1NBSa1t3YQUC47kqkpKjcEqdB51OWdAnrlcaLkDnp1JpLljmE0Uo_3x_DDSWV17Pv-MrQO3yaevRGvH4IEjS2EpEk38fVR6WmbeRxiStAxf8fGvdH4fe2mXRj7Q9hyARAySd7N3ehNCaDDyeil1kqLfu9FE2N9UjbJo_JWilF23Q2lwSdsxnqI_iAlivgLvolsCP5zbpCS2-9BS5GmkuiSvDyg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 130789316
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 9278 3 KB
1 KB 16ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 9278 18 KB
7 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9278 0
0 30ms
23ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXILttGDuTyGkjg6r8xodWZfGFpyoxsPmEkmGJMuHxq7cG6E50_ayqm3iI9qwuBhhJKQ4k074bj4SexqX8vbnT4I2eZQ
Requested by: Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9278 24 KB
6 KB 18ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 22:10:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9278 154 KB
47 KB 37ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:57 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7984 0
0 57ms
50ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAOg04L9wY5nFBoOs9u8PwpG_-AvPh46bXMCG2YLGAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJ4AIAqAMBqgSlAk_Q6wbdYGXWxUaqrpoixz-2_tV_YQ3dakwAsgxObXcb1MOM_wiOqrWY6MB4RVpbTahUCxwhPoRT1LHIQ6aZlhrBXxKspWbhTFGqqYq61ffOcMeNrE01g_cfiDAVuK6ENAwqgzPRMODhe6KG92_6AG6gaiMsOBHkHQCcY6kmEwDC1T2Rv3tEQcmzU0K74RU3UNmD1W0_b0ZZ4V5o2KAzRG6giOG6dGbdSAw__HhEvJ3VvhYiT6O75gW5EYMlecfx-1-CDXSuTVXkTYXpXGlV19pjOI7JRdXBRp84-pFyvXpjd9Ot5-zAVAxosPijvCOAjy9qPenGEVaAf1yy-v61OPEK6Bb8kP4mGxQlRgHsVo3L2H5dDfmiK6tYHgxRCqiWEF1BN5Py4AQBgAb4r-DGksippccBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzQxNTgzMTQyODIwMjE3NBjh4Gs&sigh=b8__gTEnghU&uach_m=[UACH]&cid=CAQSPgDq26N9foeqwta28mx2hlZRXisCJI1hrlcLjQewZIKGW7NB-ucqGjdLuW_zdvd5d3KUX4_xIRiOlmtlzC1nGAEgEw&tpd=AGWhJmvLu5trYyo0RgyGqB3IqpAV5yhEqIC_jGCn3PS2iRJYL8QD_C-uKsG-RiD8TN_HxdJ5d-Kl9nMPrcYdfZnm7MDpcn0oSaY3sRCtslFbTESRVC8bPJ4LqFY4f0Hmkobm1zVt7U7xFyK4NiSoDiB4bdENwM4zRD0PXxEThO5L650uZkHBz0K7UZdRy85jPDOqaCfOruvGwALdI3FLMonKzz2U9pB1pg9nVy1v89Dyt1hHdFJGfx5xBZ-1atcH-_wGMm-JFkVsjfxjnzjhA320E8mAdnzMdPc4X1G7csz6Skcthpyk3egUjY5YILjWgX-BVpdUIi-q62jpcIHaGcLJhILqUa_n1IC5Rq1rUBpGFJGSQ4SwVqFcQw_3AQzrtQ-7k6uQiKUEfQdVwOoJ5dHMLUVEnY4Iys7U-b10BtVogmw2ri2D4hOWuqSDeuwnir47iiWsyBeubQn63BpAc0eBU2AKyy5qaScLR0ZhKKOrg__WSrarHHO6m7yHMl1WAP4XDHpdwGIOQjPaPgQxO1K8TO-pAwltsGSuveACqn3rCBofykAcIfzIDS7TcoFJDW4C6kg53ISfuCG1_TgyoW0ae9TPyqGn0_S3y8HPBe4nGp8sMbwhdMdVII77F_cjOFT7hGspVcjHur_jRBOs7NQMRQufTbsJ6TyysgioA3k9epqK9x_jjCk6vyQ01rgjQjpN9heDaRz0qMzE-3wQmZjmZ_wulAU0nmAV7pNYeonKrq1c55HkfSKurfcFWrRZHaeXXep8oUPrX9R0zpN3jKlXyV-sa4-uur8abD5GrdwGZf5WFwOMDa5ZWcjgFuWw6QArdkYbuVvwLWoUlOMQlG66Tu4oU2LotieryZ4A2g1N3nrW9YBBDf2Eyu6Uejce6s7jnTg7_2pmv4xBmRVm1Y9aO-CRNqpkftFGdmdoqyJHR7Uc7ANx2b-Hg7NBZGjGms8tFYE8MRFiPHHn1SZfooyayBJrlLWvTCbEFudRQdxaOsBGJ60V3518RhLFE407uexczQLs5-Mf4zce9EKC1DF_xDzoy6WVWm9GOo73l-onKo0uUkbC4YsJokVdr4KFRZ3niuKaFmirhLSWxsvAqrXhjryPOqt54aZpw4HYCQaxJvWmjpl81Ys02aSRXandOxRD8Q
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 7984 3 KB
2 KB 109ms
48ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRjM1pqTmhNR0V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1MDg0OTExMDE5MzQwMjUwMDQvMTEwNTAwOTUvMTI0NjA5NDkvNC9LaWFtVm4zck9OX25EQmZGQ3oxTFRiWUpMMm96VHMyMWxMLU53QVVLbFpNLzEvNC8wLzAvMTk5OTg0My8wLzIxNTU0My8xMjMwMjM4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNzUwODQ5MTEwMTkzNDAyNTAwNC9hbXMvMC84NTI0Lzk4Lzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjY4MzMzNTM2LzE2NjgzNDYxMzYvNC9wdWItNzQxNTgzMTQyODIwMjE3NC8/0IJ8A6Yl9T38hFrbXUun1Zm36ZI&nodeid=4011&group=cdg&auctionid=7508491101934025004&pbs_auctionid=7508491101934025004&shardkey=7508491101934025004&sid=12460949&cid=11050095&bp=a_befcig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiGGl4L9wY5nFBoOs9u8PwpG_-AvPh46bXMCG2YLGAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJ4AIAqAMBqgSoAk_Q6wbdYGXWxUaqrpoixz-2_tV_YQ3dakwAsgxObXcb1MOM_wiOqrWY6MB4RVpbTahUCxwhPoRT1LHIQ6aZlhrBXxKspWbhTFGqqYq61ffOcMeNrE01g_cfiDAVuK6ENAwqgzPRMODhe6KG92_6AG6gaiMsOBHkHQCcY6kmEwDC1T2Rv3tEQcmzU0K74RU3UNmD1W0_b0ZZ4V5o2KAzRG6giOG6dGbdSAw__HhEvJ3VvhYiT6O75gW5EYMlecfx-1-CDXSuTVXkTYXpXGlV19pjOI7JRdXBRp84-pFyvXpjd9Ot5-zAVAxosPijvCOAjy9qPenGEVaAf1yy-v61OLMIyYRQLFohlrBt7dms-X3WzHThB9e6yhaYXqOrq7a6CPPYi5R_GvV44AQBgAb4r-DGksippccBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1y-dhJgvbM8cnOHjqLUcCncnikqQ%26client%3Dca-pub-7415831428202174%26adurl%3D
Requested by: Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.371.0 /
Resource Hash: 47ffafea10f5f7cb83e65585a2c50bcf02aff38fbcfa5ebb8202d2001cf2f850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:57 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1668333536
Last-Modified: Sun, 13 Nov 2022 09:58:56 GMT
Server: MMBD/3.371.0
x-mm-latency: 23 (1)
Content-Type: application/x-javascript; charset=UTF-8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x73, cdg-bidder-x15
Connection: close
x-mm-lag: 1
Expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 7984 3 KB
1 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 7984 18 KB
7 KB 18ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7984 0
0 28ms
21ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQlHR1TURuePs_VAGVLRTGBP5Pi5MuZTp_TFqpifAUCO6yJ5euVIYMPmo0l2u28D_oSh37BqUGEm_BA1ERh-On43ywsA
Requested by: Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7984 24 KB
6 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 22:10:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7984 154 KB
47 KB 35ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:57 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 29ED 0
0 56ms
50ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZZFE4L9wY_HHBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgSjAk_QtwS07sbH2BaOuKSbvdSIWy2BMqUOjiWf7yiu3ukeggcTMhlHzl6u5bs2pYR8fzTH5suIln19Eo25pxl-KJXjJDju5QBI368uDQsFmTzd_jP92Z1UIrGvBgDf0-ovQSXGECmEaMQXyq77OG3kKuY4r8gQDTKpCdibJ4ys3DJXRuc-0nIPgf9E-vRYUEx85mrv_qq91wjNHsKz3n_6mPv1P0YR32a5S-jdrfRhlW2QQcuHKrSx9AZXPaqfqToD5n97wKW8CkIFfzhx4_jnbtbJSkTwd3puyGfujRiupSQ-Hr6HAe1IoeM4f3AS14ppkJwuPwHa16gLmwzjrfKS9QHzwYZnzdugiCPP_Ufkuju2AOf5bgEtUEfsKABmRk0U8rUtruAEAYAGiYjw842givl7oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzQxNTgzMTQyODIwMjE3NBjh4Gs&sigh=9O8B60gFFtk&uach_m=[UACH]&cid=CAQSPgDq26N9foeqwta28mx2hlZRXisCJI1hrlcLjQewZIKGW7NB-ucqGjdLuW_zdvd5d3KUX4_xIRiOlmtlzC1nGAEgEw
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 29ED 0
0 22ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k_79Esc1rAL6AZ2DYgICAAAA06Mh2lTj6HEEq6QDu-h3TxDfv3Bjvwe_hfvnWRoZ8aEAEgAA&wp=Y3C_4AABo_EH_ZYDAA_IwkkrS6ETvo27qqjUUA

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 267463
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4FB0 140 KB
47 KB 105ms
100ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABo_EH_ZYDAA_IwkkrS6ETvo27qqjUUA&u=%7C1Kfx12T1NYm0zF7AHdquhyMR9uJxPCr7t5TE%2FrzrduY%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTHRhhgMpmWg59XKZrdcmVKjJj0urVgkPbGtBA1TFruS4ylR_O21mLPjmdBqpXgPww8P_NJCWek9HFTznsB1lhqf1zPeRnIIy9PfwtQUP1WicLaxXUTG9oclUKZ86JPscNQdlywfhxyNnzpzQNE6XdQo6208OQM6r-taTJBqfeKJe2qpJG_kmRlp7wEia8TYuh_KhqWVAk-4xQgczOaGe8Ly0p5e737NPpontLOrOMAUae11c8nmEE9ejzouGuE0jN77y4d1PnTf9nJUKmYg6OcZoi3Uoa1ZXxa9XPMsusrDibNi0oxp3igLL4m6nNRUUiVXPy5SMv9tHgNQn51BgOjznc-szeTpPbzyo5IXEgf0RpaYl4WEytM5k8IpV1U7B1Lw0qNWuH4pV1SUrIBzhyoo8lls6OUsgENVOtvF5Zv-feJkwEMFGXT2L7ZSH-SuPwbqUzncUMc_gKV6ppzJQv70cTfeSXpL6rU5PqKMlGVNPuQqNR6_txfP2sa6QFS5vYq2SDZMmMpxdp-V3xMP4i9cfAvXCs_vMCUHAvmSQ54kE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5u84L9wY_HHBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgSmAk_QtwS07sbH2BaOuKSbvdSIWy2BMqUOjiWf7yiu3ukeggcTMhlHzl6u5bs2pYR8fzTH5suIln19Eo25pxl-KJXjJDju5QBI368uDQsFmTzd_jP92Z1UIrGvBgDf0-ovQSXGECmEaMQXyq77OG3kKuY4r8gQDTKpCdibJ4ys3DJXRuc-0nIPgf9E-vRYUEx85mrv_qq91wjNHsKz3n_6mPv1P0YR32a5S-jdrfRhlW2QQcuHKrSx9AZXPaqfqToD5n97wKW8CkIFfzhx4_jnbtbJSkTwd3puyGfujRiupSQ-Hr6HAe1IoeM4f3AS14ppkJwuPwHa16gLmwzjrfLQ9yBhRgn73mQ8nIAfwOEcsy-8tu3XdoOZmHpK2r94alWRWDE-Eepw7-AEAYAGiYjw842givl7oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MnGlAuJSZPM0MtCRyMpghIZUZ8Q%26client%3Dca-pub-7415831428202174%26adurl%3D

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5624b069293225dbcb8e489da394f89dda55ccbb2b3c00b5a5a26cc8ae7b3724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jE25FNdP54n_9EJNamn-XJqh5waxcoOIEmz5u7Hz_woglU9jgr8zMMhW4AKq2hIQe2J_mzEPzoA0YeYdjsT0BZor13SEf83A0dTHnpTpLARAUVoZUXs_hk2Kzb1YAIjvA3lWr_yx_k2E9Bsa2zDRclNmBQmstEijxsPwOpstszBljW6AUM04mSN9GiLvRIer6-xT8X0G8eOglB5gKgR96FmlvEUG-JFxPLiUB4i0EBsDibsQYQmLT5SH7h4"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 81595684
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 29ED 3 KB
1 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 29ED 18 KB
7 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 29ED 0
0 25ms
22ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnpx4qcdcLnf7qozB7yDpQ7WvXQCcT4t8aSNg7eL7PlWe2Kxu6I5gy_OIXh4iC1VQ5LH59SbxoZ-Pi8toHK-V1Rnj4_g
Requested by: Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 29ED 24 KB
6 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 22:10:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29ED 154 KB
47 KB 38ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:57 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 29ms
27ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.350795425019566

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-liHX3nRTa4HjV8WjyzUK-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-liHX3nRTa4HjV8WjyzUK-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 25ms
23ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.5800835915391489

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-vALOuy3O-9k4g6vCcWsVDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-vALOuy3O-9k4g6vCcWsVDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D7EF 0
0 57ms
46ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiQyi4L9wY_jIBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSjAk_QON0zJq8vPjLsEzw4rRttDrhZYZpE1gsQF9BRVJ6S3bvb4lKWD7CfH7LZmo24toyl3jQpf50RHq-ygaoW0o-Tc92KVMJXQRO0XUYBt_L7mbofE6aghxAFbNIm6GEFt6A7IxjnaJ6-yTa-wmZLdCCVTcubUAbHtNEKvyyOX8C5kmyVLyGgKecksaWKwL7tO0n3go5_IABpkLicdFyUlov2xNtHp9UfIIOl6Kv0CgA-jBQGsXIzhDAvGo9jcRQI6j8xjZb2rJhynpYTLYuxcy7AVCEYeNj8n-UYK-IdwWXnR39NwLZ6IjX5lTYOlKOimmY5OYGjUHF-5HIJEIkc4-m1sxR1sWk4-3uzEMhSAsTIXenEgjt2Nql9yy6BxBTN8OrH8OAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI1MjM1Njk1ODk5ODk1NDUY4eBr&sigh=w40u0c5pISk&uach_m=[UACH]&cid=CAQSPgDq26N9foeqwta28mx2hlZRXisCJI1hrlcLjQewZIKGW7NB-ucqGjdLuW_zdvd5d3KUX4_xIRiOlmtlzC1nGAEgEw
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame D7EF 0
0 32ms
18ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kZCTFN2BMKwC-gGdg2ICAgAAAN34g5SJAQObthc2nRDfv3BjXUKQnlsUr6jR-usAEgAA&wp=Y3C_4AABpHgH_ZYDAA_IwtyeWGgW61WTphjjHQ

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 335054
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D139 162 KB
53 KB 111ms
100ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABpHgH_ZYDAA_IwtyeWGgW61WTphjjHQ&u=%7C1Kfx12T1NYlHuEu2jIfQ8tcyuRt2stGGWvCsDS4yAWY%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjFz1RM00mo99lsG5mUfclKW6By3X2EXeIqEvFs9qO-NX4nGPISb3n7n26-mVZHkmWzPf9PyZbeuHXM-xOjO3ZeBPLTCr_X_6B5t2ICrQ8LvdFbn1iUwAm1es_ptr_OcGIonSL9VlrYwbKgOO-nU_DbqbPF7LVNlv3w7yPzRmD8rIl71KKY9jpYb6DCRXLttR-DaHTEsIXZ-VHb3iq5J2T_ifPkhv_nmw7Qa5H60kCCDqoecu2OFswanf1pt7aE0IS-QtIr7gn2ADkRhfR6EKA0Vbm7uCz9VpBE8KCFe9iClCi5heNszFz5CucW9FAgzQNL0TwwLEQx90-C4UbrLzO8ieSvFd2QTNkVI0FHzvm-Vb4uCEun6D5qlx71SgTAJajjEVJ5ZkVTGdGbGRK0HJ2AcDBITcjDveQlffvYHdGUkClbJdBFhJ0KchkZiJ-CbTHd7fIueP6BcexOjcd0_OYeKMdWK1faDud6hEPp0QlwUzCk5s4ErmcG_59ml3_dmaDuiradGo5Fz1ml5UlwtwK-XHfjaLiYTwkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaqV44L9wY_jIBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSmAk_QON0zJq8vPjLsEzw4rRttDrhZYZpE1gsQF9BRVJ6S3bvb4lKWD7CfH7LZmo24toyl3jQpf50RHq-ygaoW0o-Tc92KVMJXQRO0XUYBt_L7mbofE6aghxAFbNIm6GEFt6A7IxjnaJ6-yTa-wmZLdCCVTcubUAbHtNEKvyyOX8C5kmyVLyGgKecksaWKwL7tO0n3go5_IABpkLicdFyUlov2xNtHp9UfIIOl6Kv0CgA-jBQGsXIzhDAvGo9jcRQI6j8xjZb2rJhynpYTLYuxcy7AVCEYeNj8n-UYK-IdwWXnR39NwLZ6IjX5lTYOlKOimmY5OYGjUHF-5HIJEIle4cgnNJvpotak79hjLW6qC9DC6-PqmrnC_pTbOZGf6AxIWm7UT7U24OAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3ry7GZU90cj8V9NSQEKtzHrRNjEw%26client%3Dca-pub-2523569589989545%26adurl%3D

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fc523f48d928b83459346ab54bb64e9bb99023d3e53055b3287151f65fc33670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 09:58:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2SNfKNdP54n_9EJNPTx1I0VSmdKGOfXTBRxiDfeB_4W8FviqiV0_6ZB0p_hs1dLZX5hdR26SUUNgJWNOe1C0CjcaSYLjxWV33LDD7dk7_wc74cw-Ljdd7JqJ4JxdzSXIfCPU9WwGYBggnopTbktIkbQ-nXbfIG_JoNfMoPRWbtlPlCqX_NbxNp7nqB9Lr6r5B1YMMFbHjeggsTlC28lUA5nA7Fnw77PUomH708VZifrb5cWpZUYzwhD89sP2wdDKJgUBEQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 81592377
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame D7EF 3 KB
1 KB 21ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame D7EF 18 KB
7 KB 20ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D7EF 0
0 26ms
16ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjjiDqBHSo0lKMUn1bNSDzNTMA9D_A2r00OLk0kUrraY9Xr1dwLt5h_tkiVT866egRu6g9KnLpqTipccrqxk3Srl9gjw
Requested by: Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D7EF 24 KB
6 KB 21ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 22:10:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7EF 154 KB
47 KB 32ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:57 GMT

GET
H/1.1 200
OK c1a2bdf028e3f82c35e1ea18cc2b4504bf828.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/74d/ Frame 7478 19 KB
19 KB 18ms
9ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/74d/c1a2bdf028e3f82c35e1ea18cc2b4504bf828.jpeg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 2203ed6fcf532e8035b03fb2bd0f913eac59636dd1fcd3495829b7d9653a4286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: EOS33tqfVsgDilVkq1_AVLz9gOxvKvR0
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: 7P9VWXAWQZJ39W6V
Connection: keep-alive
Content-Length: 18987
x-amz-id-2: 5KvOwLakRwThohJsQj4peTaBRTejTq+TggcYrkJRxpfzx+DOnzLohWvjbYZjKjrGSamFGmvFHCM=
Last-Modified: Sun, 13 Nov 2022 06:49:09 GMT
Server: nginx/1.20.0
ETag: "23be7e9602d0720bc47c6f3836271c41"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 16by10
images.dable.io/ad/thumbnails/legacy-resize/221011031016302/3x/ Frame 7478 18 KB
19 KB 17ms
8ms Image
image/jpg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/ad/thumbnails/legacy-resize/221011031016302/3x/16by10
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 2fb2848b49479ff8bfab46cbdfdd0b8d929c295fa5ad20270a668a133d3f27a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: TdCPAo8DErDSrwf3orS2QXSQ1G8GARnv
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: PMKYF81P0RB21QMN
Connection: keep-alive
Content-Length: 18776
x-amz-id-2: RHrIvcq4u3cEkPpEZog/j0NwnW7NFHzO7ubNXkFoEhBwoN2CDqf1VPeEBSVnL3yR0o3wiGA5Tq0=
Last-Modified: Tue, 11 Oct 2022 03:16:21 GMT
Server: nginx/1.20.0
ETag: "5eb951ff63ef8c128b6588dc624624e0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 8d4674b8b23d5b43de42e6b7bc3648549ef90.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/a6d/ Frame 7478 39 KB
39 KB 17ms
9ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/a6d/8d4674b8b23d5b43de42e6b7bc3648549ef90.jpeg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 9bb7d289ee069435c87b7952e8e218726d934e5d2d2fd55b66ad5a317c87dfb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: _rUyfEUWjbysTGjrA4M1QXj6TbEglEzX
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: AGRGKMF5KSGJT1BC
Connection: keep-alive
Content-Length: 39682
x-amz-id-2: qHF31Bsmr02q9kgohPh5xhXJZ8pFI82jpAENw0FjxD9RKdZZNro5clzJp7vEhPKyPUZh3Ed1kDs=
Last-Modified: Sun, 13 Nov 2022 01:37:47 GMT
Server: nginx/1.20.0
ETag: "32acfa95e3f24d6796edba0ae490ee4f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 18f7d30b56b84e589b59bc26b001fbb5abb56.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/59c/ Frame 7478 21 KB
22 KB 18ms
10ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/59c/18f7d30b56b84e589b59bc26b001fbb5abb56.jpeg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 87755f241d10ae4ef67d080f39e282796b5cc86a9685396e66975977ea695cec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: yShmpsD7uodKsuS7YPaaBd4HeBsuv4qL
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: D96RVRKE3MEAA152
Connection: keep-alive
Content-Length: 21841
x-amz-id-2: 6wqF4f4tPf5/taaC2KbNuU+KRojHNER583GtI1OaD9EP7owtKokXLRF/57zurR3PT4rYtCZ7N4I=
Last-Modified: Sun, 13 Nov 2022 07:13:15 GMT
Server: nginx/1.20.0
ETag: "acc2e93d9b0eff8244ec216b03871775"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK f6f6f6.png
static.dable.io/static/i/ Frame 7478 83 B
611 B 15ms
7ms Image
image/png 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dable.io/static/i/f6f6f6.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:57 GMT
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 448BD5D7E9F8B243
ETag: "c684e92ff40cdf977c18be6a031e6e54"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96
x-amz-id-2: UflmDDoCoj5+6HP9Nzvdn7T7+jkvam8rZmOI0/rJ6bgdNGN4QRZR6EdzVPF+L1YB6r9V9QrLNCU=

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
182 B 281ms
243ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01GHR6V1XADS63FMRP01FTV74E
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: https://star.setn.com
date: Sun, 13 Nov 2022 09:58:57 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H3 204 generate_204
www.youtube.com/ Frame C662 0
11 B 12ms
11ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?KoDMRQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK f6f6f6.png
static.dable.io/static/i/ Frame 9221 83 B
611 B 7ms
7ms Image
image/png 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dable.io/static/i/f6f6f6.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:57 GMT
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 448BD5D7E9F8B243
ETag: "c684e92ff40cdf977c18be6a031e6e54"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96
x-amz-id-2: UflmDDoCoj5+6HP9Nzvdn7T7+jkvam8rZmOI0/rJ6bgdNGN4QRZR6EdzVPF+L1YB6r9V9QrLNCU=

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 03BC 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABoKIH_ZYDAA_IwugnknPl2qu9qSJHWg&u=%7C1Kfx12T1NYnbebnYX%2BLUsg0xRreAqG8C2bo4T2j%2FUi4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1TjkATbGV5IcvQV_6vMqq0IGuOYWpWCY8gQWMUQ0yOZOs5_u3rYzrGtG6SYrhvuK-K_DHyuJJkJkwOcZl3UIwyXEMSaGHmnbCF3otqr9t0vlfAh3MCaltkPwlRTYqZZPLBzl__ltW7hkkyVENd2czHmPx8VfixKdd1ZqNqTthoDI-cWI1DlXaO_kwjToNRtfaPhCq8X9buT-OUzSeGs_KczlLaNi125kMCwQQaF5b9wnb19m1tiYVY6hI7fbPyBOqf660MbeU0CxQh1yeVGfzVhRaUTe39qFsUWYxoxiZ-F96ORCWm4QhEOozErTY_McoQQOO0XiKJuFVpzFVJAdg0GOzPING1c3EfhZFktRHjh4g-OOuDApHEIiL8GCLjz1k3mw4meliDQMmXbIsGpzsC5lvLfb1hOEaEgxqIHmeI-20u18nyjiDIgVYQE0wNxAPaVMTOxzZgWAbjX0ZTwzkoqkaWXFx9xYCTUpCpBZpaZ1y3mCCNrjJ8NWFpmERvJ8CblPJ58WyL9pub-X2SHK3f7m76ps4Z_tz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC15Hr4L9wY6LBBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgSfAk_QdtTnpHuD3ONR1s6kasveEzGOJVOrFjJnw-fR8OzZQ9JlQi2-cf5Xvlo2hlr3-VY769QR8mCcKxh8jaxRXhpByDAJmoHy6gC5AN_s9b3ETUq6H3ceRYig1AKh8JegPz6OvSmrYOqJwPeLdDwZdXqYlohhh_bLzmW3jdWWbD8a3gRFwf3BP7TZeTfHuSylRgwGRFNLgbtS5-R_L3EjtzGW_LOFRwM5mrZKtFQgyfRMp_1zs0fNJ3DflI0M8ArE2vgRY9MAaAmwLE49SOaZwoz0FWGQ5OGhbnXjyNIa_Dw98zPCMUXeSzGod-JUnegcRf0P9CIRxEwOye2urHAXc7-NlqMeJF9EuwOa9O-4ZzGj5iDFJweecqgyHO-Vyy_o4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_30Z7ysOjLmtHF2038djS85GANhGg%26client%3Dca-pub-7415831428202174%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 03BC 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 03BC 308 B
636 B 16ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 03BC 293 B
621 B 18ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 03BC 43 B
347 B 19ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=yOwghTV_UgBJ1P22WofinvWp6UPdHftm3expZkQTVbSzNw03zZRda9xHiEH42btrGegsPyOUVHgaywpmZ3qeIZuwBwMQErlfiH8quS4Mn35GdJ46T4SN7aJGidkwK_1if15ed3BzRLNkMqKJrx8a-p-igsgI_n2QX_N5qqQvLbn_GFOQdIOJKHNKcjCmN1uwl7gXwiijbjER6gKRmOaSEMkt1UUutPfpPzGRo19YSNMzw9if2mBdcJB_aEDAzI7pcB9622jE5dBCXZDZd859MlSxTm1Xeil-tnP4xyClrqpChbzL7PvdR3u42rs6ZA-LHN95YCOiFaqNHdnWSsacih27oLKffkt1gDJtgfPVYG8agz3lF59Kg8tzxauYJxXpa86xd-AkczI_kHCOcVxXpCppETOaV3m0FcWwz4bLvFTtlGM1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3159115
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 03BC 44 B
753 B 131ms
130ms Image
image/gif 2600:9000:225a:b600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1668333536
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABoKIH_ZYDAA_IwugnknPl2qu9qSJHWg&u=%7C1Kfx12T1NYnbebnYX%2BLUsg0xRreAqG8C2bo4T2j%2FUi4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1TjkATbGV5IcvQV_6vMqq0IGuOYWpWCY8gQWMUQ0yOZOs5_u3rYzrGtG6SYrhvuK-K_DHyuJJkJkwOcZl3UIwyXEMSaGHmnbCF3otqr9t0vlfAh3MCaltkPwlRTYqZZPLBzl__ltW7hkkyVENd2czHmPx8VfixKdd1ZqNqTthoDI-cWI1DlXaO_kwjToNRtfaPhCq8X9buT-OUzSeGs_KczlLaNi125kMCwQQaF5b9wnb19m1tiYVY6hI7fbPyBOqf660MbeU0CxQh1yeVGfzVhRaUTe39qFsUWYxoxiZ-F96ORCWm4QhEOozErTY_McoQQOO0XiKJuFVpzFVJAdg0GOzPING1c3EfhZFktRHjh4g-OOuDApHEIiL8GCLjz1k3mw4meliDQMmXbIsGpzsC5lvLfb1hOEaEgxqIHmeI-20u18nyjiDIgVYQE0wNxAPaVMTOxzZgWAbjX0ZTwzkoqkaWXFx9xYCTUpCpBZpaZ1y3mCCNrjJ8NWFpmERvJ8CblPJ58WyL9pub-X2SHK3f7m76ps4Z_tz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC15Hr4L9wY6LBBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgSfAk_QdtTnpHuD3ONR1s6kasveEzGOJVOrFjJnw-fR8OzZQ9JlQi2-cf5Xvlo2hlr3-VY769QR8mCcKxh8jaxRXhpByDAJmoHy6gC5AN_s9b3ETUq6H3ceRYig1AKh8JegPz6OvSmrYOqJwPeLdDwZdXqYlohhh_bLzmW3jdWWbD8a3gRFwf3BP7TZeTfHuSylRgwGRFNLgbtS5-R_L3EjtzGW_LOFRwM5mrZKtFQgyfRMp_1zs0fNJ3DflI0M8ArE2vgRY9MAaAmwLE49SOaZwoz0FWGQ5OGhbnXjyNIa_Dw98zPCMUXeSzGod-JUnegcRf0P9CIRxEwOye2urHAXc7-NlqMeJF9EuwOa9O-4ZzGj5iDFJweecqgyHO-Vyy_o4AQBgAbHzc-Y357tqfkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_30Z7ysOjLmtHF2038djS85GANhGg%26client%3Dca-pub-7415831428202174%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:b600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
via: 1.1 cf058b286fa80390c08073fa68269f12.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: LYc2ST-5LnfGJHOpWDh7FTio_V3dvR_zjpHqgsxrF3pFt7uDQ4ZySg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame FE76 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABoUsH_ZYDAA_Iwgte4ydZUWbU4iKnXQ&u=%7C1Kfx12T1NYnSSLI7SlDsLEg88cJ4d2fi9KoHiC16n0k%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oYr6Qf_MMHYyYnnkQ1IWvQNEIJv2G7G0ESrLpS_JAdQW7bxE-WMJbSuNt-pqh9_WdcyFExGsZD8AYvnK7cJegciGi0PIlXVbS-0tsquiY_pT4IKBjP4yPTG8rEXKdXyqzQEpd5v-Oyprbcu3EHxlReeS7ubcrfkaDmUN5Q9qBUCZE7CE4c_a_scm_26NtlvZhcO4e5daDuvaST4J6hpl3L7rRCvTmVG5eAX015vjjlgxasEwgcT8cDHcns2a4w_WBR4CRqU5PJOV4XRmpRMBsVbX5f8np7kVxWSjiY8yVgf20a77AMfMlIC4weTYpLrHFF5AW1sOEzqObRgtPysGk3Qhs05KMI5I4yi2LzRmtj4YyWN5f9l81epF3vpL1KU-evOgfucJOojWy5OP-RkmmHcnnmJdi7DgtlUPYQQ0ak4AUKYl-CXJ1r_bYGOTgKiUYe2pvkw_OhqqTnefIhcZHe6jvQnChU90meJpkSlxh5zAvY3y-_C0R4U3cS2w89f7cu3ic7I1PEf6SbhoPXnl4vsQ36rMAS_HSE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0nKG4L9wY8vCBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgShAk_QWEulNBLib9MQARYhT2LFaowIMeKD9x-gtvgsk40a1CsbzQJgtOkdAGELN9isVq_W-rUmJ3lTajOuWp5EXb5cf9nkxS3tOfAHQQvdATlxcI4mmztAdG5CxxTyeuEYEXer6Hn8joBo3nQ1ZiBGCz-JFRT8z_X6RKfCP_uqyJly0bsdRbM6x9vhS8wVnA9un2YyIhZzdwvXEtyy4wABeLVZqRx-5M5QradRaTZEzU4SEFiWyfXqBL2VP_pORmXUTHn4n9jPaVFpb4nTmU3drL28OMsNZVfHB4_efWdw69rGB3FW3rRmntRk5t5hSHFNWLXaUwjJtBZyles2iLQvhxUMWf8xcNPPr97js5z8wWf3iBAMIG6FNcLtXutxrqV_083gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13Ghnl38B3S1GXxRKHcvBmmHSL0A%26client%3Dca-pub-7415831428202174%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame FE76 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame FE76 308 B
636 B 17ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame FE76 293 B
621 B 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame FE76 43 B
347 B 19ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=B6UbzzmYDt9TqtwzdgNM_JClOpz7tDoBRJ-nBEwZi0cAayjZvOjyo_oysldJHk2B6aAy74e2L8f6Z5ooy7fv0bjZoT1VHnkFDWZiAJIgs0z7sCOsRfxyHtdEYDPcPbRLY3LAWoE2V6_hy0XriGvMy-ov_T5E9AFpo7yo58-2jM_UF7hD120nBqTqOEVs1Gb-XmBuzXqY4_k2SKSyKuVu2WOnM8_E74DuDRD62xCFSScaNAdA8PMeDqu8vF55xSfUbDPdEqvU3p2xsdAFFOjB4_gg1MTSfaZVYepTi85dCfOBq6iLjkrP-qcLoVltUTWxvK2QjVtiSgj2X-VSFijfNpBPq9TujW-HEFEJUYXaZD1oUXCtfDQQwByPam0Nf0MHeg1aBL4uHebQa7qSyNFeSmHEpDfk-62pXEfM0PUEEGBmblHT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4390732
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame FE76 44 B
752 B 131ms
131ms Image
image/gif 2600:9000:225a:b600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1668333537
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABoUsH_ZYDAA_Iwgte4ydZUWbU4iKnXQ&u=%7C1Kfx12T1NYnSSLI7SlDsLEg88cJ4d2fi9KoHiC16n0k%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oYr6Qf_MMHYyYnnkQ1IWvQNEIJv2G7G0ESrLpS_JAdQW7bxE-WMJbSuNt-pqh9_WdcyFExGsZD8AYvnK7cJegciGi0PIlXVbS-0tsquiY_pT4IKBjP4yPTG8rEXKdXyqzQEpd5v-Oyprbcu3EHxlReeS7ubcrfkaDmUN5Q9qBUCZE7CE4c_a_scm_26NtlvZhcO4e5daDuvaST4J6hpl3L7rRCvTmVG5eAX015vjjlgxasEwgcT8cDHcns2a4w_WBR4CRqU5PJOV4XRmpRMBsVbX5f8np7kVxWSjiY8yVgf20a77AMfMlIC4weTYpLrHFF5AW1sOEzqObRgtPysGk3Qhs05KMI5I4yi2LzRmtj4YyWN5f9l81epF3vpL1KU-evOgfucJOojWy5OP-RkmmHcnnmJdi7DgtlUPYQQ0ak4AUKYl-CXJ1r_bYGOTgKiUYe2pvkw_OhqqTnefIhcZHe6jvQnChU90meJpkSlxh5zAvY3y-_C0R4U3cS2w89f7cu3ic7I1PEf6SbhoPXnl4vsQ36rMAS_HSE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0nKG4L9wY8vCBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgShAk_QWEulNBLib9MQARYhT2LFaowIMeKD9x-gtvgsk40a1CsbzQJgtOkdAGELN9isVq_W-rUmJ3lTajOuWp5EXb5cf9nkxS3tOfAHQQvdATlxcI4mmztAdG5CxxTyeuEYEXer6Hn8joBo3nQ1ZiBGCz-JFRT8z_X6RKfCP_uqyJly0bsdRbM6x9vhS8wVnA9un2YyIhZzdwvXEtyy4wABeLVZqRx-5M5QradRaTZEzU4SEFiWyfXqBL2VP_pORmXUTHn4n9jPaVFpb4nTmU3drL28OMsNZVfHB4_efWdw69rGB3FW3rRmntRk5t5hSHFNWLXaUwjJtBZyles2iLQvhxUMWf8xcNPPr97js5z8wWf3iBAMIG6FNcLtXutxrqV_083gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13Ghnl38B3S1GXxRKHcvBmmHSL0A%26client%3Dca-pub-7415831428202174%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:b600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
via: 1.1 cf058b286fa80390c08073fa68269f12.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: 9m8Dp0cIOcfftUJh9MMwKJH8NaFwql61d-FBvKrW6cn9CtGgeTxiUw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4FB0 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABo_EH_ZYDAA_IwkkrS6ETvo27qqjUUA&u=%7C1Kfx12T1NYm0zF7AHdquhyMR9uJxPCr7t5TE%2FrzrduY%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTHRhhgMpmWg59XKZrdcmVKjJj0urVgkPbGtBA1TFruS4ylR_O21mLPjmdBqpXgPww8P_NJCWek9HFTznsB1lhqf1zPeRnIIy9PfwtQUP1WicLaxXUTG9oclUKZ86JPscNQdlywfhxyNnzpzQNE6XdQo6208OQM6r-taTJBqfeKJe2qpJG_kmRlp7wEia8TYuh_KhqWVAk-4xQgczOaGe8Ly0p5e737NPpontLOrOMAUae11c8nmEE9ejzouGuE0jN77y4d1PnTf9nJUKmYg6OcZoi3Uoa1ZXxa9XPMsusrDibNi0oxp3igLL4m6nNRUUiVXPy5SMv9tHgNQn51BgOjznc-szeTpPbzyo5IXEgf0RpaYl4WEytM5k8IpV1U7B1Lw0qNWuH4pV1SUrIBzhyoo8lls6OUsgENVOtvF5Zv-feJkwEMFGXT2L7ZSH-SuPwbqUzncUMc_gKV6ppzJQv70cTfeSXpL6rU5PqKMlGVNPuQqNR6_txfP2sa6QFS5vYq2SDZMmMpxdp-V3xMP4i9cfAvXCs_vMCUHAvmSQ54kE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5u84L9wY_HHBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTc0MTU4MzE0MjgyMDIxNzTIAQmpAkAxu9EQXLE-4AIAqAMBqgSmAk_QtwS07sbH2BaOuKSbvdSIWy2BMqUOjiWf7yiu3ukeggcTMhlHzl6u5bs2pYR8fzTH5suIln19Eo25pxl-KJXjJDju5QBI368uDQsFmTzd_jP92Z1UIrGvBgDf0-ovQSXGECmEaMQXyq77OG3kKuY4r8gQDTKpCdibJ4ys3DJXRuc-0nIPgf9E-vRYUEx85mrv_qq91wjNHsKz3n_6mPv1P0YR32a5S-jdrfRhlW2QQcuHKrSx9AZXPaqfqToD5n97wKW8CkIFfzhx4_jnbtbJSkTwd3puyGfujRiupSQ-Hr6HAe1IoeM4f3AS14ppkJwuPwHa16gLmwzjrfLQ9yBhRgn73mQ8nIAfwOEcsy-8tu3XdoOZmHpK2r94alWRWDE-Eepw7-AEAYAGiYjw842givl7oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MnGlAuJSZPM0MtCRyMpghIZUZ8Q%26client%3Dca-pub-7415831428202174%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4FB0 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4FB0 308 B
636 B 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4FB0 293 B
621 B 19ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 4FB0 43 B
347 B 17ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=aU8mylt1SmMsnlPsG6bAgHP_zRQYJE_ELDxIl6y3iI8JFBvNqlKNCt9J_xXzEkQs1TFwR-9At-Vm7pN7b4xoy2p7zBxR-lAuPEHabEdAqfQltPGfovsVsDPUNsDRGdI35lrWfzSR2q3XwJY7nWaNdKW8C1RG7_6SmoI6RjA5Dw4kLjhC7z3YVBJzVyDazXBWczq1LV_v6YdCQXFReYq1QoDEiTRTgNKtYkxlkxTEqG7VQ2HofPy7tru92jG1W5HjIv52WUbV-pvm8LIpeBM5T6ikSGbu0CIdae0ZVx1k9SEnSVd3DbKpAaWx-Itwu5y_TgNIMts-UoKC8dlnqO6cjnz0GMBZREZIUkJ1Mj1LGFXnNdL1wMhk0aEBOrG126XMW9UL0u3AtUgc_qHkof-7eJHdw00A6cRlGbCeV7843pTZMgk_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2155515
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D139 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABpHgH_ZYDAA_IwtyeWGgW61WTphjjHQ&u=%7C1Kfx12T1NYlHuEu2jIfQ8tcyuRt2stGGWvCsDS4yAWY%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjFz1RM00mo99lsG5mUfclKW6By3X2EXeIqEvFs9qO-NX4nGPISb3n7n26-mVZHkmWzPf9PyZbeuHXM-xOjO3ZeBPLTCr_X_6B5t2ICrQ8LvdFbn1iUwAm1es_ptr_OcGIonSL9VlrYwbKgOO-nU_DbqbPF7LVNlv3w7yPzRmD8rIl71KKY9jpYb6DCRXLttR-DaHTEsIXZ-VHb3iq5J2T_ifPkhv_nmw7Qa5H60kCCDqoecu2OFswanf1pt7aE0IS-QtIr7gn2ADkRhfR6EKA0Vbm7uCz9VpBE8KCFe9iClCi5heNszFz5CucW9FAgzQNL0TwwLEQx90-C4UbrLzO8ieSvFd2QTNkVI0FHzvm-Vb4uCEun6D5qlx71SgTAJajjEVJ5ZkVTGdGbGRK0HJ2AcDBITcjDveQlffvYHdGUkClbJdBFhJ0KchkZiJ-CbTHd7fIueP6BcexOjcd0_OYeKMdWK1faDud6hEPp0QlwUzCk5s4ErmcG_59ml3_dmaDuiradGo5Fz1ml5UlwtwK-XHfjaLiYTwkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaqV44L9wY_jIBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSmAk_QON0zJq8vPjLsEzw4rRttDrhZYZpE1gsQF9BRVJ6S3bvb4lKWD7CfH7LZmo24toyl3jQpf50RHq-ygaoW0o-Tc92KVMJXQRO0XUYBt_L7mbofE6aghxAFbNIm6GEFt6A7IxjnaJ6-yTa-wmZLdCCVTcubUAbHtNEKvyyOX8C5kmyVLyGgKecksaWKwL7tO0n3go5_IABpkLicdFyUlov2xNtHp9UfIIOl6Kv0CgA-jBQGsXIzhDAvGo9jcRQI6j8xjZb2rJhynpYTLYuxcy7AVCEYeNj8n-UYK-IdwWXnR39NwLZ6IjX5lTYOlKOimmY5OYGjUHF-5HIJEIle4cgnNJvpotak79hjLW6qC9DC6-PqmrnC_pTbOZGf6AxIWm7UT7U24OAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3ry7GZU90cj8V9NSQEKtzHrRNjEw%26client%3Dca-pub-2523569589989545%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D139 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D139 308 B
636 B 18ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D139 293 B
621 B 17ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame D139 43 B
347 B 21ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Iv0HMoIKUvCa0VmvpIYMUBpHL-pnCFow1PZUELSksA0ytOykbHaopASu142wb6Uu-meX9qIOvJ7Zksj-JW_hXE5Q2UlN58Syz-kWmOq9vd3zwFI0uZj2UcrZaq0hzfN_KTzZcq8I3tNgrEJcMzmO1JV8vQafljVVmRvt77bTx5-33CNUVlOaG6hrvNdq3_XtsokCiRvytPqy4f6theUkguhotSOelTrY9fb987_PZJkqn7fBVHqsISpoQ0VE5tExW2VmyVcrZX2_mr5SS93b97CnRefVGKphW9PYpkgkO3m3g7XhblF8Gus8xFya1q8_5iQtq9fMcRZ2nyl8M3tGVrRlkP8lyOSL9z0q0FZliMP1fEsK5eOSHc-Ch5fg3-o0HHOc3Yfs8uLzW7y8vsRkuyJ5xoZ7a8J8bhdU8zKcltK7XGsQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3576584
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame D139 44 B
753 B 135ms
133ms Image
image/gif 2600:9000:225a:b600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1668333536
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABpHgH_ZYDAA_IwtyeWGgW61WTphjjHQ&u=%7C1Kfx12T1NYlHuEu2jIfQ8tcyuRt2stGGWvCsDS4yAWY%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjFz1RM00mo99lsG5mUfclKW6By3X2EXeIqEvFs9qO-NX4nGPISb3n7n26-mVZHkmWzPf9PyZbeuHXM-xOjO3ZeBPLTCr_X_6B5t2ICrQ8LvdFbn1iUwAm1es_ptr_OcGIonSL9VlrYwbKgOO-nU_DbqbPF7LVNlv3w7yPzRmD8rIl71KKY9jpYb6DCRXLttR-DaHTEsIXZ-VHb3iq5J2T_ifPkhv_nmw7Qa5H60kCCDqoecu2OFswanf1pt7aE0IS-QtIr7gn2ADkRhfR6EKA0Vbm7uCz9VpBE8KCFe9iClCi5heNszFz5CucW9FAgzQNL0TwwLEQx90-C4UbrLzO8ieSvFd2QTNkVI0FHzvm-Vb4uCEun6D5qlx71SgTAJajjEVJ5ZkVTGdGbGRK0HJ2AcDBITcjDveQlffvYHdGUkClbJdBFhJ0KchkZiJ-CbTHd7fIueP6BcexOjcd0_OYeKMdWK1faDud6hEPp0QlwUzCk5s4ErmcG_59ml3_dmaDuiradGo5Fz1ml5UlwtwK-XHfjaLiYTwkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaqV44L9wY_jIBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSmAk_QON0zJq8vPjLsEzw4rRttDrhZYZpE1gsQF9BRVJ6S3bvb4lKWD7CfH7LZmo24toyl3jQpf50RHq-ygaoW0o-Tc92KVMJXQRO0XUYBt_L7mbofE6aghxAFbNIm6GEFt6A7IxjnaJ6-yTa-wmZLdCCVTcubUAbHtNEKvyyOX8C5kmyVLyGgKecksaWKwL7tO0n3go5_IABpkLicdFyUlov2xNtHp9UfIIOl6Kv0CgA-jBQGsXIzhDAvGo9jcRQI6j8xjZb2rJhynpYTLYuxcy7AVCEYeNj8n-UYK-IdwWXnR39NwLZ6IjX5lTYOlKOimmY5OYGjUHF-5HIJEIle4cgnNJvpotak79hjLW6qC9DC6-PqmrnC_pTbOZGf6AxIWm7UT7U24OAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3ry7GZU90cj8V9NSQEKtzHrRNjEw%26client%3Dca-pub-2523569589989545%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:b600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
via: 1.1 cf058b286fa80390c08073fa68269f12.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: 88zPaB1JNOHbnF3SGz21_lLbjAnvY8Sly21miCql9E5ZKjRHJlvFKg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9B1C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1dcf92b49d1bbea61c41a3ef2a84cc306018cbeab370adcc1f533f582efc705

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adScriptBlocking.min.js Show response
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/ 2 KB
2 KB 28ms
19ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptBlocking.min.js

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.80

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c6c6d1ac762ea323fbf8df434598c58ab8bebcadf8dd43d67100d109d3f50f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14395
x-jsd-version: 2.3.93
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19175-FRA, cache-yyz4573-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"6ac-0FqYc2IZE51dzyLcBNhIxD3bAwo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Cj2XZClrTvW3YUxB0G6l3%2Bwj4EbtV6Fxja%2FL6ZpL9qdT4619JZbEkbrTMfUkWrHgTj3sTbUXDAvR3oIqYlmqRLDXhOOIVSv6s0g%2Fv6qcO0%2BzT50G8L9oxagIz6MXmVu3JRBAgR1IEywUEi4B4U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7696a6e10ce0bb8f-FRA

GET
H3 200 star.setn.com Show response
player.gliacloud.com/violations/ 16 KB
3 KB 216ms
216ms Fetch
application/json 2606:4700:3038::6815:eb5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/violations/star.setn.com
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a50578392f995e6f517d4fdeab17b0179363f31e0931d013461b346f29787249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: Public
last-modified: Sun, 13 Nov 2022 09:42:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecWYM0xquPMCMLm%2BK8NinlImJtI4TlxPHNTEq9sfYRfzs4eEUPmhj57hL9YqM08Jo%2Bysimm1BZeFzkLTOMBYLuHTNmVjyfNCjJLumDgGsKS17Ug8QCd8zavXDgWhkkjalwbB3kNFPFU0ozAdHY9FWQw%2B2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: d2213aadc3af7d5599ae86f1f67af094
cache-control: public, max-age=900
cf-ray: 7696a6e10f37769e-LHR
priority: u=1,i=?0
expires: Sun, 13 Nov 2022 10:13:57 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 09E5 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABof8H_ZYDAA_IwrkosZe-Zwe-Cg2IrA&u=%7C1Kfx12T1NYkOYQnHE7rv%2B3YxSfUOqYXvAVB9qq2IPag%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVzcD2jXM_JE6f0199SpINL9uiCdoIuY8tQTNBzN0oY4BE2F0myJ53YIN_a-9_fanflp5HCqqGTRQmXTfHnzMG-zJGm9TNUBTh8b_TccQxpAQ7VpS_6X1WbIleyXYWf7bCAH5gSeUU__moTAVZWu6Jydj0LyDbma5hfGQy6ZzpJ1jnI4bficyfZapSiDHKF2Q9057sQsx-5g2lj5rVjZ8RZqY48KzE8hzc8awXkioaaKob_PDaqFiwy8SvU9lC_R11l9FdaXR9dZa0wX10819ejnEsc6fMdB0tjPlTfiF2YfELJzgsGWS534uA80s3feTXm8ckwAPVKI4aFCaa4Jcwdl4zj5c_3Og3k8cNGcFDno6n1UeS78opxtTCoIAGzIOMwma2LfWKHfCVipcKXpwlO6NBP9ruyynfw1j1VS5wJI8_hY9AT-lA6rhsUkPjrICGJNzY7WCyjItHi7bklFJT9q3bu0xDXeSpTrFZNdA5Fp9e730msHtaucRsadJRltTaHL9TJ9RWElffjnOdWlLcomQGMISBvxwYCfNy3Pmjrs4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjkg94L9wY__DBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSnAk_QDvJU7lglhGsE5mH0myy4MDnzvGSEZn1TRDKPM6r9UwTX_pIP5vkVie75T6sBOlnlWKUn5lvzZG15ZtQg3ZqABMCeVEGopF_XP6kO_YmQP9_V8O5VMdtsWrC55BTqJf0epWXK2wnTSiOn1HWQh_Iv8JdjGhpGd56wXetiUa4S79oAjU8MugvoAn1AxoPwuovY8XOMfcv4cfA3NsZA_GgrsoWROBwAATTS8ymnnthtWp2T4SHkXt8cfA6rqyIsYrU_fF9RY8N59uovk0cdAoP__Di4bXwhEyb5fY-_9H3of12Vjhxd8ewhOoGVJIfXywsHdffO5Jyzy-sohOZyuDiO4uTIWf36Yr27ptwavIIEm36579rsSNTRTquHfCkbbP1TubHl8bXgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0g8pF1UaP1llPCcOWIAXkUmZvB4w%26client%3Dca-pub-2523569589989545%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 09E5 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 09E5 308 B
636 B 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 09E5 293 B
621 B 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 09E5 43 B
347 B 19ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=raYhpYIKUvCa0VmvpIYMUBpHL-rzhOWp0Rm9TSaaSUX8qHPNScaa_alYHgvI19Ur-kv0CX5DJdV-031rcws1RCCLwlUk332uPIyJXE3Y1845qFUZwtwEQFesT9gPKMj_a7cfuknnJ0uoELaVJtMxS9I82AmVWRmRq9Ah2htmqsNWV5i1OoNRRS0cOXJafBi1KKuea-Btyt-2_BB48ZG-2NypsjEhT6ks9mpISwoHGvQENKIPM_Kr8fsORzvy6NBl3LzEjYKlj4-RRtnvVY4FJAxoeaAiV1uVGVlAkQS_K4J3xr8vc8ewkZdxbIZ3ikHLpgBIi395X33fAnYQyGsZXEMsVZKOjz_Xwkl7KGsIgJ-Rrrz81Yct-7TXPUjzuAHvgj8Dlxz3SZqWiSMurZGAWF8EbUh3pfMvTmMKxXT1HTylbZ5An_Q0xA8sFcoE_cpr-ClTIw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3789140
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 09E5 44 B
752 B 131ms
131ms Image
image/gif 2600:9000:225a:b600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1668333536
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3C_4AABof8H_ZYDAA_IwrkosZe-Zwe-Cg2IrA&u=%7C1Kfx12T1NYkOYQnHE7rv%2B3YxSfUOqYXvAVB9qq2IPag%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVzcD2jXM_JE6f0199SpINL9uiCdoIuY8tQTNBzN0oY4BE2F0myJ53YIN_a-9_fanflp5HCqqGTRQmXTfHnzMG-zJGm9TNUBTh8b_TccQxpAQ7VpS_6X1WbIleyXYWf7bCAH5gSeUU__moTAVZWu6Jydj0LyDbma5hfGQy6ZzpJ1jnI4bficyfZapSiDHKF2Q9057sQsx-5g2lj5rVjZ8RZqY48KzE8hzc8awXkioaaKob_PDaqFiwy8SvU9lC_R11l9FdaXR9dZa0wX10819ejnEsc6fMdB0tjPlTfiF2YfELJzgsGWS534uA80s3feTXm8ckwAPVKI4aFCaa4Jcwdl4zj5c_3Og3k8cNGcFDno6n1UeS78opxtTCoIAGzIOMwma2LfWKHfCVipcKXpwlO6NBP9ruyynfw1j1VS5wJI8_hY9AT-lA6rhsUkPjrICGJNzY7WCyjItHi7bklFJT9q3bu0xDXeSpTrFZNdA5Fp9e730msHtaucRsadJRltTaHL9TJ9RWElffjnOdWlLcomQGMISBvxwYCfNy3Pmjrs4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjkg94L9wY__DBoOs9u8PwpG_-AvJntKxXNWdkfdwwI23ARABIABglbqtgrQHggEXY2EtcHViLTI1MjM1Njk1ODk5ODk1NDXIAQmpAkAxu9EQXLE-4AIAqAMBqgSnAk_QDvJU7lglhGsE5mH0myy4MDnzvGSEZn1TRDKPM6r9UwTX_pIP5vkVie75T6sBOlnlWKUn5lvzZG15ZtQg3ZqABMCeVEGopF_XP6kO_YmQP9_V8O5VMdtsWrC55BTqJf0epWXK2wnTSiOn1HWQh_Iv8JdjGhpGd56wXetiUa4S79oAjU8MugvoAn1AxoPwuovY8XOMfcv4cfA3NsZA_GgrsoWROBwAATTS8ymnnthtWp2T4SHkXt8cfA6rqyIsYrU_fF9RY8N59uovk0cdAoP__Di4bXwhEyb5fY-_9H3of12Vjhxd8ewhOoGVJIfXywsHdffO5Jyzy-sohOZyuDiO4uTIWf36Yr27ptwavIIEm36579rsSNTRTquHfCkbbP1TubHl8bXgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0g8pF1UaP1llPCcOWIAXkUmZvB4w%26client%3Dca-pub-2523569589989545%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:b600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
via: 1.1 cf058b286fa80390c08073fa68269f12.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: vBtmFdvU15omagJKH6EL66gQnRJvit06YT8Y-6e9vusb1YQ1sK48LA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK c1a2bdf028e3f82c35e1ea18cc2b4504bf828.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/74d/ Frame 9221 19 KB
19 KB 9ms
8ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/74d/c1a2bdf028e3f82c35e1ea18cc2b4504bf828.jpeg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 2203ed6fcf532e8035b03fb2bd0f913eac59636dd1fcd3495829b7d9653a4286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: EOS33tqfVsgDilVkq1_AVLz9gOxvKvR0
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: 7P9VWXAWQZJ39W6V
Connection: keep-alive
Content-Length: 18987
x-amz-id-2: 5KvOwLakRwThohJsQj4peTaBRTejTq+TggcYrkJRxpfzx+DOnzLohWvjbYZjKjrGSamFGmvFHCM=
Last-Modified: Sun, 13 Nov 2022 06:49:09 GMT
Server: nginx/1.20.0
ETag: "23be7e9602d0720bc47c6f3836271c41"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 8d4674b8b23d5b43de42e6b7bc3648549ef90.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/a6d/ Frame 9221 39 KB
39 KB 8ms
7ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/a6d/8d4674b8b23d5b43de42e6b7bc3648549ef90.jpeg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 9bb7d289ee069435c87b7952e8e218726d934e5d2d2fd55b66ad5a317c87dfb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: _rUyfEUWjbysTGjrA4M1QXj6TbEglEzX
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: AGRGKMF5KSGJT1BC
Connection: keep-alive
Content-Length: 39682
x-amz-id-2: qHF31Bsmr02q9kgohPh5xhXJZ8pFI82jpAENw0FjxD9RKdZZNro5clzJp7vEhPKyPUZh3Ed1kDs=
Last-Modified: Sun, 13 Nov 2022 01:37:47 GMT
Server: nginx/1.20.0
ETag: "32acfa95e3f24d6796edba0ae490ee4f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK c4942b9c22268aa46bd145c87162d913e41f7.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/74b/ Frame 9221 23 KB
24 KB 10ms
8ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/74b/c4942b9c22268aa46bd145c87162d913e41f7.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 935a3cb18e203a4a3358b10e2e58ce6ddba8c68602eb5b7ecc30ce24f877b366

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: xnQqEw.kSdxHLSK15f2Ti1Tj2C3FOyKh
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: EA50WNPB646FJGN5
Connection: keep-alive
Content-Length: 23902
x-amz-id-2: GHbcCTkACXRJZurR1i3UJ3/e1lMiONgUwGqsTTFI0OJRd94964il0itaXTYbhcHBAA8rpIJXWtU=
Last-Modified: Sat, 12 Nov 2022 07:23:49 GMT
Server: nginx/1.20.0
ETag: "9ef2bd7ae718e5a5cafa8720c462a88e"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK a9d2a9ff130a09d6d108b0dffd8e33a56d2bb.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/7a9/ Frame 9221 32 KB
32 KB 9ms
8ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/7a9/a9d2a9ff130a09d6d108b0dffd8e33a56d2bb.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: c487489a1eb7708de8884b07b2137b932f45ff48fac207b06e19c6907ba630bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: _qDL0yVx4P6XCwQzuzeQAUAGfTDqEFms
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: 3QP45P9EDND5R2B0
Connection: keep-alive
Content-Length: 32574
x-amz-id-2: riZ434JbnY9QYMVOkn5WrItL236qjbwkTDzjZIcrxajA3Lp1K9yACCBODsPHa8kRDitz2+yzeqM=
Last-Modified: Sun, 13 Nov 2022 03:05:09 GMT
Server: nginx/1.20.0
ETag: "c447239b8cb68b2389c1872cafb0570f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 96d0e9f429f8834e2cda848d10c54f181f94a.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/5f7/ Frame 9221 28 KB
28 KB 54ms
53ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/5f7/96d0e9f429f8834e2cda848d10c54f181f94a.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 29312e777fc4b6c653c6934c9c2092a8ef284e00fc520e19de40258a057e755c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Ky9vdST9IpqC8pfEM86vURh1MeAzWJan
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: 0WPN25XG4E20FAAM
Connection: keep-alive
Content-Length: 28485
x-amz-id-2: DUUK+xDn7g5EKtgJhSONMS5D+7w+ZvIH7tyiqqLwiAOluPeaoPeban4Dwvb+iIFkcRVkotZUowA=
Last-Modified: Sun, 13 Nov 2022 00:35:14 GMT
Server: nginx/1.20.0
ETag: "e9d76ab0404bea6c1607e3c8cf95226d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 14dc80ddae487e0eb6e56b0c1eee4f3374504.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/1ee/ Frame 9221 48 KB
49 KB 10ms
9ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/1ee/14dc80ddae487e0eb6e56b0c1eee4f3374504.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: f1236964460718b16aa3ff2ba1edf25c8ec519e956fcd80bb2ef8fd33d313dea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: b.juf28zOkJtcrUSFAQlTYD4SkRDTD1c
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: VQ1AR53X37JX4JF9
Connection: keep-alive
Content-Length: 49519
x-amz-id-2: fwOJjJwDGhasrSYf73OIas9KCmYeLG9/RI/UqeXl5ucTFo5qSun2fg6gyU+Mvg02bJ6uNwZmjOE=
Last-Modified: Fri, 11 Nov 2022 03:27:59 GMT
Server: nginx/1.20.0
ETag: "80ad5c1eed546f5529b2f9d7636d89ae"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK d4a3a5016231de3b5664927524c1bd49a2cc0.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/aed/ Frame 9221 30 KB
30 KB 8ms
7ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/aed/d4a3a5016231de3b5664927524c1bd49a2cc0.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: cba59ba38105976d6e016b056d87565a3fde5ec976726d50ea9ac3bbadfecee4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: p58Jk4xJRUoBNQ9OHliHv09724mDkCKu
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: 3E1X65J6HBFPX09S
Connection: keep-alive
Content-Length: 30526
x-amz-id-2: ibPbrRBozrtTRM7lg0njRdQJvoKFnwFPeF4QxIzHSv8Sp/XjnqBSlDyLe5wq88n7AM9G2A7MDfo=
Last-Modified: Sun, 13 Nov 2022 04:57:25 GMT
Server: nginx/1.20.0
ETag: "7831b360a866ac5f5889a5481116b3f8"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 81c1587a6e5fd588393b0c782d6635acdd34e.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/f7a/ Frame 9221 25 KB
25 KB 9ms
8ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/f7a/81c1587a6e5fd588393b0c782d6635acdd34e.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: d45a2ee52ae1b49e484d982f6559583526cb4ae277f0bc320d32028dbdd85140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: XXkAFdSp9FJWvqwojpi0O.YSOezzbW65
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: 3QP0YN7QMCTRWZQC
Connection: keep-alive
Content-Length: 25286
x-amz-id-2: 2/JaAJ/tEO9bYCaRVo07w7mJ2SmP8bk2JYmoI4ah3P9BtlNcXHmOyYeg2yceRZs/y9jsM0J81os=
Last-Modified: Sun, 13 Nov 2022 01:35:16 GMT
Server: nginx/1.20.0
ETag: "ac41e747db3ecf614ee4c339b0ba35bd"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 9a577979b9713a538549667380b51e5b17cc9.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/5da/ Frame 9221 30 KB
31 KB 9ms
8ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/5da/9a577979b9713a538549667380b51e5b17cc9.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 8bea0dc65e14260263724a81e33f2dfbe8329669b2cb299dff403a7e52add016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: mFdqHntWv3Q6tJ_yJVQGjPg7sBducXty
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: MF0MTK648VNS4JFW
Connection: keep-alive
Content-Length: 30912
x-amz-id-2: RFA7ElPbLUA4obFg9tMXwsVv21YXegf27L+S1R6qmSxBk6ZeUf3Kc/XFr26o9YyvrwrOamboMN0=
Last-Modified: Sun, 13 Nov 2022 03:40:12 GMT
Server: nginx/1.20.0
ETag: "8599e66b1b9dd11e143ef3191f54a5c8"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 271d9b6b13918f8f322a7b0b1b28748927849.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/6f1/ Frame 9221 39 KB
40 KB 8ms
8ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/6f1/271d9b6b13918f8f322a7b0b1b28748927849.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 82e5b0339f1b05e6733445e1a1cb2a9479b987ee0f26076d8bbf201d1d9ad01d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 6yy9Jd5QPbBiptJK_4WM_I.Me3_KzCdx
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: 4Y1AQJ0HZDHS0RNJ
Connection: keep-alive
Content-Length: 40369
x-amz-id-2: h4qqgxPBX65LKSz8l10lPzg2Rx7p2Li0N9Vo6BsObnRTDt+Nqd8jAhZ8EoAowERyIEsl8O6k9Hk=
Last-Modified: Sun, 13 Nov 2022 05:08:10 GMT
Server: nginx/1.20.0
ETag: "90e99647b9a163134e074f6cf7d6573f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 2f7848cbec61f8e486f5b34a30dbe27705af8.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/054/ Frame 9221 16 KB
17 KB 9ms
8ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/054/2f7848cbec61f8e486f5b34a30dbe27705af8.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 78a435cf87f4fa36f000faadb6da2a3685b5bcad0955f51806a548779e09a676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 1pzS_UTfX4TRo_HH0TFfuRX_4TVkCPZR
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: CFNYCHE45844Q1K4
Connection: keep-alive
Content-Length: 16410
x-amz-id-2: gIO5U47/D5UrsPlli4aLImyE5Howm0uhq2GiW8Gr2r5eqVpcc95oVhFeE2KxPao0YE8XF7UAypM=
Last-Modified: Sat, 09 Jul 2022 14:36:34 GMT
Server: nginx/1.20.0
ETag: "b9a3e5c0e50dd1c09a6a9b1c19f3edce"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ Frame 9B1C 633 B
700 B 18ms
16ms Script
text/javascript 2a02:26f0:3500:c::5c7b:6834
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4293419
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6834 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Content-Type: text/javascript
Cache-Control: public, max-age=3600, s-maxage=10800
Connection: keep-alive
Content-Length: 445

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ Frame 9B1C 0
603 B 677ms
676ms Script
text/plain 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4293419&widget_id=25669&auc_id=&callback=_lgy_lift_callback_4293419&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4293419
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 09:58:58 GMT
Via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: BcF-w1AOXorGgDLa7l_u1oqTzR_gkPAhOvu2ya4HEUkPsvUiap-D7w==

GET
DATA 200
OK truncated
/ Frame 9B1C 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/webp

POST
H3 204 AGSKWxVU3gopATMmgxZsuK_ecQGmAIIyNz_CXXKJeoom_X8d6NMMZYtdVL02Oe6t3JqSv7e5MJ4Kui64CIyxwD2EOVt8y6iLNaxQaPEiE_-xFGCKmFUMcKUN0RZwwPWrAoXWsvI_BBfong== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 43ms
27ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVU3gopATMmgxZsuK_ecQGmAIIyNz_CXXKJeoom_X8d6NMMZYtdVL02Oe6t3JqSv7e5MJ4Kui64CIyxwD2EOVt8y6iLNaxQaPEiE_-xFGCKmFUMcKUN0RZwwPWrAoXWsvI_BBfong==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C6iPr3Vte_QR7JlczUtcVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C6iPr3Vte_QR7JlczUtcVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://star.setn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 9jva1sfkle8t Show response
hal9000.redintelligence.net/zone/ Frame 7984 10 KB
4 KB 63ms
13ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/9jva1sfkle8t?subid=&gdpr=1&gdpr_consent=li&rnd=7508491101934025004&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DOGrU2ehfWzj0dYooaetp-A%26exch_seat%3D20035004448%26mt_aid%3D7508491101934025004%26mt_id%3D11050095%26mt_adid%3D215543%26mt_sid%3D12460949%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1b3e6370-bfe1-4501-a1c5-43d0490ea376%26mt_cid%3D1b3e6370-bfe1-4501-a1c5-43d0490ea376%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiGGl4L9wY5nFBoOs9u8PwpG_-AvPh46bXMCG2YLGAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJ4AIAqAMBqgSoAk_Q6wbdYGXWxUaqrpoixz-2_tV_YQ3dakwAsgxObXcb1MOM_wiOqrWY6MB4RVpbTahUCxwhPoRT1LHIQ6aZlhrBXxKspWbhTFGqqYq61ffOcMeNrE01g_cfiDAVuK6ENAwqgzPRMODhe6KG92_6AG6gaiMsOBHkHQCcY6kmEwDC1T2Rv3tEQcmzU0K74RU3UNmD1W0_b0ZZ4V5o2KAzRG6giOG6dGbdSAw__HhEvJ3VvhYiT6O75gW5EYMlecfx-1-CDXSuTVXkTYXpXGlV19pjOI7JRdXBRp84-pFyvXpjd9Ot5-zAVAxosPijvCOAjy9qPenGEVaAf1yy-v61OLMIyYRQLFohlrBt7dms-X3WzHThB9e6yhaYXqOrq7a6CPPYi5R_GvV44AQBgAb4r-DGksippccBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1y-dhJgvbM8cnOHjqLUcCncnikqQ%2526client%253Dca-pub-7415831428202174%2526adurl%253D%26redirect%3D
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 3ae7cc1bf020be24b4250cf3f16036e2f25a41c6ab183385f396d2f0cc657d91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3452
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 7984 49 B
329 B 97ms
49ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=7508491101934025004&node_id=4011&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRjM1pqTmhNR0V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1MDg0OTExMDE5MzQwMjUwMDQvMTEwNTAwOTUvMTI0NjA5NDkvNC9LaWFtVm4zck9OX25EQmZGQ3oxTFRiWUpMMm96VHMyMWxMLU53QVVLbFpNLzEvNC8wLzAvMTk5OTg0My8wLzIxNTU0My8xMjMwMjM4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNzUwODQ5MTEwMTkzNDAyNTAwNC9hbXMvMC84NTI0Lzk4Lzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjY4MzMzNTM2LzE2NjgzNDYxMzYvNC9wdWItNzQxNTgzMTQyODIwMjE3NC8/0IJ8A6Yl9T38hFrbXUun1Zm36ZI&nodeid=4011&group=cdg&auctionid=7508491101934025004&pbs_auctionid=7508491101934025004&shardkey=7508491101934025004&sid=12460949&cid=11050095&bp=a_befcig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiGGl4L9wY5nFBoOs9u8PwpG_-AvPh46bXMCG2YLGAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJ4AIAqAMBqgSoAk_Q6wbdYGXWxUaqrpoixz-2_tV_YQ3dakwAsgxObXcb1MOM_wiOqrWY6MB4RVpbTahUCxwhPoRT1LHIQ6aZlhrBXxKspWbhTFGqqYq61ffOcMeNrE01g_cfiDAVuK6ENAwqgzPRMODhe6KG92_6AG6gaiMsOBHkHQCcY6kmEwDC1T2Rv3tEQcmzU0K74RU3UNmD1W0_b0ZZ4V5o2KAzRG6giOG6dGbdSAw__HhEvJ3VvhYiT6O75gW5EYMlecfx-1-CDXSuTVXkTYXpXGlV19pjOI7JRdXBRp84-pFyvXpjd9Ot5-zAVAxosPijvCOAjy9qPenGEVaAf1yy-v61OLMIyYRQLFohlrBt7dms-X3WzHThB9e6yhaYXqOrq7a6CPPYi5R_GvV44AQBgAb4r-DGksippccBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1y-dhJgvbM8cnOHjqLUcCncnikqQ%26client%3Dca-pub-7415831428202174%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.371.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:57 GMT
Server: MMBD/3.371.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x29, cdg-bidder-x15
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 7984 7 KB
3 KB 430ms
31ms Script
text/javascript 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//star.setn.com/news/1181936&ui=d77f3a0a-0000-0000-0000-000000000000&ap=&ti=7508491101934025004&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&sr=4&de=43003&si=1239870914&dm=300x250&ac=1230238&cr=11050095&ai=215543&c1=12460949&r1=2a02:6ea0:c71b::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRjM1pqTmhNR0V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1MDg0OTExMDE5MzQwMjUwMDQvMTEwNTAwOTUvMTI0NjA5NDkvNC9LaWFtVm4zck9OX25EQmZGQ3oxTFRiWUpMMm96VHMyMWxMLU53QVVLbFpNLzEvNC8wLzAvMTk5OTg0My8wLzIxNTU0My8xMjMwMjM4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNzUwODQ5MTEwMTkzNDAyNTAwNC9hbXMvMC84NTI0Lzk4Lzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjY4MzMzNTM2LzE2NjgzNDYxMzYvNC9wdWItNzQxNTgzMTQyODIwMjE3NC8/0IJ8A6Yl9T38hFrbXUun1Zm36ZI&nodeid=4011&group=cdg&auctionid=7508491101934025004&pbs_auctionid=7508491101934025004&shardkey=7508491101934025004&sid=12460949&cid=11050095&bp=a_befcig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiGGl4L9wY5nFBoOs9u8PwpG_-AvPh46bXMCG2YLGAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJ4AIAqAMBqgSoAk_Q6wbdYGXWxUaqrpoixz-2_tV_YQ3dakwAsgxObXcb1MOM_wiOqrWY6MB4RVpbTahUCxwhPoRT1LHIQ6aZlhrBXxKspWbhTFGqqYq61ffOcMeNrE01g_cfiDAVuK6ENAwqgzPRMODhe6KG92_6AG6gaiMsOBHkHQCcY6kmEwDC1T2Rv3tEQcmzU0K74RU3UNmD1W0_b0ZZ4V5o2KAzRG6giOG6dGbdSAw__HhEvJ3VvhYiT6O75gW5EYMlecfx-1-CDXSuTVXkTYXpXGlV19pjOI7JRdXBRp84-pFyvXpjd9Ot5-zAVAxosPijvCOAjy9qPenGEVaAf1yy-v61OLMIyYRQLFohlrBt7dms-X3WzHThB9e6yhaYXqOrq7a6CPPYi5R_GvV44AQBgAb4r-DGksippccBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1y-dhJgvbM8cnOHjqLUcCncnikqQ%26client%3Dca-pub-7415831428202174%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b661e0d58fe82cc548b37e6c1413c0df62c46e0d32d84191f1dfe67acc4e6890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 09:58:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 3002
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 7984 43 B
403 B 346ms
190ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7508491101934025004&v3=1230238&v4=12460949&v5=11050095&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRjM1pqTmhNR0V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1MDg0OTExMDE5MzQwMjUwMDQvMTEwNTAwOTUvMTI0NjA5NDkvNC9LaWFtVm4zck9OX25EQmZGQ3oxTFRiWUpMMm96VHMyMWxMLU53QVVLbFpNLzEvNC8wLzAvMTk5OTg0My8wLzIxNTU0My8xMjMwMjM4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNzUwODQ5MTEwMTkzNDAyNTAwNC9hbXMvMC84NTI0Lzk4Lzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjY4MzMzNTM2LzE2NjgzNDYxMzYvNC9wdWItNzQxNTgzMTQyODIwMjE3NC8/0IJ8A6Yl9T38hFrbXUun1Zm36ZI&nodeid=4011&group=cdg&auctionid=7508491101934025004&pbs_auctionid=7508491101934025004&shardkey=7508491101934025004&sid=12460949&cid=11050095&bp=a_befcig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiGGl4L9wY5nFBoOs9u8PwpG_-AvPh46bXMCG2YLGAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJ4AIAqAMBqgSoAk_Q6wbdYGXWxUaqrpoixz-2_tV_YQ3dakwAsgxObXcb1MOM_wiOqrWY6MB4RVpbTahUCxwhPoRT1LHIQ6aZlhrBXxKspWbhTFGqqYq61ffOcMeNrE01g_cfiDAVuK6ENAwqgzPRMODhe6KG92_6AG6gaiMsOBHkHQCcY6kmEwDC1T2Rv3tEQcmzU0K74RU3UNmD1W0_b0ZZ4V5o2KAzRG6giOG6dGbdSAw__HhEvJ3VvhYiT6O75gW5EYMlecfx-1-CDXSuTVXkTYXpXGlV19pjOI7JRdXBRp84-pFyvXpjd9Ot5-zAVAxosPijvCOAjy9qPenGEVaAf1yy-v61OLMIyYRQLFohlrBt7dms-X3WzHThB9e6yhaYXqOrq7a6CPPYi5R_GvV44AQBgAb4r-DGksippccBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1y-dhJgvbM8cnOHjqLUcCncnikqQ%26client%3Dca-pub-7415831428202174%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 162 58fc253 master hkg-pixel-x1 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:57 GMT
Server: MT3 162 58fc253 master hkg-pixel-x1 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 7984 49 B
329 B 90ms
41ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7508491101934025004&st=12460949&time=1668333537&nodeid=4011
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRjM1pqTmhNR0V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1MDg0OTExMDE5MzQwMjUwMDQvMTEwNTAwOTUvMTI0NjA5NDkvNC9LaWFtVm4zck9OX25EQmZGQ3oxTFRiWUpMMm96VHMyMWxMLU53QVVLbFpNLzEvNC8wLzAvMTk5OTg0My8wLzIxNTU0My8xMjMwMjM4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNzUwODQ5MTEwMTkzNDAyNTAwNC9hbXMvMC84NTI0Lzk4Lzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjY4MzMzNTM2LzE2NjgzNDYxMzYvNC9wdWItNzQxNTgzMTQyODIwMjE3NC8/0IJ8A6Yl9T38hFrbXUun1Zm36ZI&nodeid=4011&group=cdg&auctionid=7508491101934025004&pbs_auctionid=7508491101934025004&shardkey=7508491101934025004&sid=12460949&cid=11050095&bp=a_befcig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiGGl4L9wY5nFBoOs9u8PwpG_-AvPh46bXMCG2YLGAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJ4AIAqAMBqgSoAk_Q6wbdYGXWxUaqrpoixz-2_tV_YQ3dakwAsgxObXcb1MOM_wiOqrWY6MB4RVpbTahUCxwhPoRT1LHIQ6aZlhrBXxKspWbhTFGqqYq61ffOcMeNrE01g_cfiDAVuK6ENAwqgzPRMODhe6KG92_6AG6gaiMsOBHkHQCcY6kmEwDC1T2Rv3tEQcmzU0K74RU3UNmD1W0_b0ZZ4V5o2KAzRG6giOG6dGbdSAw__HhEvJ3VvhYiT6O75gW5EYMlecfx-1-CDXSuTVXkTYXpXGlV19pjOI7JRdXBRp84-pFyvXpjd9Ot5-zAVAxosPijvCOAjy9qPenGEVaAf1yy-v61OLMIyYRQLFohlrBt7dms-X3WzHThB9e6yhaYXqOrq7a6CPPYi5R_GvV44AQBgAb4r-DGksippccBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1y-dhJgvbM8cnOHjqLUcCncnikqQ%26client%3Dca-pub-7415831428202174%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.371.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:57 GMT
Server: MMBD/3.371.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x83, cdg-bidder-x15
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 13 Nov 2022 09:58:56 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F7F4 42 B
498 B 69ms
42ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0xIpM0nDDBJPQEEKMUSh_deoF8gFTX1HdDRkyruEH35l2sQbU7QuVQBWh6evVCO3F-r9gKhaBY3yHPO0OhfmirLE&sig=Cg0ArKJSzF-CtCHPKHs3EAE&id=lidar2&mcvt=1146&p=760,315,850,1285&mtos=1146,1146,1146,1146,1146&tos=1146,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=742162314&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668333535966&rpt=377&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 people.png
www.setn.com/images/icon/ Frame 7BCE 636 B
985 B 170ms
170ms Image
image/png 108.159.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.setn.com/images/icon/people.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/vod/live/22078?pagegroupid=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.159.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-159-80-114.bom78.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0a47eba01af09bce7436c8a492c5157b0e414ce6418da64aca588eb64e4156d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 04:04:08 GMT
via: 1.1 284ed08bdcf69e47aecbbe321a96b700.cloudfront.net (CloudFront)
last-modified: Mon, 09 Aug 2021 10:21:44 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: BOM78-P6
age: 21289
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 636
x-amz-cf-id: LDWDS_opsseUyoCCucCLfGhXiPK3_gT8z3C0PgPNatH6MzzgIZIOVQ==
expires: Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 03BC 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 03BC 1 KB
2 KB 16ms
15ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8c0a44794ae15b9d01f889c0284fe6adae0d3252a95d67b5216d787bb503cc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=425761
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1402
expires: Fri, 18 Nov 2022 08:14:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 03BC 2 KB
2 KB 16ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=479175
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1584
expires: Fri, 18 Nov 2022 23:05:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 03BC 22 KB
22 KB 19ms
18ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=104&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=596&s=uz5746XqY2TJmw3Lkv-ynyH7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6e9eda5dc74a1c770c667f5ae3110bb5ac7158fd79f277676f66b9e44385f353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30929544
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22116
expires: Mon, 06 Nov 2023 09:31:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 03BC 2 KB
3 KB 21ms
21ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoSogeti-Deutschland-GmbH-19712DE.gif%3Feb%3D1&v=3&w=400&s=AmN22zz2Bpj8nmELJfmaxjex&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f34b367b5731ec766e201da733463aef658056ce540a19c8c1aa93d6d94b5ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2053802
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2362
expires: Wed, 07 Dec 2022 04:29:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 03BC 2 KB
2 KB 27ms
27ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr-Meindl-u-Partner-Verrechnungsstelle-GmbH-139545DE.gif%3Feb%3D1&v=3&w=400&s=OEC11Z9rjyZetjUjA1x1yYe1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1530
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1732
expires: Sun, 13 Nov 2022 10:24:28 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 03BC 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=xkrjCtdP54n_9EJNriTd3D6c26LcBbCndh971pJH22njEPaFVA-ZmSPd7TR-Y9XVkNhooTAvqEpaEKzasCwuaq7JXCOsbUeNXT1CnhrlbJny2GhMtK15UpY1L3A0i-VldVCLMenpFpYzBA6hHCtOdWWNCVFY_p4NEYHqkKXysVKWtyciqdSVN6BfXif2xyYq-iT3_R16eTJwBYWVGydVEEpOAgBDDsSfEgD4_qjSfPw0YXlGhXpdabBNpvRqkEZ867N4lA&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 03BC 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 03BC 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame FE76 12 KB
6 KB 19ms
18ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FE76 2 KB
2 KB 16ms
15ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=479175
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1584
expires: Fri, 18 Nov 2022 23:05:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FE76 2 KB
3 KB 17ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f34b367b5731ec766e201da733463aef658056ce540a19c8c1aa93d6d94b5ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2053802
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2362
expires: Wed, 07 Dec 2022 04:29:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FE76 1 KB
2 KB 17ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8c0a44794ae15b9d01f889c0284fe6adae0d3252a95d67b5216d787bb503cc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=425761
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1402
expires: Fri, 18 Nov 2022 08:14:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FE76 14 KB
14 KB 19ms
19ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=596&s=sfa2JZeEFbnsWUfEEvAXgpGL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5298d6aa96d4c31e65e9198beb08bc3de1b5b885f22ece667f35c05ea42e2424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30929544
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14455
expires: Mon, 06 Nov 2023 09:31:21 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FE76 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=jFP0rNdP54n_9EJNVmytsW1U0xbodaJeJggYGQW4W734mxL4iWm_NQPdXdCwzYhG_XSGAHg2CgRinh0Dfvp4KG7GpUzIqo6GRsE7BN1yiEqxrJTw9m5RTB3mYm1QdqOfZRZVJPDyBtCHL4cJRdJa53cZx8Q67_6gjvwZG0Kg-Z9QgSvvHblvhhT1u-kOAKnERmu-R3V0isjFm5rFPBg_vAtm1QHvrtWdI39V323ZM1XYVe9On0PS58CEDtgAA-hT4SiOUg&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FE76 2 KB
1 KB 25ms
25ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame FE76 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4FB0 12 KB
5 KB 40ms
26ms Script
application/javascript 2a06:98c1:3123::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3123:: , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 919335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shPZbMMfBywKDIwtDHwDlQeOIc9vWCUgU%2BwMNt2B76DwwWHFcbQ40UTHvQO6Z5LhAjA9N3QzWTZewbwPwzfSrI6wJH5uZ5vyiDls7ZdDGiAn4SUk%2BITy3qLOtYozKMU%2FHHO9DqMWm2u8HeTUy2Go%2FM%2F1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7696a6e278c1bbc5-FRA
expires: Fri, 03 Nov 2023 09:58:57 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4FB0 12 KB
6 KB 15ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame 4FB0 58 KB
58 KB 53ms
25ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame 4FB0 56 KB
56 KB 68ms
41ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4FB0 15 KB
15 KB 21ms
19ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F200316%2F27f37b09e7784149bde2023a100b9024_hori.png&v=3&w=596&s=3hmkj8oBJD5u_RcvFyhk7I0h

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

16353e03e9d2f0c3ed006e490c0344289c422fe6fa8e5f64d26498a3a1930646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29528857
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15147
expires: Sat, 21 Oct 2023 04:26:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4FB0 20 KB
20 KB 22ms
20ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F34deb7c6-4d8b-4c91-aa52-8cc42ffd86ad_7546095f-33fd-4a8c-be28-b1ec379b0e66.jpg&v=3&w=400&s=JBmi-5Ls0RbVDkHpTPxLQ_hd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cff8ccff1d7cb44e1cb7407e0c6feb6718a976c86d2246b9de610fc9ef486978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=417702
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20626
expires: Fri, 18 Nov 2022 06:00:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4FB0 22 KB
22 KB 31ms
29ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Faf10f53a-65da-4028-be8b-aac6a8d6e2e8_aa384955-9b0d-4125-a000-d9222fa0079c.jpg&v=3&w=400&s=HZto3Ga7Eua_7jmJt2YA8ZqP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ae641f34aad32873e6434367397ecfe974931933068de97542a56fa2eaf44c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=978602
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22462
expires: Thu, 24 Nov 2022 17:48:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4FB0 29 KB
29 KB 27ms
25ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F05bbf028-1164-49db-a83d-3482fb92a902_db0fb514-369a-478e-9966-f96896c99ea7.jpg&v=3&w=400&s=2c8FrA4L0Efgy7vqiy_PLc_U&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

963ec2c069e966a55e8d747c37c26b1827b3d0d90d924970449549fed156b34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=346404
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29200
expires: Thu, 17 Nov 2022 10:12:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4FB0 93 KB
93 KB 38ms
37ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F220429%2Fc5c7784eea4b45d6a6537ec5fd78f3ad_img_vertical_1.png&v=3&w=1200&s=gFS6GSHHV3WBXeYn3CGvnuBC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

fb6bb1fe9b79b6476a927e84153a32945111de5affaedc496c0c4520967b81d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29453450
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 95262
expires: Fri, 20 Oct 2023 07:29:48 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4FB0 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=jE25FNdP54n_9EJNamn-XJqh5waxcoOIEmz5u7Hz_woglU9jgr8zMMhW4AKq2hIQe2J_mzEPzoA0YeYdjsT0BZor13SEf83A0dTHnpTpLARAUVoZUXs_hk2Kzb1YAIjvA3lWr_yx_k2E9Bsa2zDRclNmBQmstEijxsPwOpstszBljW6AUM04mSN9GiLvRIer6-xT8X0G8eOglB5gKgR96FmlvEUG-JFxPLiUB4i0EBsDibsQYQmLT5SH7h4&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4FB0 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4FB0 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame C662 52 KB
15 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 14:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 13 Nov 2022 14:53:08 GMT

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 1E2F 0
269 B 239ms
238ms Script
text/plain 54.64.101.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.101.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-101-191.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 13 Nov 2022 09:58:57 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 1A3C 0
269 B 237ms
237ms Script
text/plain 54.64.101.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.101.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-101-191.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 13 Nov 2022 09:58:57 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 4F67 0
269 B 239ms
239ms Script
text/plain 54.64.101.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.101.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-101-191.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 13 Nov 2022 09:58:57 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 415ms
99ms Script
application/javascript 54.162.52.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1668333537749&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InN0YXItd29yZC1wYyIsInRpbWVfc2hvd19zZWNvbmRzIjoyLCJyZXF1ZXN0X2FkIjoyMCwiZG1mIjoibSIsInJlc3BvbnNlX2FkIjoyMCwic21qYWQiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoic3Rhci5zZXRuLmNvbSIsInVybCI6Imh0dHBzOi8vc3Rhci5zZXRuLmNvbS9uZXdzLzExODE5MzYiLCJsb2dpZCI6ImM0NDEyY2NkLTk4MzgtNDg4ZS05ZjM2LWZjMTYwNTA1Zjc0MCIsInVpZCI6IjlkNjQ0YTFiYWU0Y2RkNjAyZDQxNjY4MzMzNTM2MDcxIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiODQ3MGZiNjQtMGJiNy00ZmRkLWJkMTEtY2M4MDE0M2FhMjYxIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuWRqOeOieiUu%2BWFqOiqquS6hu%2B8geiUo%2BWtneWatOOAjOaZtuiPr%2Be3i%2BiBnuahiOOAjeWls%2BS4u%2Binkuern%2BaYr%2BWlue%2B8muaPremWi%2BWkmuW5tOecn%2BebuCIsInRkX3VybCI6Imh0dHBzOi8vc3Rhci5zZXRuLmNvbS9uZXdzLzExODE5MzY%2FZnJvbT15JkNsaWNrSVA9MTk4LjU5LjE5MS4yNDkiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNy4wLjUzMDQuMTEwIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6InN0YXIuc2V0bi5jb20iLCJ0ZF9wYXRoIjoiL25ld3MvMTE4MTkzNiIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiODQ3MGZiNjQtMGJiNy00ZmRkLWJkMTEtY2M4MDE0M2FhMjYxIiwiY29tbW9uX2NhdGVnb3J5Ijoic29jaWFsIiwiY2F0ZWdvcnkiOiLlqJvmqIIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.52.82 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-52-82.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Sun, 13 Nov 2022 09:58:58 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 403ms
98ms Script
application/javascript 54.162.52.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1668333537761&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InN0YXItd29yZC1wYy0yIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjIwLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjIwLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJzdGFyLnNldG4uY29tIiwidXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNiIsImxvZ2lkIjoiYzQ0MTJjY2QtOTgzOC00ODhlLTlmMzYtZmMxNjA1MDVmNzQwIiwidWlkIjoiOWQ2NDRhMWJhZTRjZGQ2MDJkNDE2NjgzMzM1MzYwNzEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5ZGo546J6JS75YWo6Kqq5LqG77yB6JSj5a2d5Zq044CM5pm26I%2Bv57eL6IGe5qGI44CN5aWz5Li76KeS56uf5piv5aW577ya5o%2Bt6ZaL5aSa5bm055yf55u4IiwidGRfdXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNj9mcm9tPXkmQ2xpY2tJUD0xOTguNTkuMTkxLjI0OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoic3Rhci5zZXRuLmNvbSIsInRkX3BhdGgiOiIvbmV3cy8xMTgxOTM2IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJjb21tb25fY2F0ZWdvcnkiOiJzb2NpYWwiLCJjYXRlZ29yeSI6IuWom%2BaogiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ%3D%3D&callback=TreasureJSONPCallback1

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.52.82 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-52-82.compute-1.amazonaws.com

Software

Resource Hash

0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Sun, 13 Nov 2022 09:58:58 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 405ms
99ms Script
application/javascript 54.162.52.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1668333537767&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InN0YXItd29yZC1wYy0zIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjIwLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjIwLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJzdGFyLnNldG4uY29tIiwidXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNiIsImxvZ2lkIjoiYzQ0MTJjY2QtOTgzOC00ODhlLTlmMzYtZmMxNjA1MDVmNzQwIiwidWlkIjoiOWQ2NDRhMWJhZTRjZGQ2MDJkNDE2NjgzMzM1MzYwNzEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5ZGo546J6JS75YWo6Kqq5LqG77yB6JSj5a2d5Zq044CM5pm26I%2Bv57eL6IGe5qGI44CN5aWz5Li76KeS56uf5piv5aW577ya5o%2Bt6ZaL5aSa5bm055yf55u4IiwidGRfdXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNj9mcm9tPXkmQ2xpY2tJUD0xOTguNTkuMTkxLjI0OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoic3Rhci5zZXRuLmNvbSIsInRkX3BhdGgiOiIvbmV3cy8xMTgxOTM2IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJjb21tb25fY2F0ZWdvcnkiOiJzb2NpYWwiLCJjYXRlZ29yeSI6IuWom%2BaogiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ%3D%3D&callback=TreasureJSONPCallback2

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.52.82 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-52-82.compute-1.amazonaws.com

Software

Resource Hash

84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Sun, 13 Nov 2022 09:58:58 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 396ms
103ms Script
application/javascript 54.162.52.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1668333537777&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6Il9wb3BJbl9zdGFuZGFyZF8xQjJpbmZlZWRfcGMiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MiwicmVxdWVzdF9hZCI6MjAsImRtZiI6Im0iLCJyZXNwb25zZV9hZCI6MjAsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InN0YXIuc2V0bi5jb20iLCJ1cmwiOiJodHRwczovL3N0YXIuc2V0bi5jb20vbmV3cy8xMTgxOTM2IiwibG9naWQiOiJjNDQxMmNjZC05ODM4LTQ4OGUtOWYzNi1mYzE2MDUwNWY3NDAiLCJ1aWQiOiI5ZDY0NGExYmFlNGNkZDYwMmQ0MTY2ODMzMzUzNjA3MSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijg0NzBmYjY0LTBiYjctNGZkZC1iZDExLWNjODAxNDNhYTI2MSIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLlkajnjonolLvlhajoqqrkuobvvIHolKPlrZ3lmrTjgIzmmbboj6%2Fnt4vogZ7moYjjgI3lpbPkuLvop5Lnq5%2FmmK%2FlpbnvvJrmj63plovlpJrlubTnnJ%2Fnm7giLCJ0ZF91cmwiOiJodHRwczovL3N0YXIuc2V0bi5jb20vbmV3cy8xMTgxOTM2P2Zyb209eSZDbGlja0lQPTE5OC41OS4xOTEuMjQ5IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDcuMC41MzA0LjExMCBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJzdGFyLnNldG4uY29tIiwidGRfcGF0aCI6Ii9uZXdzLzExODE5MzYiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6Ijg0NzBmYjY0LTBiYjctNGZkZC1iZDExLWNjODAxNDNhYTI2MSIsImNvbW1vbl9jYXRlZ29yeSI6InNvY2lhbCIsImNhdGVnb3J5Ijoi5aib5qiCIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&callback=TreasureJSONPCallback3

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.52.82 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-52-82.compute-1.amazonaws.com

Software

Resource Hash

b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Sun, 13 Nov 2022 09:58:58 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

GET imgNewsBg.png
star.sanlih.com.tw/Content/images/ 0
0

GET
H/1.1 200
OK logo.png
api.popin.cc/images/ 2 KB
3 KB 254ms
254ms Image
image/png 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-version-id: null
Last-Modified: Tue, 02 Apr 2019 12:00:56 GMT
Server: nginx
ETag: "b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status: HIT from 10.252.55.44
Content-Type: image/png
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2316
Expires: Sun, 13 Nov 2022 10:58:57 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 262ms
258ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InN0YXIuc2V0bi5jb20iLCJ1cmwiOiJodHRwczovL3N0YXIuc2V0bi5jb20vbmV3cy8xMTgxOTM2IiwidWlkIjoiOWQ2NDRhMWJhZTRjZGQ2MDJkNDE2NjgzMzM1MzYwNzEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNj9mcm9tPXkmQ2xpY2tJUD0xOTguNTkuMTkxLjI0OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoic3Rhci5zZXRuLmNvbSIsInRkX3BhdGgiOiIvbmV3cy8xMTgxOTM2IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTA3LjAuNTMwNCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1668333537740
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 adlogs
log.popin.cc/log/popin_ads/ 66 B
223 B 263ms
259ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InN0YXItd29yZC1wYyIsInRpbWVfc2hvd19zZWNvbmRzIjoyLCJyZXF1ZXN0X2FkIjoyMCwiZG1mIjoibSIsInJlc3BvbnNlX2FkIjoyMCwic21qYWQiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoic3Rhci5zZXRuLmNvbSIsInVybCI6Imh0dHBzOi8vc3Rhci5zZXRuLmNvbS9uZXdzLzExODE5MzYiLCJsb2dpZCI6ImM0NDEyY2NkLTk4MzgtNDg4ZS05ZjM2LWZjMTYwNTA1Zjc0MCIsInVpZCI6IjlkNjQ0YTFiYWU0Y2RkNjAyZDQxNjY4MzMzNTM2MDcxIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiODQ3MGZiNjQtMGJiNy00ZmRkLWJkMTEtY2M4MDE0M2FhMjYxIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuWRqOeOieiUu+WFqOiqquS6hu+8geiUo+WtneWatOOAjOaZtuiPr+e3i+iBnuahiOOAjeWls+S4u+inkuern+aYr+Wlue+8muaPremWi+WkmuW5tOecn+ebuCIsInRkX3VybCI6Imh0dHBzOi8vc3Rhci5zZXRuLmNvbS9uZXdzLzExODE5MzY/ZnJvbT15JkNsaWNrSVA9MTk4LjU5LjE5MS4yNDkiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNy4wLjUzMDQuMTEwIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6InN0YXIuc2V0bi5jb20iLCJ0ZF9wYXRoIjoiL25ld3MvMTE4MTkzNiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNy4wLjUzMDQiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiODQ3MGZiNjQtMGJiNy00ZmRkLWJkMTEtY2M4MDE0M2FhMjYxIiwiY29tbW9uX2NhdGVnb3J5Ijoic29jaWFsIiwiY2F0ZWdvcnkiOiLlqJvmqIIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1668333537750
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 744ms
243ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&uid=9d644a1bae4cdd602d41668333536071&type=pc_pv&nid=pc&media=star.setn.com&r5=ca_%E5%A8%9B%E6%A8%82&t=1668333537750&tz=tw
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
last-modified: Thu, 16 Sep 2021 07:12:26 GMT
server: nginx
etag: "6142ee5a-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 264ms
260ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoic3Rhci5zZXRuLmNvbSIsInVybCI6Imh0dHBzOi8vc3Rhci5zZXRuLmNvbS9uZXdzLzExODE5MzYiLCJsb2dpZCI6ImM0NDEyY2NkLTk4MzgtNDg4ZS05ZjM2LWZjMTYwNTA1Zjc0MCIsInVpZCI6IjlkNjQ0YTFiYWU0Y2RkNjAyZDQxNjY4MzMzNTM2MDcxIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiODQ3MGZiNjQtMGJiNy00ZmRkLWJkMTEtY2M4MDE0M2FhMjYxIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuWRqOeOieiUu+WFqOiqquS6hu+8geiUo+WtneWatOOAjOaZtuiPr+e3i+iBnuahiOOAjeWls+S4u+inkuern+aYr+Wlue+8muaPremWi+WkmuW5tOecn+ebuCIsInRkX3VybCI6Imh0dHBzOi8vc3Rhci5zZXRuLmNvbS9uZXdzLzExODE5MzY/ZnJvbT15JkNsaWNrSVA9MTk4LjU5LjE5MS4yNDkiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNy4wLjUzMDQuMTEwIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6InN0YXIuc2V0bi5jb20iLCJ0ZF9wYXRoIjoiL25ld3MvMTE4MTkzNiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNy4wLjUzMDQiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiODQ3MGZiNjQtMGJiNy00ZmRkLWJkMTEtY2M4MDE0M2FhMjYxIiwiY29tbW9uX2NhdGVnb3J5Ijoic29jaWFsIiwiY2F0ZWdvcnkiOiLlqJvmqIIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1668333537750
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
108 B 1017ms
251ms Image
text/plain 119.63.197.136
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5ZGo546J6JS75YWo6Kqq5LqG77yB6JSj5a2d5Zq044CM5pm26I+v57eL6IGe5qGI44CN5aWz5Li76KeS56uf5piv5aW577ya5o+t6ZaL5aSa5bm055yf55u4IiwidGRfdXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNj9mcm9tPXkmQ2xpY2tJUD0xOTguNTkuMTkxLjI0OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoic3Rhci5zZXRuLmNvbSIsInRkX3BhdGgiOiIvbmV3cy8xMTgxOTM2IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6IjEzOC4xOTkuMzguMTMyIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNy4wLjUzMDQiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiZGlzaF9jb21tb25fY2F0ZWdvcnkiOiJzb2NpYWwiLCJrZXkiOiJrZXkxNjY4MzMzNTM2MDcxIiwibm93IjoxNjY4MzMzNTM3NzUxLCJjbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJ1cmwiOiJodHRwczovL3N0YXIuc2V0bi5jb20vbmV3cy8xMTgxOTM2IiwidWlkIjoiOWQ2NDRhMWJhZTRjZGQ2MDJkNDE2NjgzMzM1MzYwNzEiLCJzbWpJZCI6IiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6InN0YXIuc2V0bi5jb20iLCJkaXNoX2NhdGVnb3J5Ijoi5aib5qiCIiwiZGlzaF9kb21haW4iOiJzdGFyLnNldG4uY29tIiwidl9kaXNoX2xhYmVscyI6Iue3i+iBniznr4Dnm64s5aib5qiC5Lit5b+DLOiQrOWuiSznlbblubQs5ZCI5oiQ5ZyWLOmXnOmNteWtlyzlgJnpgbjkuros5Y+w5YyX5biCLOS7iuaXpSzlp5PlkI0s5Lit5ZyLLOWwj+WnkCzniLbopqos5YWn5bmVLOeiuuiqjSzooajnpLos5pma6ZaTLOWFrOS9iCzlhqDou40s5pma5LiKLOS4lue0gCzpo6/lupcs6LGq6ZaALOeMm+aUuyzov5Hml6Us5auB5YWlLOizh+a3sSzlvJXnmbws5pKt5Ye6LOebruWJjSzouqvku70s5ZCN5Zi0LOaMh+WHuizntrLlj4ss5pel5YmNLOaPkOWHuizmlrDogZ4s5LqL5Lu2LOS6uuS6uizouqvliIYs5YyF5ousLOWQjeWtlyzpoJDlkYos5Yqg56K8LOmomeWxgCzlparlvpcs5Zau6LqrLOmBuOaLlCzniIblh7os5pS55aeTLOWqkumrlCzorYnmk5os5LuK5aSpLOeIhuaWmSzloLHlsI4iLCJ2X2Rpc2hfdGxhYmVscyI6IuWls+S4u+inkizolKPlrZ3lmrQs5pm26I+v57eL6IGe5qGILOaPremWiyIsImxvZ2lkIjoiYzQ0MTJjY2QtOTgzOC00ODhlLTlmMzYtZmMxNjA1MDVmNzQwIiwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRvbWFpbiI6InN0YXIuc2V0bi5jb20iLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/plain

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 493ms
244ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&uid=&type=pc_channel_pv&nid=pc&media=star.setn.com&r5=ca_%E5%A8%9B%E6%A8%82|ch_star-word-pc&t=1668333537758&tz=tw
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
last-modified: Thu, 16 Sep 2021 07:12:26 GMT
server: nginx
etag: "6142ee5a-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 264ms
261ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJzdGFyLXdvcmQtcGMiLCJleHBlY3RlZF9hZCI6MSwicmVuZGVyZWRfYWQiOjEsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoic3Rhci5zZXRuLmNvbSIsInVybCI6Imh0dHBzOi8vc3Rhci5zZXRuLmNvbS9uZXdzLzExODE5MzYiLCJsb2dpZCI6ImM0NDEyY2NkLTk4MzgtNDg4ZS05ZjM2LWZjMTYwNTA1Zjc0MCIsInVpZCI6IjlkNjQ0YTFiYWU0Y2RkNjAyZDQxNjY4MzMzNTM2MDcxIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiODQ3MGZiNjQtMGJiNy00ZmRkLWJkMTEtY2M4MDE0M2FhMjYxIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuWRqOeOieiUu+WFqOiqquS6hu+8geiUo+WtneWatOOAjOaZtuiPr+e3i+iBnuahiOOAjeWls+S4u+inkuern+aYr+Wlue+8muaPremWi+WkmuW5tOecn+ebuCIsInRkX3VybCI6Imh0dHBzOi8vc3Rhci5zZXRuLmNvbS9uZXdzLzExODE5MzY/ZnJvbT15JkNsaWNrSVA9MTk4LjU5LjE5MS4yNDkiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNy4wLjUzMDQuMTEwIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6InN0YXIuc2V0bi5jb20iLCJ0ZF9wYXRoIjoiL25ld3MvMTE4MTkzNiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNy4wLjUzMDQiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiODQ3MGZiNjQtMGJiNy00ZmRkLWJkMTEtY2M4MDE0M2FhMjYxIiwiY29tbW9uX2NhdGVnb3J5Ijoic29jaWFsIiwiY2F0ZWdvcnkiOiLlqJvmqIIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1668333537758
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 adlogs
log.popin.cc/log/popin_ads/ 66 B
223 B 264ms
261ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InN0YXItd29yZC1wYy0yIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjIwLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjIwLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJzdGFyLnNldG4uY29tIiwidXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNiIsImxvZ2lkIjoiYzQ0MTJjY2QtOTgzOC00ODhlLTlmMzYtZmMxNjA1MDVmNzQwIiwidWlkIjoiOWQ2NDRhMWJhZTRjZGQ2MDJkNDE2NjgzMzM1MzYwNzEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5ZGo546J6JS75YWo6Kqq5LqG77yB6JSj5a2d5Zq044CM5pm26I+v57eL6IGe5qGI44CN5aWz5Li76KeS56uf5piv5aW577ya5o+t6ZaL5aSa5bm055yf55u4IiwidGRfdXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNj9mcm9tPXkmQ2xpY2tJUD0xOTguNTkuMTkxLjI0OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoic3Rhci5zZXRuLmNvbSIsInRkX3BhdGgiOiIvbmV3cy8xMTgxOTM2IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTA3LjAuNTMwNCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJjb21tb25fY2F0ZWdvcnkiOiJzb2NpYWwiLCJjYXRlZ29yeSI6IuWom+aogiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1668333537762
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 388ms
244ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&uid=&type=pc_channel_pv&nid=pc&media=star.setn.com&r5=ca_%E5%A8%9B%E6%A8%82|ch_star-word-pc-2&t=1668333537764&tz=tw
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
last-modified: Thu, 16 Sep 2021 07:12:26 GMT
server: nginx
etag: "6142ee5a-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 264ms
262ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJzdGFyLXdvcmQtcGMtMiIsImV4cGVjdGVkX2FkIjoxLCJyZW5kZXJlZF9hZCI6MSwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJzdGFyLnNldG4uY29tIiwidXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNiIsImxvZ2lkIjoiYzQ0MTJjY2QtOTgzOC00ODhlLTlmMzYtZmMxNjA1MDVmNzQwIiwidWlkIjoiOWQ2NDRhMWJhZTRjZGQ2MDJkNDE2NjgzMzM1MzYwNzEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5ZGo546J6JS75YWo6Kqq5LqG77yB6JSj5a2d5Zq044CM5pm26I+v57eL6IGe5qGI44CN5aWz5Li76KeS56uf5piv5aW577ya5o+t6ZaL5aSa5bm055yf55u4IiwidGRfdXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNj9mcm9tPXkmQ2xpY2tJUD0xOTguNTkuMTkxLjI0OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoic3Rhci5zZXRuLmNvbSIsInRkX3BhdGgiOiIvbmV3cy8xMTgxOTM2IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTA3LjAuNTMwNCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJjb21tb25fY2F0ZWdvcnkiOiJzb2NpYWwiLCJjYXRlZ29yeSI6IuWom+aogiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1668333537764
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 adlogs
log.popin.cc/log/popin_ads/ 66 B
223 B 265ms
262ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InN0YXItd29yZC1wYy0zIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjIwLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjIwLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJzdGFyLnNldG4uY29tIiwidXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNiIsImxvZ2lkIjoiYzQ0MTJjY2QtOTgzOC00ODhlLTlmMzYtZmMxNjA1MDVmNzQwIiwidWlkIjoiOWQ2NDRhMWJhZTRjZGQ2MDJkNDE2NjgzMzM1MzYwNzEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5ZGo546J6JS75YWo6Kqq5LqG77yB6JSj5a2d5Zq044CM5pm26I+v57eL6IGe5qGI44CN5aWz5Li76KeS56uf5piv5aW577ya5o+t6ZaL5aSa5bm055yf55u4IiwidGRfdXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNj9mcm9tPXkmQ2xpY2tJUD0xOTguNTkuMTkxLjI0OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoic3Rhci5zZXRuLmNvbSIsInRkX3BhdGgiOiIvbmV3cy8xMTgxOTM2IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTA3LjAuNTMwNCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJjb21tb25fY2F0ZWdvcnkiOiJzb2NpYWwiLCJjYXRlZ29yeSI6IuWom+aogiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1668333537768
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 374ms
245ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&uid=&type=pc_channel_pv&nid=pc&media=star.setn.com&r5=ca_%E5%A8%9B%E6%A8%82|ch_star-word-pc-3&t=1668333537771&tz=tw
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
last-modified: Thu, 16 Sep 2021 07:12:26 GMT
server: nginx
etag: "6142ee5a-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 265ms
263ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJzdGFyLXdvcmQtcGMtMyIsImV4cGVjdGVkX2FkIjoxLCJyZW5kZXJlZF9hZCI6MSwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJzdGFyLnNldG4uY29tIiwidXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNiIsImxvZ2lkIjoiYzQ0MTJjY2QtOTgzOC00ODhlLTlmMzYtZmMxNjA1MDVmNzQwIiwidWlkIjoiOWQ2NDRhMWJhZTRjZGQ2MDJkNDE2NjgzMzM1MzYwNzEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5ZGo546J6JS75YWo6Kqq5LqG77yB6JSj5a2d5Zq044CM5pm26I+v57eL6IGe5qGI44CN5aWz5Li76KeS56uf5piv5aW577ya5o+t6ZaL5aSa5bm055yf55u4IiwidGRfdXJsIjoiaHR0cHM6Ly9zdGFyLnNldG4uY29tL25ld3MvMTE4MTkzNj9mcm9tPXkmQ2xpY2tJUD0xOTguNTkuMTkxLjI0OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoic3Rhci5zZXRuLmNvbSIsInRkX3BhdGgiOiIvbmV3cy8xMTgxOTM2IiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTA3LjAuNTMwNCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI4NDcwZmI2NC0wYmI3LTRmZGQtYmQxMS1jYzgwMTQzYWEyNjEiLCJjb21tb25fY2F0ZWdvcnkiOiJzb2NpYWwiLCJjYXRlZ29yeSI6IuWom+aogiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1668333537771
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 adlogs
log.popin.cc/log/popin_ads/ 66 B
223 B 266ms
264ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6Il9wb3BJbl9zdGFuZGFyZF8xQjJpbmZlZWRfcGMiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MiwicmVxdWVzdF9hZCI6MjAsImRtZiI6Im0iLCJyZXNwb25zZV9hZCI6MjAsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InN0YXIuc2V0bi5jb20iLCJ1cmwiOiJodHRwczovL3N0YXIuc2V0bi5jb20vbmV3cy8xMTgxOTM2IiwibG9naWQiOiJjNDQxMmNjZC05ODM4LTQ4OGUtOWYzNi1mYzE2MDUwNWY3NDAiLCJ1aWQiOiI5ZDY0NGExYmFlNGNkZDYwMmQ0MTY2ODMzMzUzNjA3MSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijg0NzBmYjY0LTBiYjctNGZkZC1iZDExLWNjODAxNDNhYTI2MSIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLlkajnjonolLvlhajoqqrkuobvvIHolKPlrZ3lmrTjgIzmmbboj6/nt4vogZ7moYjjgI3lpbPkuLvop5Lnq5/mmK/lpbnvvJrmj63plovlpJrlubTnnJ/nm7giLCJ0ZF91cmwiOiJodHRwczovL3N0YXIuc2V0bi5jb20vbmV3cy8xMTgxOTM2P2Zyb209eSZDbGlja0lQPTE5OC41OS4xOTEuMjQ5IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDcuMC41MzA0LjExMCBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJzdGFyLnNldG4uY29tIiwidGRfcGF0aCI6Ii9uZXdzLzExODE5MzYiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDcuMC41MzA0IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6Ijg0NzBmYjY0LTBiYjctNGZkZC1iZDExLWNjODAxNDNhYTI2MSIsImNvbW1vbl9jYXRlZ29yeSI6InNvY2lhbCIsImNhdGVnb3J5Ijoi5aib5qiCIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1668333537781
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 375ms
246ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&uid=&type=pc_channel_pv&nid=pc&media=star.setn.com&r5=ca_%E5%A8%9B%E6%A8%82|ch__popIn_standard_1B2infeed_pc&t=1668333537792&tz=tw
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
last-modified: Thu, 16 Sep 2021 07:12:26 GMT
server: nginx
etag: "6142ee5a-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 519ms
517ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJfcG9wSW5fc3RhbmRhcmRfMUIyaW5mZWVkX3BjIiwiZXhwZWN0ZWRfYWQiOjQsInJlbmRlcmVkX2FkIjo0LCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InN0YXIuc2V0bi5jb20iLCJ1cmwiOiJodHRwczovL3N0YXIuc2V0bi5jb20vbmV3cy8xMTgxOTM2IiwibG9naWQiOiJjNDQxMmNjZC05ODM4LTQ4OGUtOWYzNi1mYzE2MDUwNWY3NDAiLCJ1aWQiOiI5ZDY0NGExYmFlNGNkZDYwMmQ0MTY2ODMzMzUzNjA3MSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijg0NzBmYjY0LTBiYjctNGZkZC1iZDExLWNjODAxNDNhYTI2MSIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLlkajnjonolLvlhajoqqrkuobvvIHolKPlrZ3lmrTjgIzmmbboj6/nt4vogZ7moYjjgI3lpbPkuLvop5Lnq5/mmK/lpbnvvJrmj63plovlpJrlubTnnJ/nm7giLCJ0ZF91cmwiOiJodHRwczovL3N0YXIuc2V0bi5jb20vbmV3cy8xMTgxOTM2P2Zyb209eSZDbGlja0lQPTE5OC41OS4xOTEuMjQ5IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDcuMC41MzA0LjExMCBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJzdGFyLnNldG4uY29tIiwidGRfcGF0aCI6Ii9uZXdzLzExODE5MzYiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDcuMC41MzA0IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6Ijg0NzBmYjY0LTBiYjctNGZkZC1iZDExLWNjODAxNDNhYTI2MSIsImNvbW1vbl9jYXRlZ29yeSI6InNvY2lhbCIsImNhdGVnb3J5Ijoi5aib5qiCIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1668333537792
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 365ms
245ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=9d644a1bae4cdd602d41668333536071&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&t=1668333537793
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
last-modified: Thu, 16 Sep 2021 07:12:26 GMT
server: nginx
etag: "6142ee5a-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2818 42 B
64 B 57ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJAXhe4jZXETk0ez325gbUitAfdjVqmwpnAf1NoCOwn5Pb935fa1AZRSx6-uXDf54p0xOPDvJmOWteiBsDT2ZAFXuPY8-AypsSr1MUlqNcRA5mwNgt&sig=Cg0ArKJSzOHtnvOZWGWfEAE&id=lidar2&mcvt=1256&p=0,1415,500,1535&mtos=1256,1256,1256,1256,1256&tos=1256,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2484978038&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668333536169&rpt=377&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 38BE 42 B
64 B 55ms
42ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOrkWEl74OlQeP_yOKjB2aLe0fC_P9WQ-gSX8rRojrPiMctt_avO4XJSOPopl082X9R_mSzGonpGUg6sojl3g2FTHxpYHuuGWhSUPBz-FXabwRipku&sig=Cg0ArKJSzNa6ty5gRP7VEAE&id=lidar2&mcvt=1258&p=0,65,500,185&mtos=1258,1258,1258,1258,1258&tos=1258,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3900048914&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668333536159&rpt=369&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A64B 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 request
sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/yw6y1BR3Wu9/contents/z6ByMJj0Vtvz/ Frame E67F 35 B
109 B 775ms
243ms Image
image/gif 43.200.153.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/yw6y1BR3Wu9/contents/z6ByMJj0Vtvz/request?q=N4IgxglgJiBcIAYnKQOhRlIA0IDu0A5gKYAuA%2BtHCAIoA2AnAGoBaAmgBoAsOIATsQCOAV2IBnClXh8ATAFEAUoQDSANgC2qgGZ8A1gA8AnjIBWvASPEVSEdcTgBGVaoAcAZg8BWN6q6rPuGIA9sJ8YPbwDg4uDgw%2BvHakABZBMJGoDui8YEkAhgB2%2BcR01ACCUGLkQfl0huSkxPoUAAoAwqjlYryNAA4QAmkgAMrC%2BQAEAHJBAG5jDm5jMggyMmMIDLCeLpuqYwDiALIAKgDUWLihENRJpKQ9YrAA9I8SuXyoYmT5qGBB6o9FPBiR5RGJxVQAfh0fwAvIYAGStOgQMC6ACSzRhsRcqE8DAyDEyMi4DF4EHy02I%2BVIQT4dSkIAcMgA7AwXAAfejMdjcXg00i5OjkHq5EiOXAisWwByBCAALwiMpAYjoQVI4v4BV0cAQuAgDXU5DAuXV8EA2FqAICteCR8lBiHxqAAxXgAI36yUMxDe1FizhAAF8gA&is_gif=1
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.200.153.114 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-200-153-114.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/Ql9VZYX4/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_Ql9VZYX4_2o2jvAoe&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=860&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 13 Nov 2022 09:58:58 GMT
server: nginx

GET
DATA 200
OK truncated
/ Frame 49EF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da9d76b9ac85c4c82d35392dfb854c4b2ee6235dc98097afb6bf7f0d23572cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK a9d2a9ff130a09d6d108b0dffd8e33a56d2bb.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/7a9/ Frame AABD 32 KB
32 KB 83ms
82ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/7a9/a9d2a9ff130a09d6d108b0dffd8e33a56d2bb.jpeg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: c487489a1eb7708de8884b07b2137b932f45ff48fac207b06e19c6907ba630bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: _qDL0yVx4P6XCwQzuzeQAUAGfTDqEFms
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: 3QP45P9EDND5R2B0
Connection: keep-alive
Content-Length: 32574
x-amz-id-2: riZ434JbnY9QYMVOkn5WrItL236qjbwkTDzjZIcrxajA3Lp1K9yACCBODsPHa8kRDitz2+yzeqM=
Last-Modified: Sun, 13 Nov 2022 03:05:09 GMT
Server: nginx/1.20.0
ETag: "c447239b8cb68b2389c1872cafb0570f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 96d0e9f429f8834e2cda848d10c54f181f94a.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/5f7/ Frame AABD 28 KB
28 KB 9ms
8ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/5f7/96d0e9f429f8834e2cda848d10c54f181f94a.jpeg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 29312e777fc4b6c653c6934c9c2092a8ef284e00fc520e19de40258a057e755c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Ky9vdST9IpqC8pfEM86vURh1MeAzWJan
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: 0WPN25XG4E20FAAM
Connection: keep-alive
Content-Length: 28485
x-amz-id-2: DUUK+xDn7g5EKtgJhSONMS5D+7w+ZvIH7tyiqqLwiAOluPeaoPeban4Dwvb+iIFkcRVkotZUowA=
Last-Modified: Sun, 13 Nov 2022 00:35:14 GMT
Server: nginx/1.20.0
ETag: "e9d76ab0404bea6c1607e3c8cf95226d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 14dc80ddae487e0eb6e56b0c1eee4f3374504.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/1ee/ Frame AABD 48 KB
49 KB 10ms
9ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/1ee/14dc80ddae487e0eb6e56b0c1eee4f3374504.jpeg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: f1236964460718b16aa3ff2ba1edf25c8ec519e956fcd80bb2ef8fd33d313dea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: b.juf28zOkJtcrUSFAQlTYD4SkRDTD1c
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: VQ1AR53X37JX4JF9
Connection: keep-alive
Content-Length: 49519
x-amz-id-2: fwOJjJwDGhasrSYf73OIas9KCmYeLG9/RI/UqeXl5ucTFo5qSun2fg6gyU+Mvg02bJ6uNwZmjOE=
Last-Modified: Fri, 11 Nov 2022 03:27:59 GMT
Server: nginx/1.20.0
ETag: "80ad5c1eed546f5529b2f9d7636d89ae"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK d4a3a5016231de3b5664927524c1bd49a2cc0.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/aed/ Frame AABD 30 KB
30 KB 10ms
9ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/aed/d4a3a5016231de3b5664927524c1bd49a2cc0.jpeg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: cba59ba38105976d6e016b056d87565a3fde5ec976726d50ea9ac3bbadfecee4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: p58Jk4xJRUoBNQ9OHliHv09724mDkCKu
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: 3E1X65J6HBFPX09S
Connection: keep-alive
Content-Length: 30526
x-amz-id-2: ibPbrRBozrtTRM7lg0njRdQJvoKFnwFPeF4QxIzHSv8Sp/XjnqBSlDyLe5wq88n7AM9G2A7MDfo=
Last-Modified: Sun, 13 Nov 2022 04:57:25 GMT
Server: nginx/1.20.0
ETag: "7831b360a866ac5f5889a5481116b3f8"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK d6c63c55cf052ef2202a658b74fa0930dbe5e.jpeg
images.dable.io/thumbnail/attach.setn.com/600X375/a52/ Frame AABD 25 KB
26 KB 9ms
8ms Image
image/jpeg 23.205.242.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/attach.setn.com/600X375/a52/d6c63c55cf052ef2202a658b74fa0930dbe5e.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-242-120.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: bdddf2b353b67971f4c2395b6bf19e8b919b8ea16fd72ec30d4e173233893c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: FZdilv7VO4hdauO8xLiQhlwbUWuOMq4z
Date: Sun, 13 Nov 2022 09:58:57 GMT
x-amz-request-id: 9FZK6SV2S4A24QVS
Connection: keep-alive
Content-Length: 25766
x-amz-id-2: eCV23cklrv6OxpzJg+a0/7l1fi+pVpsK4/6i59mbxTBC4Z1Oa9OG6KUQSfVz9HOxMRJE7CmBK7s=
Last-Modified: Thu, 10 Nov 2022 07:43:48 GMT
Server: nginx/1.20.0
ETag: "c4aae12e261e2dec23af220c2e02adc3"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D139 12 KB
6 KB 15ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 2 KB
2 KB 17ms
15ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=479175
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1584
expires: Fri, 18 Nov 2022 23:05:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 1 KB
2 KB 17ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8c0a44794ae15b9d01f889c0284fe6adae0d3252a95d67b5216d787bb503cc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=425761
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1402
expires: Fri, 18 Nov 2022 08:14:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 617 B
874 B 19ms
18ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1b130abb9f803a330d2995975d403ed0b6ec0bce34f4028bf4ba61c1ca269a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 617
expires: Sun, 13 Nov 2022 09:58:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 2 KB
2 KB 18ms
18ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

23dcf4c89871124e658e9ceb0069b07ea56ac09cfb416f898846c9f561546b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2030
expires: Sun, 13 Nov 2022 09:58:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 2 KB
3 KB 17ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f34b367b5731ec766e201da733463aef658056ce540a19c8c1aa93d6d94b5ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2053802
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2362
expires: Wed, 07 Dec 2022 04:29:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 11 KB
11 KB 17ms
17ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=y9MaZ2kysatRTgIoZYWcMJ4C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29706281
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10911
expires: Mon, 23 Oct 2023 05:43:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 2 KB
2 KB 17ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoAKKA-GmbH-Co-KGaA-59067DE.gif%3Feb%3D1&v=3&w=400&s=i2ni9rTRSIHCfm6b7UIKmRV_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

57549ec703978f56ade3a8f4892ab24cdd4c9e65ae886de5e70e3551fb2e1051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2323492
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1956
expires: Sat, 10 Dec 2022 07:23:50 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D139 0
127 B 18ms
18ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=2SNfKNdP54n_9EJNPTx1I0VSmdKGOfXTBRxiDfeB_4W8FviqiV0_6ZB0p_hs1dLZX5hdR26SUUNgJWNOe1C0CjcaSYLjxWV33LDD7dk7_wc74cw-Ljdd7JqJ4JxdzSXIfCPU9WwGYBggnopTbktIkbQ-nXbfIG_JoNfMoPRWbtlPlCqX_NbxNp7nqB9Lr6r5B1YMMFbHjeggsTlC28lUA5nA7Fnw77PUomH708VZifrb5cWpZUYzwhD89sP2wdDKJgUBEQ&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D139 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D139 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:57 GMT

GET
DATA 200
OK truncated
/ Frame F496 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3893e9aa5bce8611f5968e7b53a247f0314154a3e6ab6096669f08a61a0b20c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9278 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce42f96cb9bf968a920997e89a8df8ca6830d07542a069228600c6f768c19405

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK request.php Show response
hal900021.redintelligence.net/ Frame 7984 613 B
774 B 87ms
48ms Script
application/x-javascript 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=9jva1sfkle8t&nw=20&renderingType=javascript&namespace=2575fb7d99&subid=&uid=82c18f54f1941fa0&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DOGrU2ehfWzj0dYooaetp-A%26exch_seat%3D20035004448%26mt_aid%3D7508491101934025004%26mt_id%3D11050095%26mt_adid%3D215543%26mt_sid%3D12460949%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1b3e6370-bfe1-4501-a1c5-43d0490ea376%26mt_cid%3D1b3e6370-bfe1-4501-a1c5-43d0490ea376%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiGGl4L9wY5nFBoOs9u8PwpG_-AvPh46bXMCG2YLGAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJ4AIAqAMBqgSoAk_Q6wbdYGXWxUaqrpoixz-2_tV_YQ3dakwAsgxObXcb1MOM_wiOqrWY6MB4RVpbTahUCxwhPoRT1LHIQ6aZlhrBXxKspWbhTFGqqYq61ffOcMeNrE01g_cfiDAVuK6ENAwqgzPRMODhe6KG92_6AG6gaiMsOBHkHQCcY6kmEwDC1T2Rv3tEQcmzU0K74RU3UNmD1W0_b0ZZ4V5o2KAzRG6giOG6dGbdSAw__HhEvJ3VvhYiT6O75gW5EYMlecfx-1-CDXSuTVXkTYXpXGlV19pjOI7JRdXBRp84-pFyvXpjd9Ot5-zAVAxosPijvCOAjy9qPenGEVaAf1yy-v61OLMIyYRQLFohlrBt7dms-X3WzHThB9e6yhaYXqOrq7a6CPPYi5R_GvV44AQBgAb4r-DGksippccBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1y-dhJgvbM8cnOHjqLUcCncnikqQ%2526client%253Dca-pub-7415831428202174%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=4857736671385&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/9jva1sfkle8t?subid=&gdpr=1&gdpr_consent=li&rnd=7508491101934025004&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DOGrU2ehfWzj0dYooaetp-A%26exch_seat%3D20035004448%26mt_aid%3D7508491101934025004%26mt_id%3D11050095%26mt_adid%3D215543%26mt_sid%3D12460949%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1b3e6370-bfe1-4501-a1c5-43d0490ea376%26mt_cid%3D1b3e6370-bfe1-4501-a1c5-43d0490ea376%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiGGl4L9wY5nFBoOs9u8PwpG_-AvPh46bXMCG2YLGAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJ4AIAqAMBqgSoAk_Q6wbdYGXWxUaqrpoixz-2_tV_YQ3dakwAsgxObXcb1MOM_wiOqrWY6MB4RVpbTahUCxwhPoRT1LHIQ6aZlhrBXxKspWbhTFGqqYq61ffOcMeNrE01g_cfiDAVuK6ENAwqgzPRMODhe6KG92_6AG6gaiMsOBHkHQCcY6kmEwDC1T2Rv3tEQcmzU0K74RU3UNmD1W0_b0ZZ4V5o2KAzRG6giOG6dGbdSAw__HhEvJ3VvhYiT6O75gW5EYMlecfx-1-CDXSuTVXkTYXpXGlV19pjOI7JRdXBRp84-pFyvXpjd9Ot5-zAVAxosPijvCOAjy9qPenGEVaAf1yy-v61OLMIyYRQLFohlrBt7dms-X3WzHThB9e6yhaYXqOrq7a6CPPYi5R_GvV44AQBgAb4r-DGksippccBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1y-dhJgvbM8cnOHjqLUcCncnikqQ%2526client%253Dca-pub-7415831428202174%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 925b14e459bf823ab902345915a7a9d44aa56817f46b2bf2a61a20f9246b7bb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 09:58:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 33262200042146105671049012142021
Connection: close
Content-Length: 331
Expires: Sun, 13 Nov 2022 09:58:58 +0100

GET
H2 200 impression
r-log.dable.io/s/star.setn.com/u/00000000.0000000000000/ Frame 7478 35 B
141 B 236ms
235ms Image
image/gif 52.78.160.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r-log.dable.io/s/star.setn.com/u/00000000.0000000000000/impression?source=1181936&pick=&rm=50.1.1&cm=0.0.0&channel=secret.group1&reco_type=hot-items&cid=00000000.0000000000000&widget_id=w7WPZ4l2&request_id=oZvDAE0ExHDVNyWV&reco_list_lz=NobwRAlgJmBcYEYBMAGA7AZgGwA4wBowBbAUwBcALAexngFYUA6BZsAX33GjkVTSQR5CpSjR4NmrDl1q90GOgE4CxctVkSWCdp0izk6FCgwqR68Uy06ZPA-zppTasfUtTd3eHYHbhzjW7a0nq2qFgALAhYTqIBkkEe%2BnwYSHQx5q7x1iFefEio6S5gmu42uehIiml%2BsRZZwZ5ymAU1GcWB2Y12CHS%2BqrWZVg1J8ggohXFDiaEoERjKrUUlCWVN89X9bcudI3R0GH1mSx3DMxF00YuTUgC6QA&gdpr=1&lazyload=0&pre_expose=1&uri=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&is_gif=1
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.160.161 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-160-161.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:58 GMT
server: nginx/1.20.0
content-length: 35
content-type: image/gif

GET
H2 200 request
sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/yw6y1BR3Wu9/contents/oZvkx5QnxCvg/ Frame 7478 35 B
109 B 849ms
475ms Image
image/gif 43.200.153.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/yw6y1BR3Wu9/contents/oZvkx5QnxCvg/request?q=N4IgxglgJiBcIAYnKQOhRlIA0IDu0A5gKYAuA%2BtHPgOwDqACgFoAsANgEw4gBOxAjgFdiAZwpV4AeyYA3ACIBBAKIIlADwAScgGoA5AJ51t3PkNEVSEALbE4ARgBsDgBwBmdwFZXDuyxq4RSUEeMFt4OztnOwBOb24bUgALSRhw1Dt0bjBEgEMAOzziNmoRYjA%2BUlRCHiCABztuYjVaiD5UkABlQTyAAl1JGR67Vx6OBA4OHoRo2A9nWYcegHEAWQAVAGosXGCIakTSUlqRWAB6U7EcnlRS0jzUMEkrU8K8EVOIqNiHAH4AMxqVgAvPoAGQAYTYEDAAGsAJIMIExZyoDzRdLRDIcFjRbgQPIyYh5UiSHj6SjtOwcGjRZwAHzw9GY7C4uBJpBybHItRyJDgrlwPL5sDsAQgAC8whwAmxJKR7LgePkYXAELgIKRiFZyGAcvL4IBsLUAQFbcEh5KDEHjUABi3AARq0kvpiFdqDEnPaUuS2ETCEk4DiOABfIA&is_gif=1
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.200.153.114 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-200-153-114.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 13 Nov 2022 09:58:58 GMT
server: nginx

GET
H2 200 request
sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/r2Eo5MokVc3E/contents/z6ByMJj0Vtvz/ Frame 7478 35 B
110 B 616ms
242ms Image
image/gif 43.200.153.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/r2Eo5MokVc3E/contents/z6ByMJj0Vtvz/request?q=N4IgxglgJiBcIAYnKQOhRlIA0IDu0A5gKYAuA%2BtHPgOwDqACgFoAsANgEw4gBOxAjgFdiAZwpV4AeyYA3ACIBBAKIIlADwAScgGoA5AJ51t3PkNEVSEALbE4ARgBsDgBwBmdwFZXDuyxq4RSUEeMFt4OztnOwBOb24bUgALSRhw1Dt0bjBEgEMAOzziNmoRYjA%2BUlRCHiCABztuYjVaiD5UkABlQTyAAl1JGR67Vx6OBA4OHoRo2A9nWYcegHEAWQAVAGosXGCIakTSUlqRWAB6U7EcnlRS0jzUMEkrU8K8EVOIqNiHAH4AMxqVgAvPoAGQAYTYEDAAGsAJIMIExZyoDzRdLRDIcFjRbgQPIyYh5UiSHj6SjtOwcGjRZwAHzw9GY7C4uBJpBybHItRyJDgrlwPL5sDsAQgAC8whwAmxJKQ4NLePkYfZcBBSMQrOQwDl5fBANhagCArbgkPJQYg8agAMW4ACNWkl9MQrtQYk47SlyWwiYQknAcRwAL5AA&is_gif=1
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.200.153.114 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-200-153-114.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/w7WPZ4l2/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_w7WPZ4l2&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=888&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 13 Nov 2022 09:58:58 GMT
server: nginx

GET
DATA 200
OK truncated
/ Frame 29ED 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99db8acc14f8b55c52b511b5109abd6eb1078a30d1e36a6ee171dc03d8a454a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D7EF 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a34057c8093dabed3b2b8939de29d752b473cdff22c316ee5a0df0159e71257

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK popin_send_cookie_set_fail.js Show response
api.popin.cc/test/ 14 KB
4 KB 255ms
255ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:58 GMT
x-amz-version-id: NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 03:29:29 GMT
Server: nginx
ETag: W/"27aab2e5fb58e044704790074416e410"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Sun, 13 Nov 2022 10:58:58 GMT

GET
H/1.1 200
OK block Show response
api.unibots.in/ 45 B
288 B 662ms
180ms Fetch
application/json 45.79.126.27
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://api.unibots.in/block?client=&page=star.setn.com/news/1181936
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptBlocking.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.126.27 Mumbai, India, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 45-79-126-27.ip.linodeusercontent.com
Software: / Express
Resource Hash: 7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:58:58 GMT
Keep-Alive: timeout=5
X-Powered-By: Express
Content-Length: 45
ETag: W/"2d-u7Q5CwGaa1ObtHaIkSK9AjhXyhU"
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ Frame 9B1C 6 KB
3 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:c::5c7b:6834
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6834 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0fe40c5652ce04b1e56ca22a7ab824498d35aaff5e4fa1d06771260a46339c6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: GqMhJUeqm2nlsAjQPEaS4RkVkn9zD3Zz
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:58 GMT
Last-Modified: Tue, 13 Sep 2022 05:29:25 GMT
ETag: "484902e01849ef7afab23dd06d623c25"
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2442

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 03BC 1 KB
2 KB 16ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8c0a44794ae15b9d01f889c0284fe6adae0d3252a95d67b5216d787bb503cc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=425761
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1402
expires: Fri, 18 Nov 2022 08:14:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 03BC 2 KB
2 KB 17ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=479175
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1584
expires: Fri, 18 Nov 2022 23:05:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 03BC 2 KB
3 KB 17ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f34b367b5731ec766e201da733463aef658056ce540a19c8c1aa93d6d94b5ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2053802
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2362
expires: Wed, 07 Dec 2022 04:29:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FE76 2 KB
2 KB 19ms
19ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=479175
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1584
expires: Fri, 18 Nov 2022 23:05:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FE76 2 KB
3 KB 20ms
20ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f34b367b5731ec766e201da733463aef658056ce540a19c8c1aa93d6d94b5ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2053802
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2362
expires: Wed, 07 Dec 2022 04:29:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FE76 1 KB
2 KB 20ms
20ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8c0a44794ae15b9d01f889c0284fe6adae0d3252a95d67b5216d787bb503cc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=425761
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1402
expires: Fri, 18 Nov 2022 08:14:59 GMT

GET
H/1.1 200
OK videoplayback Show response
rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/ Frame C662 1 KB
2 KB 94ms
18ms XHR
text/plain 2a01:28:cb6:4::12
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=yt_live_broadcast&requiressl=yes&mh=WX&mm=44%2C29&mn=sn-n02xgoxufvg3-2gbz%2Csn-4g5e6nsy&ms=lva%2Crdu&mv=u&mvi=7&pl=48&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&mt=1668332466&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhANRxIQXCxTtsQw-f9ezyYKghESRsyRyZoGHX8znk6452AiEA32o5PrmGz1b2LkEfxsGY7YzFDxNIZnsXxl4hlva2OPk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAPNAxASe712jqDyaYQpV7AhjkT3qzWXRaQTkqClblytOAiAkWrF3GwJatgmPqRFFQs2t56eP3F5aucrTVSRjDnlrtQ%3D%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&headm=3&rn=1&rbuf=0&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:28:cb6:4::12 Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ae12aca37d0fe439ac829289f9ac0f67bad39144096d71ad9557ebaecbc29041

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:58 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Walltime-Ms: 1668333538229
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1241
Pragma: no-cache
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/ Frame C662 80 KB
81 KB 696ms
620ms XHR
audio/mp4 2a01:28:cb6:4::12
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=WX&mm=44%2C29&mn=sn-n02xgoxufvg3-2gbz%2Csn-4g5e6nsy&ms=lva%2Crdu&mv=u&mvi=7&pl=48&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&mt=1668332466&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgbrMuplEXZljDkKKuN4VWOPg8OsedV3M1E3AJV7TM6U8CIGO3c6AeOwP2GFszb8-B9EKmYstd3Lz_Nqv-9jwasGCL&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAPNAxASe712jqDyaYQpV7AhjkT3qzWXRaQTkqClblytOAiAkWrF3GwJatgmPqRFFQs2t56eP3F5aucrTVSRjDnlrtQ%3D%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&headm=3&rn=2&rbuf=0&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:28:cb6:4::12 Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d48f7ae16d6fe330590cd19e5b81ec1ba0696a0eccb1f569348776ca092f268a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Bandwidth-Est: 1026032
X-Sequence-Num: 3190
Date: Sun, 13 Nov 2022 09:58:58 GMT
X-Content-Type-Options: nosniff
X-Segment-Lmt: 1668317572032718
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-Bandwidth-Est2: 290614
Connection: keep-alive
X-Walltime-Ms: 1668333538832
X-Head-Time-Millis: 15965001
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pragma: no-cache
X-Bandwidth-Est-Comp: 290614
Last-Modified: Sun, 13 Nov 2022 05:32:52 GMT
X-Bandwidth-App-Limited: false
Server: gvs 1.0
Vary: Origin
Content-Type: audio/mp4
Access-Control-Allow-Origin: https://www.youtube.com
X-Head-Time-Sec: 15965
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: no-cache, must-revalidate
X-Bandwidth-Est3: 960026
Access-Control-Allow-Credentials: true
X-Head-Seqnum: 3193
Timing-Allow-Origin: https://www.youtube.com
X-Bandwidth-Est-App-Limited: false
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jJSnrZfMCOM6ri36PtfGpD9Mr8GMCfzNd864HuUs_nlYKSsxulY3A0B3hAeAMvynXI_9JlkCFw=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C662 4 KB
4 KB 25ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/jJSnrZfMCOM6ri36PtfGpD9Mr8GMCfzNd864HuUs_nlYKSsxulY3A0B3hAeAMvynXI_9JlkCFw=s88-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

aee34d055ee5c2d7065887c8e64448ccc3526b9f0d9ee9f5cc67c91faabc6e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 08:00:57 GMT
x-content-type-options: nosniff
age: 7081
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3712
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 12 Nov 2022 11:50:58 GMT

GET
H3 200 featured_channel.jpg
i.ytimg.com/an/IU8ha-NHmLjtUwU7dFiXUA/ Frame C662 4 KB
4 KB 22ms
7ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/IU8ha-NHmLjtUwU7dFiXUA/featured_channel.jpg?v=5c62a8d1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe02b36097b5d7d98b5db99f4efd4baeb9aeb9761419213a6808d4f7c742d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 08:04:49 GMT
x-content-type-options: nosniff
age: 6849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3930
x-xss-protection: 0
server: sffe
etag: "1549969617"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 13 Nov 2022 10:04:49 GMT

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 80DC 495 B
664 B 239ms
237ms Document
text/html 54.64.101.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4293419
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.101.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-101-191.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Sun, 13 Nov 2022 09:58:58 GMT
etag: "636e6da0-1ef"
last-modified: Fri, 11 Nov 2022 15:43:28 GMT
server: nginx

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 09E5 12 KB
6 KB 17ms
17ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 09E5 11 KB
11 KB 21ms
18ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29706281
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10911
expires: Mon, 23 Oct 2023 05:43:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 09E5 1 KB
2 KB 18ms
15ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8c0a44794ae15b9d01f889c0284fe6adae0d3252a95d67b5216d787bb503cc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=425761
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1402
expires: Fri, 18 Nov 2022 08:14:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 09E5 2 KB
3 KB 19ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f34b367b5731ec766e201da733463aef658056ce540a19c8c1aa93d6d94b5ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2053802
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2362
expires: Wed, 07 Dec 2022 04:29:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 09E5 617 B
874 B 18ms
16ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1b130abb9f803a330d2995975d403ed0b6ec0bce34f4028bf4ba61c1ca269a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 617
expires: Sun, 13 Nov 2022 09:58:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 09E5 2 KB
2 KB 20ms
19ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

23dcf4c89871124e658e9ceb0069b07ea56ac09cfb416f898846c9f561546b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2030
expires: Sun, 13 Nov 2022 09:58:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 09E5 2 KB
2 KB 19ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=479175
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1584
expires: Fri, 18 Nov 2022 23:05:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 09E5 2 KB
2 KB 20ms
19ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1530
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1732
expires: Sun, 13 Nov 2022 10:24:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 09E5 1 KB
1 KB 18ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FS%2FlogoSanvartis-GmbH-54870DE.gif%3Feb%3D1&v=3&w=400&s=oiIdeZ1ccOnXujIdVbsZhbAN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3cf7b16b49bcc0b942a9ffda4b28d1193fc68d6617612707faeb9d4ecf336df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1569004
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1244
expires: Thu, 01 Dec 2022 13:49:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 09E5 2 KB
2 KB 17ms
15ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoBusinessBike-GmbH-201615DE-2204291512.gif%3Feb%3D1&v=3&w=400&s=SL-WtTb4kwgwakF7HBG2dEv0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

035a8ef68019f57ee6606334a3c4d6f7d5ba3ac8082c39d02fa9b2612d3fbbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2088
expires: Sun, 13 Nov 2022 09:58:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 09E5 824 B
1 KB 17ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2Flogoforsa-GmbH-106079DE.gif%3Feb%3D1&v=3&w=400&s=SWE6M4UNbOZ85LqWAXorsR09&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

99db7c45413b65d885b0ed8ee9b5adcb77066510eeb758cf53c6fdd1f07c0eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2502369
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 824
expires: Mon, 12 Dec 2022 09:05:07 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 09E5 0
127 B 18ms
17ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=kEEJ19dP54n_9EJNdhwTN4WOww1lEaulYl6j5lwY0f-H1NBSa1t3YQUC47kqkpKjcEqdB51OWdAnrlcaLkDnp1JpLljmE0Uo_3x_DDSWV17Pv-MrQO3yaevRGvH4IEjS2EpEk38fVR6WmbeRxiStAxf8fGvdH4fe2mXRj7Q9hyARAySd7N3ehNCaDDyeil1kqLfu9FE2N9UjbJo_JWilF23Q2lwSdsxnqI_iAlivgLvolsCP5zbpCS2-9BS5GmkuiSvDyg&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 09E5 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:58 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 09E5 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 09:58:58 GMT

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 277ms
277ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=waterfall.fallStart&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=8113576347691378
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK x9u8j.js Show response
geo.dailymotion.com/libs/player/ 31 KB
13 KB 159ms
43ms Script
application/javascript 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/libs/player/x9u8j.js?GK_PV5_OMSDK=0

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.80

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.dc3.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

9aa8beda20bfad4c81e6a927e921a5ea9cc99e5a9980b0a9d35a2b31c181cbb0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Date: Sun, 13 Nov 2022 09:58:58 GMT
Server: DMS/1.0.42
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary: X-DM-SSL, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Server-Timing: total;dur=20, dc;desc="dc3"
Timing-Allow-Origin: *
Content-Length: 12104

GET
H3 200 bridge3.544.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 120E 690 KB
221 KB 24ms
7ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 173656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226556
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 09:44:42 GMT
expires: Sat, 11 Nov 2023 09:44:42 GMT
last-modified: Thu, 10 Nov 2022 19:42:54 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 58ms
21ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Nov 2022 09:58:58 GMT

GET
H2 200 1000253 Show response
onead.onevision.com.tw/gos/vast/ 175 B
747 B 426ms
306ms Fetch
text/xml 107.178.241.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onead.onevision.com.tw/gos/vast/1000253?play_mode=desktop-pre-roll&web_location=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 176.241.178.107.bc.googleusercontent.com
Software: gws / OneAD
Resource Hash: 7f7c32ec00c404a060c4ef6492977f9baf64aad6e2c2ebcc439aec8f7099090a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
via: 1.1 google
age: 0
x-powered-by: OneAD
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-onead-hit-counter: 1
x-onead-backend: onead-http-query-jzd7-gohttp
content-length: 175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
server: gws
x-onead-guid: cad1c350-6339-11ed-974d-0242ac130002
content-type: text/xml
x-varnish: 5260971
access-control-allow-origin: https://star.setn.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-onead-force-backend: true
x-onead-version: 1009c7b8
accept-ranges: bytes
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 271ms
271ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=ad.request&aui=66974&aup=onead_female_standard&auo=1&aut=api&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=6761401034061814
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 2 KB
2 KB 16ms
15ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=479175
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1584
expires: Fri, 18 Nov 2022 23:05:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 1 KB
2 KB 16ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8c0a44794ae15b9d01f889c0284fe6adae0d3252a95d67b5216d787bb503cc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=425761
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1402
expires: Fri, 18 Nov 2022 08:14:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 2 KB
3 KB 16ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f34b367b5731ec766e201da733463aef658056ce540a19c8c1aa93d6d94b5ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2053802
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2362
expires: Wed, 07 Dec 2022 04:29:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 2 KB
2 KB 16ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

23dcf4c89871124e658e9ceb0069b07ea56ac09cfb416f898846c9f561546b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2030
expires: Sun, 13 Nov 2022 09:58:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 617 B
874 B 16ms
16ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1b130abb9f803a330d2995975d403ed0b6ec0bce34f4028bf4ba61c1ca269a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 617
expires: Sun, 13 Nov 2022 09:58:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D139 11 KB
11 KB 17ms
16ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29706281
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10911
expires: Mon, 23 Oct 2023 05:43:39 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8094 42 B
64 B 44ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBQvMzdRGCeVr-aJ5t3auxJuRUFRj-xyjdy8-9W3DWcP0OECPNLcrOT58lVIp0o7jc7BLp0Ev5UMddsJ1l1mHI59cL&sig=Cg0ArKJSzCn5R1eppXX_EAE&id=lidar2&mcvt=1173&p=0,200,500,1400&mtos=1173,1173,1173,1173,1173&tos=1173,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1079254606&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668333536180&rpt=902&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6A1D 0
127 B 19ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:58 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 videoplayback Show response
rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/ Frame C662 1 KB
1 KB 31ms
14ms XHR
text/plain 2a01:28:cb6:4::12
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=yt_live_broadcast&requiressl=yes&mh=WX&mm=44%2C29&mn=sn-n02xgoxufvg3-2gbz%2Csn-4g5e6nsy&ms=lva%2Crdu&mv=u&mvi=7&pl=48&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&mt=1668332466&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhANRxIQXCxTtsQw-f9ezyYKghESRsyRyZoGHX8znk6452AiEA32o5PrmGz1b2LkEfxsGY7YzFDxNIZnsXxl4hlva2OPk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAPNAxASe712jqDyaYQpV7AhjkT3qzWXRaQTkqClblytOAiAkWrF3GwJatgmPqRFFQs2t56eP3F5aucrTVSRjDnlrtQ%3D%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&headm=3&rn=3&rbuf=0&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a01:28:cb6:4::12 Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c9309ac6fb71d95263e9a4f5399611f2bce2de789491cb668cf93f6df89d6d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
date: Sun, 13 Nov 2022 09:58:58 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-walltime-ms: 1668333538369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1249
pragma: no-cache
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impression
r-log.dable.io/s/star.setn.com/u/00000000.0000000000000/ Frame 9221 35 B
141 B 236ms
235ms Image
image/gif 52.78.160.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r-log.dable.io/s/star.setn.com/u/00000000.0000000000000/impression?source=1181936&pick=&rm=50.1.1&cm=0.0.0&channel=ads_only_1x3_mo.Test_Opti&reco_type=hot-items&cid=00000000.0000000000000&widget_id=3706DvXx&request_id=gpxr7vGv3cPzKLZ9&reco_list_lz=NobwRAlgJmBcYEYBMAGA7AgLADjAGjAFsBTAFwAsB7GeAVhQDoEmwBfPcaORVNAZgBsuAiQrVu9Ji3acaPdEgTCiZKnMnMEbDpDnJ0KFH3wqx6xpu2zu%2BtElpoTotRIvSdXeLcVaRq8XRuWjK6NqgCmAgCTv7mUsEeerx89jFmrvFWoV68SKhpLoGZIZ7ydgCctAUBYBru1jnoKSjVcZYlSegItL6mhbVBWaW2fAgtfulF7YlhKBF85a0Z7QC6QA&gdpr=1&lazyload=0&pre_expose=1&uri=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&is_gif=1
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.160.161 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-160-161.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:58 GMT
server: nginx/1.20.0
content-length: 35
content-type: image/gif

GET
H2 200 request
sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/yw6y1BR3Wu9/contents/oZvkx5QnxCvg/ Frame 9221 35 B
109 B 283ms
246ms Image
image/gif 43.200.153.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/yw6y1BR3Wu9/contents/oZvkx5QnxCvg/request?q=N4IgxglgJiBcIAYnKQOhRlIA0IDu0A5gKYAuA%2BtHCAMwDsCAbACIBuAGgB44gBOxARwCuxAM4Uq8QgAdOvOqwDirGmAAKALwDSAGQBaATh79hYiqQgBbYnACMjRgA4aLgKw1GAJgAsCXKIB7IV4wG3hbW0dbAw8ea1IACwCYcNRbdB4wBIBDADtc4gAbamyoUXIA3MKAT3JbThpySwDUABUzcgB5aQseYk5pCH4UkABlIVyAAgA5ANZJ2xpJzwRPT0mEA1hXR23GScUAWVaAaixcYIhqBNJSaVFYAHpH8WzeVFEyXNQwAMtHgp4USPCJRGKMAD8ADNeH8ALzVABkAGFChAwABrACSajh0UcqFcBjSBnSPiMuAguVYxFypACvFqkhAtk8dAMjgAPvQmGwuDx6aRsoVyNJsiQ4DRcGKJbBbP4IBowlKQKJCgFSHZcLw8hi4H4QBBSMRLOQwNlNfBANhagCArHgkXJQYi8agAMR4ACMholqsQ3tRog5PclaoVaYREnBvAZPABfIA&is_gif=1
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.200.153.114 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-200-153-114.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 13 Nov 2022 09:58:58 GMT
server: nginx

GET
H2 200 request
sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/r2Eo5MokVc3E/contents/pZRlxXBgLsKv/ Frame 9221 35 B
109 B 282ms
244ms Image
image/gif 43.200.153.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/r2Eo5MokVc3E/contents/pZRlxXBgLsKv/request?q=N4IgxglgJiBcIAYnKQOhRlIA0IDu0A5gKYAuA%2BtHCAMwDsCAbACIBuAGgB44gBOxARwCuxAM4Uq8QgAdOvOqwDirGmAAKALwDSAGQBaATh79hYiqQgBbYnACMjRgA4aLgKw1GAJgAsCXKIB7IV4wG3hbW0dbAw8ea1IACwCYcNRbdB4wBIBDADtc4gAbamyoUXIA3MKAT3JbThpySwDUABUzcgB5aQseYk5pCH4UkABlIVyAAgA5ANZJ2xpJzwRPT0mEA1hXR23GScUAWVaAaixcYIhqBNJSaVFYAHpH8WzeVFEyXNQwAMtHgp4USPCJRGKMAD8ADNeH8ALzVABkAGFChAwABrACSajh0UcqFcBjSBnSPiMuAguVYxFypACvFqkhAtk8dAMjgAPvQmGwuDx6aRsoVyNJsiQ4DRcGKJbBbP4IBowlKQKJCgFSHBPLheHkMXZKaRiJZyGBspr4IBsLUAQFY8Ei5KDEXjUABiPAARkNEtViG9qNEHB7krVCrTCIk4N4DJ4AL5AA&is_gif=1
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.200.153.114 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-200-153-114.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3706DvXx/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_3706DvXx&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 13 Nov 2022 09:58:58 GMT
server: nginx

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C662 28 B
52 B 21ms
21ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1668333538353
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmM1RmSjBBTEJQWSjf_8KbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668333536034&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C888%2C500&vis=1&wgl=true&ca_type=image&bid=ANyPxKpaJ06RQtHHzIQ7LIz9x6f-zJZVgE5E447DIISEqBl2M7faGXLpdEPjN0X_Qy4HK3hSgX4KLABlTX-DwEJK8Jxmcq5K0Q

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame C4BD 7 KB
3 KB 36ms
13ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=33262200042146105671049012142021&a=149f816d
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=9jva1sfkle8t&nw=20&renderingType=javascript&namespace=2575fb7d99&subid=&uid=82c18f54f1941fa0&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DOGrU2ehfWzj0dYooaetp-A%26exch_seat%3D20035004448%26mt_aid%3D7508491101934025004%26mt_id%3D11050095%26mt_adid%3D215543%26mt_sid%3D12460949%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1b3e6370-bfe1-4501-a1c5-43d0490ea376%26mt_cid%3D1b3e6370-bfe1-4501-a1c5-43d0490ea376%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiGGl4L9wY5nFBoOs9u8PwpG_-AvPh46bXMCG2YLGAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi03NDE1ODMxNDI4MjAyMTc0yAEJ4AIAqAMBqgSoAk_Q6wbdYGXWxUaqrpoixz-2_tV_YQ3dakwAsgxObXcb1MOM_wiOqrWY6MB4RVpbTahUCxwhPoRT1LHIQ6aZlhrBXxKspWbhTFGqqYq61ffOcMeNrE01g_cfiDAVuK6ENAwqgzPRMODhe6KG92_6AG6gaiMsOBHkHQCcY6kmEwDC1T2Rv3tEQcmzU0K74RU3UNmD1W0_b0ZZ4V5o2KAzRG6giOG6dGbdSAw__HhEvJ3VvhYiT6O75gW5EYMlecfx-1-CDXSuTVXkTYXpXGlV19pjOI7JRdXBRp84-pFyvXpjd9Ot5-zAVAxosPijvCOAjy9qPenGEVaAf1yy-v61OLMIyYRQLFohlrBt7dms-X3WzHThB9e6yhaYXqOrq7a6CPPYi5R_GvV44AQBgAb4r-DGksippccBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1y-dhJgvbM8cnOHjqLUcCncnikqQ%2526client%253Dca-pub-7415831428202174%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=4857736671385&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: cef713f5a115bb5ee9a8b4234f7fa85a707406dcba91781dfecb5ae878584be5

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2284
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Nov 2022 09:58:58 GMT
Expires: Sun, 13 Nov 2022 09:58:58 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 7984 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3bcedac036a73da7e08fac585a9a382ae54bdc9272c4afa7cbde70c75098475

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame C4BD 89 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=33262200042146105671049012142021&a=149f816d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 00:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 00:54:24 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame C4BD 732 B
926 B 104ms
22ms Script
text/javascript 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59299047;click=https://hal900021.redintelligence.net/c/p9oq0affbwqulve?tprd=

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=33262200042146105671049012142021&a=149f816d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7d4d049153a4ed271dbe3417882ab5730308f8feb78496fae5f48f7267b7de74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 532
expires: -1

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 132ms
32ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?oz_pl=1&pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//star.setn.com/news/1181936&ui=d77f3a0a-0000-0000-0000-000000000000&ap=&ti=7508491101934025004&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&sr=4&de=43003&si=1239870914&dm=300x250&ac=1230238&cr=11050095&ai=215543&c1=12460949&r1=2a02:6ea0:c71b::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:58:58 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.81.0/ Frame 7984 168 KB
53 KB 31ms
31ms Script
text/javascript 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.81.0/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//star.setn.com/news/1181936&ui=d77f3a0a-0000-0000-0000-000000000000&ap=&ti=7508491101934025004&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&sr=4&de=43003&si=1239870914&dm=300x250&ac=1230238&cr=11050095&ai=215543&c1=12460949&r1=2a02:6ea0:c71b::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6afa897c54f8dc8efa1ffc396703bf56befe963a4102a4ab88842ccd19b3db34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 53933
Expires: Wed, 22 Jul 2054 05:14:40 GMT

GET
H3 200 videoplayback Show response
rr2---sn-4g5edndy.googlevideo.com/ Frame C662 523 KB
523 KB 59ms
8ms XHR
video/webm 2a00:1450:4001:25::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edndy.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=yt_live_broadcast&requiressl=yes&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhANRxIQXCxTtsQw-f9ezyYKghESRsyRyZoGHX8znk6452AiEA32o5PrmGz1b2LkEfxsGY7YzFDxNIZnsXxl4hlva2OPk%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-n02xgoxufvg3-2gbz7k&cms_redirect=yes&cmsv=e&mh=WX&mm=29&mn=sn-4g5edndy&ms=rdu&mt=1668333446&mv=m&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgYSnWhczft73-4Y8UuW6gDBUvdDTp7I3xoxHchOimksgCIQDewiaJKQH6Y2B-eVvAw4EfVvwjp1yl7BwpMSzZarXSMA%3D%3D&headm=3&rn=4&rbuf=0&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:25::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

03b45e882f5762c1f94a167f2a6d5164c6f7da70f774b09d336083158c293575

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
x-sequence-num: 3190
date: Sun, 13 Nov 2022 09:58:58 GMT
x-content-type-options: nosniff
x-segment-lmt: 1668317572032723
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 317078
x-walltime-ms: 1668333538677
x-head-time-millis: 15965001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 535954
pragma: no-cache
x-bandwidth-est-comp: 317078
last-modified: Sun, 13 Nov 2022 05:32:52 GMT
x-bandwidth-app-limited: false
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 15965
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
x-bandwidth-est3: 1922131
access-control-allow-credentials: true
x-head-seqnum: 3193
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-bandwidth-est-app-limited: false
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 80DC 0
269 B 239ms
238ms Script
text/plain 54.64.101.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.101.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-101-191.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 13 Nov 2022 09:58:58 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 impression
r-log.dable.io/s/star.setn.com/u/00000000.0000000000000/ Frame AABD 35 B
141 B 235ms
234ms Image
image/gif 52.78.160.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r-log.dable.io/s/star.setn.com/u/00000000.0000000000000/impression?source=1181936&pick=&rm=56.1.1&cm=0.0.0&channel=idle.crossA7&reco_type=category-best&cid=00000000.0000000000000&widget_id=WXpMPyoY&request_id=79njDlkAWHzPy8w5&reco_list_lz=NobwRAlgJmBcYEYBMAGA7AgLADjAGjAFsBTAFwAsB7GeAVgDYA6BZsAXz3GjkVTQGZ6uAiQrUeDZqw5cavdEgTCiZKnMksE7TpDnJ0-WgE58KseqabtsnvrQHTotRMvSd3ePvoosj1eLpXLRldWz4kWjQ-cxcpYPc9cIQtEX8LOOtQz1R6TAR6aOdAjJCPeQEIwoCwDTcbbIVUKvSrUsSFI1pm2NaAXSA&gdpr=1&lazyload=0&pre_expose=1&uri=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&is_gif=1
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.160.161 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-160-161.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:58 GMT
server: nginx/1.20.0
content-length: 35
content-type: image/gif

GET
H2 200 request
sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/r2Eo5MokVc3E/contents/z6ByMJj0Vtvz/ Frame AABD 35 B
109 B 243ms
242ms Image
image/gif 43.200.153.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/r2Eo5MokVc3E/contents/z6ByMJj0Vtvz/request?q=N4IgxglgJiBcIAYnKQOhRlIA0IDu0A5gKYAuA%2BtHCAOoAaADgLIAKAngPYCaOIATsQCOAV2IBnClXgB2AJwA7AFYARADYBrAII0AEgC92ADjwBWXgJHiKpCAFticAIwA2Z4YDMnk%2B9cITuMQ5hPjAHeEdHQ0dZH157UgALDhhw1Ed0XjAEgEN5eWJVamhVYlQwPg4xMU1pXmIADwYIARSQAGVheQACADkOADcux3cugCYEUdGuhFlYE0M55y6AcSYAFQBqLFxgiGoE0lIGMVgAelOJbL5UMTJ5Mo5bU-y8MVOIqJjnAH4AMwrbABeNgAMgAwqoIGB1ABJFiA6KGVAmWRpWTpUYAFlkvAg8n6xHkpA4fDYlFajlGckMAB96Mx2NxeMTSNlVOQGNkSE5cJzubBHAEIHowu4AqoOKQefxcuo4AhcBBSMRbOQwNkpfBANhagCArXgkeRQYh8agAMV4ACNmok2MQrtRoq5LckySV5IREnBsaMAL5AA&is_gif=1
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.200.153.114 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-200-153-114.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 13 Nov 2022 09:58:58 GMT
server: nginx

GET
H2 200 request
sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/yw6y1BR3Wu9/contents/36jPMyqDXUR8/ Frame AABD 35 B
109 B 246ms
245ms Image
image/gif 43.200.153.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/star.setn.com/users/00000000.0000000000000/campaigns/yw6y1BR3Wu9/contents/36jPMyqDXUR8/request?q=N4IgxglgJiBcIAYnKQOhRlIA0IDu0A5gKYAuA%2BtHCAOoAaADgLIAKAngPYCaOIATsQCOAV2IBnClXgB2AJwA7AFYARADYBrAII0AEgC92ADjwBWXgJHiKpCAFticAIwA2Z4YDMnk%2B9cITuMQ5hPjAHeEdHQ0dZH157UgALDhhw1Ed0XjAEgEN5eWJVamhVYlQwPg4xMU1pXmIADwYIARSQAGVheQACADkOADcux3cugCYEUdGuhFlYE0M55y6AcSYAFQBqLFxgiGoE0lIGMVgAelOJbL5UMTJ5Mo5bU-y8MVOIqJjnAH4AMwrbABeNgAMgAwqoIGB1ABJFiA6KGVAmWRpWTpUYAFlkvAg8n6xHkpA4fDYlFajlGckMAB96Mx2NxeMTSNlVOQGNkSE5cJzubBHAEIHowu4AqoOKQ4KNcHxcuoeSAIKRiLZyGBslL4IBsLUAQFa8EjyKDEPjUABivAARs1EmxiFdqNFXFbkmSSvJCIk4NjRgBfIA&is_gif=1
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.200.153.114 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-200-153-114.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/WXpMPyoY/users/00000000.0000000000000?from=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=star.setn.com&gdpr=1&id=dablewidget_WXpMPyoY&category1=%E5%A8%9B%E6%A8%82&ad_params=%7B%7D&item_id=1181936&item_pub_date=2022-09-22T22%3A35%3A00Z&pixel_ratio=1&client_width=0&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 13 Nov 2022 09:58:58 GMT
server: nginx

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame C4BD 0
150 B 36ms
12ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=33262200042146105671049012142021&a=9d469a1c&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=33262200042146105671049012142021&a=149f816d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=33262200042146105671049012142021&a=149f816d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:58 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 277ms
277ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=player.initVendorStart&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=4455601720595803
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 pes.player-interface.3d72ced0.js Show response
static1.dmcdn.net/playerv5/ 4 KB
2 KB 106ms
18ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/pes.player-interface.3d72ced0.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/x9u8j.js?GK_PV5_OMSDK=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 6eb6e3d4b6c172af3b588339d326eae602d109c508198e804e0645f699cf6b98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
age: 264867
server-timing: total;dur=0, dc;desc="dc3"
content-length: 1686
last-modified: Thu, 10 Nov 2022 08:19:53 GMT
server: DMS/1.0.42
etag: "636cb429-11e7"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: fdcef770914289d158ccb775ed5075d1
expires: Sat, 10 Dec 2022 08:24:31 GMT

GET
H/1.1 200
OK cookie.js Show response
geo.dailymotion.com/ 38 B
976 B 32ms
32ms Script
application/javascript 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/cookie.js

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/x9u8j.js?GK_PV5_OMSDK=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.dc3.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Date: Sun, 13 Nov 2022 09:58:58 GMT
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Server: DMS/1.0.42
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary: X-DM-SSL
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Server-Timing: total;dur=9, dc;desc="dc3"
Timing-Allow-Origin: *
Content-Length: 38

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 32ms
32ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?oz_pl=1&pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//star.setn.com/news/1181936&ui=d77f3a0a-0000-0000-0000-000000000000&ap=&ti=7508491101934025004&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&sr=4&de=43003&si=1239870914&dm=300x250&ac=1230238&cr=11050095&ai=215543&c1=12460949&r1=2a02:6ea0:c71b::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:58:58 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame C4BD 34 KB
16 KB 127ms
17ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59299047;click=https://hal900021.redintelligence.net/c/p9oq0affbwqulve?tprd=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2bc342ab9f4dea0eb0b244afb0e55862e8f8eadf462e36b16c3bdf6b33c0f87d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 07:27:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 14 Nov 2022 13:22:06 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 48ms
32ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&sid=AaHdyD4OEAHlcKgY&oz_sc=094e6c9e57606cd049bbb53d&oz_df=1668333538739&oz_l=236&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.81.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:58:58 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK x9u8j.html Show response
geo.dailymotion.com/player/ Frame BBA0 45 KB
15 KB 63ms
63ms Document
text/html 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/x9u8j.js?GK_PV5_OMSDK=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.dc3.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

7b6aa605cde335732104ab43de259be810a0e6ca141f0f5da2bfae03cae03ea0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 14823
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Nov 2022 09:58:58 GMT
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Referrer-Policy: strict-origin-when-cross-origin
Server: DMS/1.0.42
Server-Timing: total;dur=40, dc;desc="dc3"
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin: *
Vary: X-DM-SSL,Accept-Encoding

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=star.setn.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 bridge3.544.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7C14 690 KB
221 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 173656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226556
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 09:44:42 GMT
expires: Sat, 11 Nov 2023 09:44:42 GMT
last-modified: Thu, 10 Nov 2022 19:42:54 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1000257 Show response
onead.onevision.com.tw/gos/vast/ 175 B
205 B 327ms
287ms Fetch
text/xml 107.178.241.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onead.onevision.com.tw/gos/vast/1000257?play_mode=desktop-pre-roll&web_location=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-dm.js?v=0.3.80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 107.178.241.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 176.241.178.107.bc.googleusercontent.com
Software: gws / OneAD
Resource Hash: a900f50ba729ab09efed100802ecbc571311427c9a9dd1552661614ad9ad9888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
via: 1.1 google
age: 0
x-powered-by: OneAD
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-onead-hit-counter: 1
x-onead-backend: onead-http-query-79r5-gohttp
content-length: 175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
server: gws
x-onead-guid: cad1c350-6339-11ed-974d-0242ac130002
content-type: text/xml
x-varnish: 9381421
access-control-allow-origin: https://star.setn.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-onead-force-backend: true
x-onead-version: 1009c7b8
accept-ranges: bytes
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 278ms
276ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=ad.request&aui=66932&aup=onead_news_standard&auo=2&aut=api&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=5348333220007260
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 dmp.jq_flight.3033f0d7176196134921.js Show response
static1.dmcdn.net/playerv5/photon/ Frame BBA0 41 KB
15 KB 20ms
17ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.jq_flight.3033f0d7176196134921.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: e4617a5b39cda8cd99c5725cd79a12bf58f402b90f76c364ec7de7852ec15050

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
age: 1740020
server-timing: total;dur=1, dc;desc="dc3"
content-length: 14940
last-modified: Thu, 20 Oct 2022 14:03:57 GMT
server: DMS/1.0.42
etag: "6351554d-a5dc"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 62872e986dbe3031b60a9170ca5f6d78
expires: Wed, 23 Nov 2022 06:38:38 GMT

GET
H2 200 dmp.photon_manifest.6709e046fc8ff70acf21.js Show response
static1.dmcdn.net/playerv5/photon/ Frame BBA0 4 KB
2 KB 20ms
17ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_manifest.6709e046fc8ff70acf21.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: b99292a9cdc6f5de6f8b929630b4b771625f07dd5df7728734983765cbb0caa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
age: 264867
server-timing: total;dur=0, dc;desc="dc3"
content-length: 2019
last-modified: Thu, 10 Nov 2022 08:19:47 GMT
server: DMS/1.0.42
etag: "636cb423-113c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 9a64961c5d58d5189bad63e9f3e24132
expires: Sat, 10 Dec 2022 08:24:31 GMT

GET
H2 200 dmp.photon_vendor.cb0d857b291806973621.js Show response
static1.dmcdn.net/playerv5/photon/ Frame BBA0 334 KB
101 KB 71ms
68ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_vendor.cb0d857b291806973621.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: f74a32e5a4f6d1cae28c38950b2295074af158c8c1d30af26cd94151cf62ce15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
age: 2439218
server-timing: total;dur=0, dc;desc="dc3"
content-length: 103108
last-modified: Thu, 13 Oct 2022 14:10:46 GMT
server: DMS/1.0.42
etag: "63481c66-5371b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 719687ab1204ae46c468e29b9fbf9ed2
expires: Tue, 15 Nov 2022 04:25:20 GMT

GET
H2 200 dmp.photon_boot.3f677ca6b0f9a0cb7c3f.js Show response
static1.dmcdn.net/playerv5/photon/ Frame BBA0 193 KB
45 KB 20ms
18ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_boot.3f677ca6b0f9a0cb7c3f.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 2da1554426327c299fc13c5dcbd205694cf50a09d990a897dd5c3bbd93d86d65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
age: 521473
server-timing: total;dur=0, dc;desc="dc3"
content-length: 45229
last-modified: Fri, 04 Nov 2022 18:39:56 GMT
server: DMS/1.0.42
etag: "63655c7c-3049c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 54502344cca636239959b028e2333131
expires: Wed, 07 Dec 2022 09:07:45 GMT

GET
H2 200 dmp.photon_app.c0c8cf46e030a5635b17.js Show response
static1.dmcdn.net/playerv5/photon/ Frame BBA0 485 KB
135 KB 36ms
34ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.c0c8cf46e030a5635b17.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: d0054b6ec34a3672b42e9b053aa98c465e09bbbd012bb240d18d46a2107868d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
age: 264867
server-timing: total;dur=0, dc;desc="dc3"
content-length: 137476
last-modified: Thu, 10 Nov 2022 08:19:47 GMT
server: DMS/1.0.42
etag: "636cb423-793d9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: a74e7bf9f7ffe71b86266a56bad838cb
expires: Sat, 10 Dec 2022 08:24:31 GMT

GET
H2 200 dmp.photon_player.e0a67999252abf1f29e6.js Show response
static1.dmcdn.net/playerv5/photon/ Frame BBA0 90 KB
27 KB 38ms
36ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_player.e0a67999252abf1f29e6.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 9e49999e407e8d227c0b6e5cd23c0f0ff59c27b1f44319b28f90723fe681ff5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: gzip
age: 553262
server-timing: total;dur=1, dc;desc="dc3"
content-length: 27005
last-modified: Fri, 04 Nov 2022 18:39:56 GMT
server: DMS/1.0.42
etag: "63655c7c-1663a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: a013509e321173bb2567b9082607baec
expires: Wed, 07 Dec 2022 00:17:56 GMT

GET
H3 200 adchoice. Show response
fundingchoicesmessages.google.com/f/AGSKWxU9tOXvTRkekrxs8HSYZrUhp3yUSQMLsYa4zYUFhtOymK4rpcZybg9Blht5aY2MVocB81rvTjefoRaRe9XmXkq0f1gmnGsmB6zgH6O0oD5gHzOKjWPJ6yikZLO-nqIKGbL-jqYVuDuZBaMf_AC5vcId5Mbv8... 54 B
110 B 24ms
22ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU9tOXvTRkekrxs8HSYZrUhp3yUSQMLsYa4zYUFhtOymK4rpcZybg9Blht5aY2MVocB81rvTjefoRaRe9XmXkq0f1gmnGsmB6zgH6O0oD5gHzOKjWPJ6yikZLO-nqIKGbL-jqYVuDuZBaMf_AC5vcId5Mbv8z1087gO9iaehZesWS1Y57rZdURCI2mh/_/ads/abrad./AdNewsclip14./adpartner./adtrack./adchoice.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Xq1aCTP4mVM.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzX0yK8mX64u1sofWEGuPTZhqaf0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

387b67877bd1b21e329b26463c44f99db190cb6f15a1b4b8004a6c27d999a410

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aE5PS0YnUahm40BguiYcgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aE5PS0YnUahm40BguiYcgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 50ms
31ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7017dd9b1587c1b4cd4e4d65b76f34c5831a5408e62b7171d6f8dc63237f4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55050
x-xss-protection: 0
server: cafe
etag: 7157774445905054410
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 09:58:58 GMT

POST
H3 204 AGSKWxVU3gopATMmgxZsuK_ecQGmAIIyNz_CXXKJeoom_X8d6NMMZYtdVL02Oe6t3JqSv7e5MJ4Kui64CIyxwD2EOVt8y6iLNaxQaPEiE_-xFGCKmFUMcKUN0RZwwPWrAoXWsvI_BBfong== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 27ms
26ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVU3gopATMmgxZsuK_ecQGmAIIyNz_CXXKJeoom_X8d6NMMZYtdVL02Oe6t3JqSv7e5MJ4Kui64CIyxwD2EOVt8y6iLNaxQaPEiE_-xFGCKmFUMcKUN0RZwwPWrAoXWsvI_BBfong==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Vl_f37kXUt3k5l3J040Cew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 09:58:58 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Vl_f37kXUt3k5l3J040Cew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://star.setn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FE76 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:58:58 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

OPTIONS
H/1.1 200
OK /
pebed.dm-event.net/ Frame 0
0 94ms
20ms Preflight 188.65.124.58
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed1.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Access-Control-Request-Method: POST
Origin: https://geo.dailymotion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 604800
Content-Length: 0
Date: Sun, 13 Nov 2022 09:58:59 GMT
Server: edward-ed/2.2.1

GET
H2 200 dmp.locale-en-US.331ac040134065321ad6.json Show response
static1.dmcdn.net/playerv5/ Frame BBA0 3 KB
1 KB 53ms
17ms XHR
application/json 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/dmp.locale-en-US.331ac040134065321ad6.json
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: b06fc6631868407530d7e4bd9eb906da343a3e5b6e13ae77781ce78fbcc4be57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
age: 1739045
server-timing: total;dur=0, dc;desc="dc3"
content-length: 838
last-modified: Fri, 21 Oct 2022 09:37:12 GMT
server: DMS/1.0.42
etag: "63526848-b40"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 761327331432a40e1341bef6ce927aa3
expires: Wed, 23 Nov 2022 06:54:54 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame BBA0 15 B
363 B 21ms
20ms XHR
application/json 188.65.124.58
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed1.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

X-Dm-EventBus-Worker-Duration: 0
Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Sun, 13 Nov 2022 09:58:59 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

GET
H/1.1 200
OK k68JwWItywNigGyuzgK Show response
www.dailymotion.com/player/metadata/video/ Frame BBA0 10 KB
8 KB 225ms
179ms XHR
application/json 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymotion.com/player/metadata/video/k68JwWItywNigGyuzgK?embedder=https%3A%2F%2Fstar.setn.com%2F&geo=1&player-id=x9u8j&locale=en-US&dmV1st=F31F43E65557F63A1BB6BA6969BAE7D8&dmTs=763964&is_native_app=0

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.dc3.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

3e32977b883b9c5aa954dbdd52b9d7876885b58fb68f427ea57235e413db796b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:59 GMT
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing: total;dur=158, dc;desc="dc3"
Content-Length: 6918
Referrer-Policy: strict-origin-when-cross-origin
Server: DMS/1.0.42
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary: X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://geo.dailymotion.com
Cache-Control: no-cache
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Authorization

GET
H2 200 dmp.vendors~photon_app.be3e4bb5739df6aedd03.js Show response
static1.dmcdn.net/playerv5/photon/ Frame BBA0 60 KB
16 KB 19ms
18ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.vendors~photon_app.be3e4bb5739df6aedd03.js
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: d02f0eac80179ced49946852170823b5bbdf962effc707f12b1a42ef10618c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
age: 2029249
server-timing: total;dur=0, dc;desc="dc3"
content-length: 16257
last-modified: Thu, 20 Oct 2022 14:03:48 GMT
server: DMS/1.0.42
etag: "63515544-f061"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 112349a9ec2e2d93a6cf7e57f47c0610
expires: Sat, 19 Nov 2022 22:18:10 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BBA0 370 KB
123 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4c52d065f54f30b3944ed6d83d97e3eec06f305c9ecaab134ff7ee6170077c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126378
x-xss-protection: 0
expires: Sun, 13 Nov 2022 09:58:59 GMT

GET
BLOB 200
OK 5934e85f-837d-481e-865e-cd2595b9becd
https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/ Frame A593 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/5934e85f-837d-481e-865e-cd2595b9becd
Requested by: Host: 3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H3 200 videoplayback Show response
rr2---sn-4g5edndy.googlevideo.com/ Frame C662 494 KB
494 KB 9ms
7ms Fetch
video/webm 2a00:1450:4001:25::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edndy.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=yt_live_broadcast&requiressl=yes&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhANRxIQXCxTtsQw-f9ezyYKghESRsyRyZoGHX8znk6452AiEA32o5PrmGz1b2LkEfxsGY7YzFDxNIZnsXxl4hlva2OPk%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-n02xgoxufvg3-2gbz7k&cms_redirect=yes&cmsv=e&mh=WX&mm=29&mn=sn-4g5edndy&ms=rdu&mt=1668333446&mv=m&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgYSnWhczft73-4Y8UuW6gDBUvdDTp7I3xoxHchOimksgCIQDewiaJKQH6Y2B-eVvAw4EfVvwjp1yl7BwpMSzZarXSMA%3D%3D&sq=3191&rn=5&rbuf=4902&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:25::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

258b953335bbbe69b9cae78300ce2221496cd98fb6ecb624752557a3704bd406

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
x-sequence-num: 3191
date: Sun, 13 Nov 2022 09:58:59 GMT
x-content-type-options: nosniff
x-segment-lmt: 1668317572032743
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 3007334
x-walltime-ms: 1668333539016
x-head-time-millis: 15965001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 505377
x-bandwidth-est-comp: 3007334
last-modified: Sun, 13 Nov 2022 05:32:52 GMT
x-bandwidth-app-limited: false
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 15965
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
x-bandwidth-est3: 2468337
access-control-allow-credentials: true
x-head-seqnum: 3193
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-bandwidth-est-app-limited: false
expires: Sun, 13 Nov 2022 09:58:59 GMT

GET
H3 200 videoplayback Show response
rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/ Frame C662 80 KB
80 KB 308ms
307ms Fetch
audio/mp4 2a01:28:cb6:4::12
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=WX&mm=44%2C29&mn=sn-n02xgoxufvg3-2gbz%2Csn-4g5e6nsy&ms=lva%2Crdu&mv=u&mvi=7&pl=48&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&mt=1668332466&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgbrMuplEXZljDkKKuN4VWOPg8OsedV3M1E3AJV7TM6U8CIGO3c6AeOwP2GFszb8-B9EKmYstd3Lz_Nqv-9jwasGCL&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAPNAxASe712jqDyaYQpV7AhjkT3qzWXRaQTkqClblytOAiAkWrF3GwJatgmPqRFFQs2t56eP3F5aucrTVSRjDnlrtQ%3D%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&sq=3191&rn=6&rbuf=4892&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a01:28:cb6:4::12 Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

68ecd348cff7fa1c9525c8a3e6b2d288061ad0ba4f48be3fe7357b1712753dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Sun, 13 Nov 2022 09:58:59 GMT
x-sequence-num: 3191
date: Sun, 13 Nov 2022 09:58:59 GMT
x-content-type-options: nosniff
x-segment-lmt: 1668317572032738
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 397383
x-walltime-ms: 1668333539312
x-head-time-millis: 15965001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 397383
last-modified: Sun, 13 Nov 2022 05:32:52 GMT
x-bandwidth-app-limited: false
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 15965
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
x-bandwidth-est3: 985189
access-control-allow-credentials: true
x-head-seqnum: 3193
timing-allow-origin: https://www.youtube.com
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame C4BD 4 KB
2 KB 22ms
22ms Script
text/javascript 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=59299047;click=https://hal900021.redintelligence.net/c/p9oq0affbwqulve?tprd=;js=1;adfxid=1x;6038;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fstar.setn.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7b31098d427d2cbbc2ba39d526c6566a3bb0a0c88820b787787d6c419b9f8e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2014
expires: -1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B1C 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7dH-SdZ9NwLo-Y8iicXvAvvboQyS9ag6k47HbvVF3KCSbJFE1lkhTAqM1YQ1YTk0YP_cs54CcM4nsFsR1TFjcM-1_xwb_waBJlo650-n_DwTpv5pdo4RQ5EFLbQB_VHEMQ9DzQhqkYcwJM6Gbip-c-QE7W6ifhlT5dY3E0kG1U3WJRw_3p_XB2d8SCYr7I1qtx2p5Jy8PImBPTkhmOvDN2XNeq006sW1PbuojLKEZz_9XhSSVzsrMZ9pJU87OQbLDnc-DlvrI14TWRFHW3KhAiI2fJX3ujNV899PhCXywwlBwstd2IYwRO31ritxg33C6TAFiGG1PkqhPSuxKjYOognQKTSnpF1Q&sai=AMfl-YTiXcMQ9b25tg2NlWYWiQIw4wc3CRTNODqonMRSGdGe-OhfQSOB9EV2ryWNTcGZdmIVagEXaebMNnILi85jH3pkUnT_ewLDsG16iZAztKG3UT-JyieowwD7MZlZK6gHBbjK&sig=Cg0ArKJSzOlpwiNJmzWpEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Nov 2022 09:58:59 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 34ms
33ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&sid=AaHdyD4OEAHlcKgY&oz_sc=094e6c9e57606cd049bbb53d&oz_df=1668333539017&oz_l=4558&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.81.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:58:58 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H3 204 AGSKWxVU3gopATMmgxZsuK_ecQGmAIIyNz_CXXKJeoom_X8d6NMMZYtdVL02Oe6t3JqSv7e5MJ4Kui64CIyxwD2EOVt8y6iLNaxQaPEiE_-xFGCKmFUMcKUN0RZwwPWrAoXWsvI_BBfong== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 23ms
23ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVU3gopATMmgxZsuK_ecQGmAIIyNz_CXXKJeoom_X8d6NMMZYtdVL02Oe6t3JqSv7e5MJ4Kui64CIyxwD2EOVt8y6iLNaxQaPEiE_-xFGCKmFUMcKUN0RZwwPWrAoXWsvI_BBfong==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-o39KVAF0pk3nUSoBr2gTvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-o39KVAF0pk3nUSoBr2gTvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://star.setn.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F496 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoPj3JaeoiQ7DGP1A1L4GycHBnLfrdnHSV8e_RyQB82dKbpAKPUTvccU1H2wVmKR_z1wzsMAdEefyE2J9kY0LpWic&sig=Cg0ArKJSzORvODeqWTslEAE&id=lidar2&mcvt=1032&p=913,1100,1163,1400&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3938882674&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668333536815&rpt=1159&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/ Frame 4A86 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 15:44:55 GMT
etag: 10353107486223812946
expires: Sat, 26 Nov 2022 15:44:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxVU3gopATMmgxZsuK_ecQGmAIIyNz_CXXKJeoom_X8d6NMMZYtdVL02Oe6t3JqSv7e5MJ4Kui64CIyxwD2EOVt8y6iLNaxQaPEiE_-xFGCKmFUMcKUN0RZwwPWrAoXWsvI_BBfong== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 23ms
22ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVU3gopATMmgxZsuK_ecQGmAIIyNz_CXXKJeoom_X8d6NMMZYtdVL02Oe6t3JqSv7e5MJ4Kui64CIyxwD2EOVt8y6iLNaxQaPEiE_-xFGCKmFUMcKUN0RZwwPWrAoXWsvI_BBfong==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mxyOTaXr8irIFQOE0QJLvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mxyOTaXr8irIFQOE0QJLvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://star.setn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVU3gopATMmgxZsuK_ecQGmAIIyNz_CXXKJeoom_X8d6NMMZYtdVL02Oe6t3JqSv7e5MJ4Kui64CIyxwD2EOVt8y6iLNaxQaPEiE_-xFGCKmFUMcKUN0RZwwPWrAoXWsvI_BBfong== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 57ms
57ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVU3gopATMmgxZsuK_ecQGmAIIyNz_CXXKJeoom_X8d6NMMZYtdVL02Oe6t3JqSv7e5MJ4Kui64CIyxwD2EOVt8y6iLNaxQaPEiE_-xFGCKmFUMcKUN0RZwwPWrAoXWsvI_BBfong==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dFj3Gg436ER-iARr-jj3iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-dFj3Gg436ER-iARr-jj3iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://star.setn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUIHuLlhMtshhq8ZffdMa94eZuPIYzio_BEvlx4hdS69IXHW-35FE6FEcSVNk3SgTjlQh-MaUP6wZ-NN9WROprgNBakrpkculzJdaWZxZSEeAqIc0_EIjg6fvl3QP1qPapRSV7ENg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUIHuLlhMtshhq8ZffdMa94eZuPIYzio_BEvlx4hdS69IXHW-35FE6FEcSVNk3SgTjlQh-MaUP6wZ-NN9WROprgNBakrpkculzJdaWZxZSEeAqIc0_EIjg6fvl3QP1qPapRSV7ENg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY4MzMzNTM5LDE3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vc3Rhci5zZXRuLmNvbS9uZXdzLzExODE5MzYiLG51bGwsW1s4LCJYcTFhQ1RQNG1WTSJdLFs5LCJkZSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a53dce780d977edd817fc96e34c6013295f312fadff0bb328e3ebf68e1189ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IVqOLKXEeRmLeO_3Waq0TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-IVqOLKXEeRmLeO_3Waq0TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C4BD 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame C4BD 90 KB
39 KB 26ms
26ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 532a8e65348794f09d3decd5b7aae67a0acdea25b0ad787c604edc4d02f29709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 07:27:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 14 Nov 2022 13:22:19 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame C662 0
20 B 16ms
15ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=GtbrCDB2vZGbVKBV&ver=2&cmt=15950.119&fmt=244&fs=0&rt=2.461&euri=https%3A%2F%2Fstar.setn.com%2F&lact=2938&live=dvr&cl=486528943&mos=1&volume=100&cbr=Chrome&cbrver=107.0.5304.110&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&delay=5&hl=de_DE&cr=DE&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24230619%2C24255165%2C24288488%2C24292955%2C24293803%2C24406605%2C24407199%2C24408610%2C24413559%2C24416290&rtn=4&afmt=140&lio=1668317565.788&size=888%3A500&inview=0&muted=1&docid=NA9Jlcekyik&ei=4L9wY86DLv63x_APgdeRkAc&plid=AAXtVyvT8G98Dour&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FNA9Jlcekyik%3Fwidget_referrer%3Dhttps%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fstar.setn.com%26widgetid%3D1&of=Q-x-uO9svJJGJhdOazSARw&vm=CAEQARgEOjJBUEV3RWxRMVhwUHBKUzNXcUZNa1o5d29Wby1ldmlXc0V2UFpFd1d5WUpUWFZ2bGxVd2JUQVBta0tES1g3eDhCZFA4YzlOYmxwanVaYy1XUjR3bVN3WjhpVjd1VVotUUlXOWlnSVIzQjVyVjFoXzdJOWJQNkdUTkJHNGZRZnZ1YUJJLWtkWUhoaAE

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmM1RmSjBBTEJQWSjf_8KbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668333536119&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C888%2C500&vis=1&wgl=true&ca_type=image&bid=ANyPxKpaJ06RQtHHzIQ7LIz9x6f-zJZVgE5E447DIISEqBl2M7faGXLpdEPjN0X_Qy4HK3hSgX4KLABlTX-DwEJK8Jxmcq5K0Q

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:59 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame C662 0
20 B 16ms
15ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=NA9Jlcekyik&cpn=GtbrCDB2vZGbVKBV&ei=4L9wY86DLv63x_APgdeRkAc&ptk=youtube_single&oid=OTJGzKV-ENGQs26uPEekAw&ptchn=IU8ha-NHmLjtUwU7dFiXUA&pltype=contentlive

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmM1RmSjBBTEJQWSjf_8KbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668333536119&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C888%2C500&vis=1&wgl=true&ca_type=image&bid=ANyPxKpaJ06RQtHHzIQ7LIz9x6f-zJZVgE5E447DIISEqBl2M7faGXLpdEPjN0X_Qy4HK3hSgX4KLABlTX-DwEJK8Jxmcq5K0Q

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:59 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C662 348 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71372e3deea1a02abbfea90837ba538bccef8be7f70de68d06ab238ee9223b57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=star.setn.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 vendor-list.json Show response
vendorlist.dmcdn.net/v2/ Frame BBA0 395 KB
53 KB 58ms
33ms XHR
application/json 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.dmcdn.net/v2/vendor-list.json
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.vendors~photon_app.be3e4bb5739df6aedd03.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 17c9d5ca43ed7fc8999db7dbc5ed6ff3f8169a9e98ede0f1d3bd3024273a4c85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: KvGR_19VuNz_3zoDXYb8Wx0neg5l0Up9
content-encoding: gzip
via: 1.1 61f7d27ce8f4df7e325eea9eb0ff9a12.cloudfront.net (CloudFront)
date: Sun, 13 Nov 2022 09:58:59 GMT
x-amz-cf-pop: CDG3-C2
age: 236932
content-length: 53263
last-modified: Thu, 10 Nov 2022 16:05:26 GMT
server: AmazonS3
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
x-ip-address: 178.79.246.104
x-amz-cf-id: TrgzwDGNXodlfrrz8FlUuH1WHw_g4beGv8yUzJC6lLgFW0w1t36a9g==
x-llid: 2eddba3eeb93ba3e1897768b2004e147
expires: Thu, 17 Nov 2022 16:10:07 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame BBA0 4 KB
2 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.c0c8cf46e030a5635b17.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 09:58:59 GMT

GET
H/1.1 200
OK latencies.js Show response
speedtest.dailymotion.com/ Frame BBA0 7 KB
2 KB 73ms
21ms Script
application/javascript 188.65.124.91
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://speedtest.dailymotion.com/latencies.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.c0c8cf46e030a5635b17.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.91 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: st.dc3.dailymotion.com
Software: /
Resource Hash: 72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:58:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Sep 2020 07:44:45 GMT
Content-Type: application/javascript
Cache-Control: max-age=21600, public
Accept-Ranges: bytes
Content-Length: 2041
Expires: Sun, 13 Nov 2022 15:58:59 GMT

GET
H2 200 Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
static1.dmcdn.net/playerv5/photon/fonts/ Frame BBA0 36 KB
37 KB 18ms
17ms Font
application/octet-stream 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/fonts/Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 9f0384a2c4cddef7a95fce9cc026e0901482723d031610c2dc33f23864e8d5c3

Request headers

Referer: https://geo.dailymotion.com/
Origin: https://geo.dailymotion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
last-modified: Thu, 20 Oct 2022 14:03:48 GMT
server: DMS/1.0.42
age: 1843388
etag: "63515544-9118"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
server-timing: total;dur=0, dc;desc="dc3"
accept-ranges: bytes
timing-allow-origin: *
content-length: 37144
x-llid: 553b8d145585f40691d83f0e198ae3b9
expires: Tue, 22 Nov 2022 01:55:51 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6F24 370 KB
123 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.c0c8cf46e030a5635b17.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4c52d065f54f30b3944ed6d83d97e3eec06f305c9ecaab134ff7ee6170077c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126378
x-xss-protection: 0
expires: Sun, 13 Nov 2022 09:58:59 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame BBA0 15 B
363 B 21ms
21ms XHR
application/json 188.65.124.58
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_vendor.cb0d857b291806973621.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed1.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept: application/json, text/plain, */*
X-Dm-EventBus-Worker-Duration: 0
Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Sun, 13 Nov 2022 09:58:59 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

OPTIONS
H/1.1 200
OK /
pebed.dm-event.net/ Frame 0
0 22ms
21ms Preflight 188.65.124.58
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed1.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Access-Control-Request-Method: POST
Origin: https://geo.dailymotion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 604800
Content-Length: 0
Date: Sun, 13 Nov 2022 09:58:59 GMT
Server: edward-ed/2.2.1

POST
H2 200 /
track.adform.net/csimpr/ Frame C4BD 35 B
479 B 20ms
20ms Ping
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59299047&csi=tPi0bGAboYkrbAp8fxebBhKjBfFKlMI5at986mOONTPrygPkIxxfk82aRkcbYc0mOmG5qM6-Lqj13CY3YiEnvt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900021.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900021.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 bridge3.544.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame CF6E 690 KB
221 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 173657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226556
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 09:44:42 GMT
expires: Sat, 11 Nov 2023 09:44:42 GMT
last-modified: Thu, 10 Nov 2022 19:42:54 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 278ms
278ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=ad.request&aui=22016&aup=glia_adx_5&auo=3&aut=google&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=1707958140461507.5
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

POST
H3 204 AGSKWxWEuPyPIJ8XGJSqqagOza2PBPj8OMTZ4JI-46DZrQ3jH9lE8HldLTmAMKDL6A55FrW05HS2O5_LWF16kNco82KSERqgiQXtugcM1-O3rp_KKhW4-oC0o6yn6mRHTuI1T0lQ7gPWyg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 21ms
20ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWEuPyPIJ8XGJSqqagOza2PBPj8OMTZ4JI-46DZrQ3jH9lE8HldLTmAMKDL6A55FrW05HS2O5_LWF16kNco82KSERqgiQXtugcM1-O3rp_KKhW4-oC0o6yn6mRHTuI1T0lQ7gPWyg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lsk_jvcjzR7QuMuO1w9wHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-lsk_jvcjzR7QuMuO1w9wHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://star.setn.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/ Frame C662 80 KB
80 KB 301ms
301ms Fetch
audio/mp4 2a01:28:cb6:4::12
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=WX&mm=44%2C29&mn=sn-n02xgoxufvg3-2gbz%2Csn-4g5e6nsy&ms=lva%2Crdu&mv=u&mvi=7&pl=48&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&mt=1668332466&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgbrMuplEXZljDkKKuN4VWOPg8OsedV3M1E3AJV7TM6U8CIGO3c6AeOwP2GFszb8-B9EKmYstd3Lz_Nqv-9jwasGCL&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAPNAxASe712jqDyaYQpV7AhjkT3qzWXRaQTkqClblytOAiAkWrF3GwJatgmPqRFFQs2t56eP3F5aucrTVSRjDnlrtQ%3D%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&sq=3192&rn=7&rbuf=9908&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a01:28:cb6:4::12 Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

abb9f0bdb272c37a41208df76c446a35ba557f867c21b8cee269bc998f40c9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Sun, 13 Nov 2022 09:58:59 GMT
x-sequence-num: 3192
date: Sun, 13 Nov 2022 09:58:59 GMT
x-content-type-options: nosniff
x-segment-lmt: 1668317572032758
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 2647601
x-walltime-ms: 1668333539751
x-head-time-millis: 15965001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 2647601
last-modified: Sun, 13 Nov 2022 05:32:52 GMT
x-bandwidth-app-limited: false
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 15965
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
x-bandwidth-est3: 985189
access-control-allow-credentials: true
x-head-seqnum: 3193
timing-allow-origin: https://www.youtube.com
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H2 200 11970852.js Show response
s1.adform.net/Banners/Elements/Files/160090/11970852/ Frame 321A 118 KB
28 KB 22ms
21ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11970852/11970852.js?ADFassetID=11970852&bv=258
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 400e543fbdc7c7db272817488c9f25c4252835f6f95b84c68f9f7fbd76eaa619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
last-modified: Mon, 07 Nov 2022 10:59:47 GMT
server: nginx
x-amz-request-id: tx000007a44a3b4779e7555-0063705c0f-32941e2b-default
etag: W/"aa439beaa1e6a1c8c76b9b4a10a892f2"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 videoplayback Show response
rr2---sn-4g5edndy.googlevideo.com/ Frame C662 503 KB
503 KB 8ms
8ms Fetch
video/webm 2a00:1450:4001:25::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edndy.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=yt_live_broadcast&requiressl=yes&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhANRxIQXCxTtsQw-f9ezyYKghESRsyRyZoGHX8znk6452AiEA32o5PrmGz1b2LkEfxsGY7YzFDxNIZnsXxl4hlva2OPk%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-n02xgoxufvg3-2gbz7k&cms_redirect=yes&cmsv=e&mh=WX&mm=29&mn=sn-4g5edndy&ms=rdu&mt=1668333446&mv=m&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgYSnWhczft73-4Y8UuW6gDBUvdDTp7I3xoxHchOimksgCIQDewiaJKQH6Y2B-eVvAw4EfVvwjp1yl7BwpMSzZarXSMA%3D%3D&sq=3192&rn=8&rbuf=9527&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:25::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d934757fdc209e95c6535c475c6c74c89c105e7187d093bb436e2d919119734e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
x-sequence-num: 3192
date: Sun, 13 Nov 2022 09:58:59 GMT
x-content-type-options: nosniff
x-segment-lmt: 1668317572032763
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 2886307
x-walltime-ms: 1668333539535
x-head-time-millis: 15965001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 515052
x-bandwidth-est-comp: 2886307
last-modified: Sun, 13 Nov 2022 05:32:52 GMT
x-bandwidth-app-limited: false
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 15965
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
x-bandwidth-est3: 2468337
access-control-allow-credentials: true
x-head-seqnum: 3193
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-bandwidth-est-app-limited: false
expires: Sun, 13 Nov 2022 09:58:59 GMT

GET
H3 200 bridge3.544.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7CBB 690 KB
221 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geo.dailymotion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 173657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226556
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 09:44:42 GMT
expires: Sat, 11 Nov 2023 09:44:42 GMT
last-modified: Thu, 10 Nov 2022 19:42:54 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6F24 44 KB
16 KB 39ms
23ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Nov 2022 09:58:59 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 32ms
32ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&sid=AaHdyD4OEAHlcKgY&oz_sc=094e6c9e57606cd049bbb53d&oz_df=1668333539519&oz_l=271&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.81.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:58:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame BBA0 52 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 14:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 13 Nov 2022 14:53:08 GMT

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 279ms
279ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=player.vendorCreated&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=749313500709514.2
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 dmp.dynamic_quality_switcher.0a12c2909359ea7f8b11.js Show response
static1.dmcdn.net/playerv5/photon/ Frame BBA0 22 KB
7 KB 19ms
18ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.dynamic_quality_switcher.0a12c2909359ea7f8b11.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_manifest.6709e046fc8ff70acf21.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 3ef22eac12cbbff104e247617db0aea70ec73b94bad362f55b838c07cd5d1dac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
age: 519975
server-timing: total;dur=0, dc;desc="dc3"
content-length: 7230
last-modified: Mon, 07 Nov 2022 09:28:37 GMT
server: DMS/1.0.42
etag: "6368cfc5-580a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: 377cd69e0bf77e1cac3a6892070f48a5
expires: Wed, 07 Dec 2022 09:32:44 GMT

GET
H2 200 dmp.vendors~hlsjs_stable.607603975ee410c63a10.js Show response
static1.dmcdn.net/playerv5/photon/ Frame BBA0 189 KB
54 KB 19ms
19ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_manifest.6709e046fc8ff70acf21.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: ca356d69f023a86170e7197b26266cc9f913b54fc90e96a760cec4152b7848b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
age: 1403470
server-timing: total;dur=0, dc;desc="dc3"
content-length: 54717
last-modified: Thu, 27 Oct 2022 14:30:19 GMT
server: DMS/1.0.42
etag: "635a95fb-2f204"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-llid: e287b3e1d9a55c8bbc2a117fb30e39ff
expires: Sun, 27 Nov 2022 04:07:49 GMT

GET
H2 204 x8fg896.m3u8 Show response
dmxleo.dailymotion.com/cdn/manifest/video/ Frame BBA0 0
277 B 88ms
21ms Script
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://dmxleo.dailymotion.com/cdn/manifest/video/x8fg896.m3u8?auth=1668506339-2562-5yxrv3h6-d8d20a15d4fe5528bd8757e59b92b2b3lqlaBugeshvokh8nNxQeU0GsB6eZmRGKOTyuyXkojn6_l0V8ECxAZZMBNgvNQbP5zydKdLIYXgOFVIR8lBniPtac6qwFyFGnoMqfCEqt-s93P0lcl94aP02KDM_0FWgBlQkeGRSkN6Y55GZaAmesdOOpPHhDfuSp2QCjjPDl6LEH3yqYEL6l9-I5xMdwgler3fA_os4DsCw9tf4HQ9elltfmiR6hZl5_VPifm-LibeoGDjDp4J1f-uCs0yWrzzysp_ICkKcdfy1t3s8C8BrAi5M3cdtjq_668w1KGV5tQ5TI1dev5xPB5hNoMYpJyKKc3qSlFTUiBPJGKN6qvjGlcZVCdR4xzvUU8Mt7pJrJyMFbzRkvQL_qtb1dVMBHPbWwSxLU9Fy1OcvszQdUlSs_t5gx1wg40Sp8pfPmjAHCq43Pc6lY5V1LEbxPWk2Ozq-h-3MECOQ8DCuEkuaB_BONNyymNvaG9g1A7tF11Bgqe22GmY6p9UpFJNb1xVJjSVNl6wWAlqRYAg2E_5PqByt1zAMTFF_Cn79S_vcH8VQlw7dFNOBYJWic7HpNPf1rdwMP5shRiLcL7ByHa3vYPDmN0pQ9obebfF-IAJEpzpsVJgP-IfdSUUUr2clwXYCmVP9Goa6N7iIrOpCbkE17I9RWZNXHGZt0CpMUDgmHl7-VCizgh8xbcm7tzA6mR0G5zN4CeoPQIg8Z3JIH6yraVqY7vVUpgaCxyWJTZw4--KupPklEkxNGthBlZM45WlHCCr5QR65lWLKGoNnEPbXeOgsSXCmQqOias1Q835ss7sPJZ3NM4iOthjuFifH5kRMJD_f7VOKJfgZcy4pw3eJ8Dhc14t1qORSnMBt7oz8uA0HcrkO9d8XbLFOk6HE8PJy9E34tjliLiKE3-JDG0zKtLAYCLcqOuSi90noLdAXXw495IatIuh45uXOgdh0oAY3JHyg9Pzc5HbJdAkf1f_RSwi1-6VOjNseXzuick2-apg-6IdLm9NhyspBGIALZG_gq4TRHjH8bG6y1S7vMGqR1K951RvmL2b00FTal_TZMEO-FEtLJaqtknW4FH5OqWKxt_EvVXWnPQJ8r6flhAj_xO3sZKX3_DXfV9tcLT7cRNhPOs6r7tdulJJRrhAfvVB5ZStfbgb_l1O6xnsgeUH5cOoBraf6SJFrkDgyouw_wp5NUv6fjaJHmaQ_aqmHd2aL96wxGAx1tb_s_QIgaxdXLEwzDs0m6ANddPPCyFPLNXX80a1jzEzxys7IcPyCrXJkmfSuC7FUAKDHsPiDHOslK7K3QitA3sUxeBaSiNERbRyeLWf09VPOBTKxqw7jruhs4aE5HeylhuRpMPKmMteLwSb5Lgx-GkdQ5_Gec-b8w94fCvMLe_bMvZb3sCwI7yA8jFD79UDF1VUTinjxOe8H43mWl-5VQdM9uuJakW3YGChLu5J9PRZNLyJUuYvSorgM0ks3JBe-Tf3kzEdkGBTtSLyL971DUSplJ6oeLay0FzcMCGxieybnSIoS9RDm1PqQhcNSHTNyTIzjDqsJQCyxfVTnDfJP0uz7VlXYVYs5gTm4Vq-vNAdeWsIWKpYxytP_4YtAKFjUh9UB2SEWE8opauQHIYp115bOZb_5w7SO11BTBVQ8ZSD6hiZ0FUp_jEu8M_VXXBldL0e3SyrT9djHleXY9wBMxv3VEqlvVTuKubZhcdkmZWr5BRjg8Muj7e8Ku5Ej7KgZWqGOKpWl1dblM4vpvHG1r0FbIvFZwtyzpfRf31yUWPHaoKJu8D5u1BRpZOhS62mI2wYZMKOZyi396qwI_GCFccnVw_CwTHZulQPb9Z5Ub1urXXUy8CJoLsogV2_2k5IAdx6vlpUnUTvDEmLwSwVTUHRgw894Sg3EQczGZiekqaAkoay7K6IXZxUkCzgErr_6Vw8bKGAcB0GqLcG9NgKj4Vp6VTmn64G7IEeK6T9Po84yNRGYUgXsKYQ0jxm6sjPt7nuLQSkfNucFGdPjtGKBJbMhlUb9ITpO8v93Dbl-oSWuomPeyi_cQOE3xgsXO4PcorPIB1nNygR0qmY3cDUA5blXF4zrNJzqnaYCrlt0LYEUiRHRRpPs4NdFf5m0EsH3E2_-q6XkDtqxNu4zNWM4FRTO0GVy389nmbb-09RexCfDjPOiBsDO6UFhB_KfS7tp28nQuqZhhfe4vmnuGGnHfXOuhOsPcAkCqbNVTyRYI&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=0&reader_us_privacy=1---

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.c0c8cf46e030a5635b17.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-z5xcx
date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: https://geo.dailymotion.com/
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 321A 136 KB
46 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46978
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 19:45:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Nov 2022 10:07:11 GMT

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 273ms
272ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=player.initVendorEnd&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=2887972924174531
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 278ms
278ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=player.inited&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=9940257865737064
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame CF6E 156 B
748 B 725ms
678ms XHR
text/xml 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Fglia_adx_5_tw_starsetn_desktop_1650969630.899529&description_url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=494989135958094&vpa=auto&sdkv=h.3.544.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3697049710&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.544.0&sid=690B0469-2576-45E0-B6BC-6C54D6F4E056&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&dt=1668333539839&cookie=ID%3D64f264759eb0c061-228fdbe07ace00b8%3AT%3D1668333535%3AS%3DALNI_Mbd21j9x1kEz9nWw0DWMhNgblfPSQ&gpic=UID%3D00000b809f7813dd%3AT%3D1668333535%3ART%3D1668333535%3AS%3DALNI_MZvLirpOwQgiP_r1k-Ghx6Ca1gp1g&scor=3159684156888339&ged=ve4_td6_tt1_pd6_la6000_er991.0.1145.300_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 321A 30 KB
14 KB 19ms
19ms Script
application/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx0000003d67c0cdd7a86b2-00635ba0df-3293aae9-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 AItopic_2_140x270.jpg
attach.setn.com/images/ 56 KB
57 KB 37ms
36ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/images/AItopic_2_140x270.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf7c9e77da4ab1b55289de5b7aa63ef93965861db10c57bbe366162fe1ff77ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 05:42:21 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 43
etag: "c2957026996b13250234cfc038e12f47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 57591
x-amz-cf-id: 2-QZiZq3KvrKpuawgCznW9D8vSWbXDk8erxI3MFxcm7xAsG_DfT4-w==

GET
H2 200 RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
static1.dmcdn.net/playerv5/photon/fonts/ Frame BBA0 36 KB
36 KB 18ms
17ms Font
application/octet-stream 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.dmcdn.net/playerv5/photon/fonts/RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 0365e3f4d308d0beec787524d9a2f686351e1011555515526ddfaf34176d0514

Request headers

Referer: https://geo.dailymotion.com/
Origin: https://geo.dailymotion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:59 GMT
last-modified: Thu, 20 Oct 2022 14:03:48 GMT
server: DMS/1.0.42
age: 1843580
etag: "63515544-8fcc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
server-timing: total;dur=0, dc;desc="dc3"
accept-ranges: bytes
timing-allow-origin: *
content-length: 36812
x-llid: bc23b89381cdc5b56cd52f3781762790
expires: Tue, 22 Nov 2022 01:52:39 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 35ms
34ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&sid=AaHdyD4OEAHlcKgY&oz_sc=094e6c9e57606cd049bbb53d&oz_df=1668333539871&oz_l=5742&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.81.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:58:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK x8fg896.m3u8 Show response
www.dailymotion.com/cdn/manifest/video/ Frame BBA0 6 KB
3 KB 55ms
55ms XHR
application/vnd.apple.mpegurl 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymotion.com/cdn/manifest/video/x8fg896.m3u8?sec=uadAY2YFErj0pcqRP3zz4ohXc8yE7gI2JHKG0RlvUxCohPBMkwXDa0rh-nuhv-VAH8jCmzUsEGE_mPAp8MTuJg&dmTs=763964&dmV1st=F31F43E65557F63A1BB6BA6969BAE7D8

Requested by

Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.vendors~hlsjs_stable.607603975ee410c63a10.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.dc3.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

76964aba4a6d7298bf312002ceca2e7a6cdaeed9371263d4260bf0390ebca800

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
Date: Sun, 13 Nov 2022 09:58:59 GMT
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing: total;dur=32, dc;desc="dc3"
Content-Length: 1632
Referrer-Policy: no-referrer-when-downgrade
Server: DMS/1.0.42
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary: X-DM-SSL,Accept-Encoding
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=600
Timing-Allow-Origin: *
Expires: Sun, 13 Nov 2022 10:08:59 +0000

GET
H/1.1 200
OK 509680842_mp4_h264_aac_l2.m3u8 Show response
proxy-010.dc3.dailymotion.com/sec(Bf4sEhVqYgA_fMJKdNdkP9YNHDnHiHOt1DgXBxIdnkD-Tgw2X0I7AH3g4ExEJiX1nA1WoVjiojoHndn0j0ECgIstSEb_5uBnmZMz7yCtlIo)/video/248/086/ Frame BBA0 2 KB
683 B 90ms
21ms XHR
application/vnd.apple.mpegurl 188.65.126.245
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-010.dc3.dailymotion.com/sec(Bf4sEhVqYgA_fMJKdNdkP9YNHDnHiHOt1DgXBxIdnkD-Tgw2X0I7AH3g4ExEJiX1nA1WoVjiojoHndn0j0ECgIstSEb_5uBnmZMz7yCtlIo)/video/248/086/509680842_mp4_h264_aac_l2.m3u8
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.126.245 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: proxy-010.dc3.dailymotion.com
Software: lumberjack/2.5.2 /
Resource Hash: 84fa0b2209fb34cf5b399e83a2aad222aca5706c6f02cfd88ca6e79e5e487f8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:59:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Nov 2022 01:19:38 GMT
Server: lumberjack/2.5.2
Access-Control-Max-Age: 600
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Content-Length: 304
Expires: Mon, 14 Nov 2022 09:59:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 33ms
32ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&sid=AaHdyD4OEAHlcKgY&oz_sc=094e6c9e57606cd049bbb53d&oz_df=1668333540044&oz_l=202&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.81.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:58:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK 509680842_mp4_h264_aac_l2.ts Show response
proxy-010.dc3.dailymotion.com/sec(Bf4sEhVqYgA_fMJKdNdkP9YNHDnHiHOt1DgXBxIdnkD-Tgw2X0I7AH3g4ExEJiX1nA1WoVjiojoHndn0j0ECgIstSEb_5uBnmZMz7yCtlIo)/frag(1)/video/248/086/ Frame BBA0 32 KB
32 KB 21ms
21ms XHR
video/mp2t 188.65.126.245
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-010.dc3.dailymotion.com/sec(Bf4sEhVqYgA_fMJKdNdkP9YNHDnHiHOt1DgXBxIdnkD-Tgw2X0I7AH3g4ExEJiX1nA1WoVjiojoHndn0j0ECgIstSEb_5uBnmZMz7yCtlIo)/frag(1)/video/248/086/509680842_mp4_h264_aac_l2.ts
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.126.245 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: proxy-010.dc3.dailymotion.com
Software: lumberjack/2.5.2 /
Resource Hash: 1f3010b710717b7871653cbf6fff75da672e93c3a108db0726c25f66557e18f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:59:00 GMT
Last-Modified: Sun, 13 Nov 2022 01:19:38 GMT
Server: lumberjack/2.5.2
Access-Control-Max-Age: 600
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Content-Length: 32524
Expires: Mon, 14 Nov 2022 09:59:00 GMT

GET
BLOB 200
OK 15c91a0a-43cb-4a6f-a9d9-1e738b50fa81
https://geo.dailymotion.com/ Frame BBA0 65 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://geo.dailymotion.com/15c91a0a-43cb-4a6f-a9d9-1e738b50fa81
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b17de2bb097917f12756ebb689a9cdcdf47a46ca5df26ea2b27b6620452ea6a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 66540
Content-Type: text/javascript

GET
H/1.1 200
OK 509680842_mp4_h264_aac_ld.m3u8 Show response
proxy-010.dc3.dailymotion.com/sec(Bf4sEhVqYgA_fMJKdNdkP9YNHDnHiHOt1DgXBxIdnkAGzU0w56GRv0XhlMvXcL0uTnfou97_bFj28fciq-cLy-y2U_S1cVUWFFTP88zwEWo)/video/248/086/ Frame BBA0 2 KB
683 B 42ms
42ms XHR
application/vnd.apple.mpegurl 188.65.126.245
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-010.dc3.dailymotion.com/sec(Bf4sEhVqYgA_fMJKdNdkP9YNHDnHiHOt1DgXBxIdnkAGzU0w56GRv0XhlMvXcL0uTnfou97_bFj28fciq-cLy-y2U_S1cVUWFFTP88zwEWo)/video/248/086/509680842_mp4_h264_aac_ld.m3u8
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.126.245 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: proxy-010.dc3.dailymotion.com
Software: lumberjack/2.5.2 /
Resource Hash: e0d777eb199b730bb5d49e86661a3fac4c56e3f69cde1231b2cd1d8ea3b03de6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:59:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Nov 2022 01:19:31 GMT
Server: lumberjack/2.5.2
Access-Control-Max-Age: 600
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Content-Length: 304
Expires: Mon, 14 Nov 2022 09:59:00 GMT

GET
H/1.1 200
OK 509680842_mp4_h264_aac_ld.ts Show response
proxy-010.dc3.dailymotion.com/sec(Bf4sEhVqYgA_fMJKdNdkP9YNHDnHiHOt1DgXBxIdnkAGzU0w56GRv0XhlMvXcL0uTnfou97_bFj28fciq-cLy-y2U_S1cVUWFFTP88zwEWo)/frag(1)/video/248/086/ Frame BBA0 92 KB
92 KB 22ms
22ms XHR
video/mp2t 188.65.126.245
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-010.dc3.dailymotion.com/sec(Bf4sEhVqYgA_fMJKdNdkP9YNHDnHiHOt1DgXBxIdnkAGzU0w56GRv0XhlMvXcL0uTnfou97_bFj28fciq-cLy-y2U_S1cVUWFFTP88zwEWo)/frag(1)/video/248/086/509680842_mp4_h264_aac_ld.ts
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.126.245 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: proxy-010.dc3.dailymotion.com
Software: lumberjack/2.5.2 /
Resource Hash: fd74c05c0fcc29f728908b6c030cfc56d27dd67a1dec464e45da276ab6b58f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.dailymotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 09:59:00 GMT
Last-Modified: Sun, 13 Nov 2022 01:19:31 GMT
Server: lumberjack/2.5.2
Access-Control-Max-Age: 600
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Content-Length: 94000
Expires: Mon, 14 Nov 2022 09:59:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 32ms
32ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&sid=AaHdyD4OEAHlcKgY&oz_sc=094e6c9e57606cd049bbb53d&oz_df=1668333540202&oz_l=154&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.81.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:58:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 7beb2873-0ddd-427e-8432-80489284c7fb
https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/ Frame 7984 787 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/7beb2873-0ddd-427e-8432-80489284c7fb
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5684419a67d14ab2c790827fc3d6a761f430585597f31bd3bbcb4b5d34130dab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 787

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 32ms
32ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&sid=AaHdyD4OEAHlcKgY&oz_sc=094e6c9e57606cd049bbb53d&oz_df=1668333540391&oz_l=814&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.81.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:59:00 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 bridge3.544.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A556 690 KB
221 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 173658
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226556
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 09:44:42 GMT
expires: Sat, 11 Nov 2023 09:44:42 GMT
last-modified: Thu, 10 Nov 2022 19:42:54 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 277ms
277ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=ad.request&aui=43299&aup=glia_adx_5-2&auo=4&aut=google&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=2940349225614849
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:00 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 21ms
21ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=star.setn.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 32ms
32ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&sid=AaHdyD4OEAHlcKgY&oz_sc=094e6c9e57606cd049bbb53d&oz_df=1668333540561&oz_l=3977&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.81.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:59:00 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A556 156 B
142 B 427ms
410ms XHR
text/xml 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Fglia_adx_5-2_tw_starsetn_desktop_1655120906.671352&description_url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1031949025540032&vpa=auto&sdkv=h.3.544.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3697049710&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.544.0&sid=690B0469-2576-45E0-B6BC-6C54D6F4E056&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&dt=1668333540726&cookie=ID%3D64f264759eb0c061-228fdbe07ace00b8%3AT%3D1668333535%3AS%3DALNI_Mbd21j9x1kEz9nWw0DWMhNgblfPSQ&gpic=UID%3D00000b809f7813dd%3AT%3D1668333535%3ART%3D1668333535%3AS%3DALNI_MZvLirpOwQgiP_r1k-Ghx6Ca1gp1g&scor=2394841998934675&ged=ve4_td7_tt2_pd7_la7000_er991.0.1145.300_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 watchtime Show response
www.youtube.com/api/stats/ Frame C662 0
20 B 15ms
15ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=GtbrCDB2vZGbVKBV&ver=2&cmt=15951.703&fmt=244&fs=0&rt=4.001&euri=https%3A%2F%2Fstar.setn.com%2F&lact=4478&live=dvr&cl=486528943&state=playing&volume=100&cbr=Chrome&cbrver=107.0.5304.110&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&delay=5&hl=de_DE&cr=DE&rtn=14&afmt=140&lio=1668317565.788&idpj=-9&ldpj=-6&rti=4&size=888%3A500&inview=0&st=15950.352&et=15951.703&muted=1&docid=NA9Jlcekyik&ei=4L9wY86DLv63x_APgdeRkAc&plid=AAXtVyvT8G98Dour&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FNA9Jlcekyik%3Fwidget_referrer%3Dhttps%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fstar.setn.com%26widgetid%3D1&of=Q-x-uO9svJJGJhdOazSARw&vm=CAEQARgEOjJBUEV3RWxRMVhwUHBKUzNXcUZNa1o5d29Wby1ldmlXc0V2UFpFd1d5WUpUWFZ2bGxVd2JUQVBta0tES1g3eDhCZFA4YzlOYmxwanVaYy1XUjR3bVN3WjhpVjd1VVotUUlXOWlnSVIzQjVyVjFoXzdJOWJQNkdUTkJHNGZRZnZ1YUJJLWtkWUhoaAE

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmM1RmSjBBTEJQWSjf_8KbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668333536119&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C888%2C500&vis=1&wgl=true&ca_type=image&bid=ANyPxKpaJ06RQtHHzIQ7LIz9x6f-zJZVgE5E447DIISEqBl2M7faGXLpdEPjN0X_Qy4HK3hSgX4KLABlTX-DwEJK8Jxmcq5K0Q

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:00 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 32ms
32ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&sid=AaHdyD4OEAHlcKgY&oz_sc=094e6c9e57606cd049bbb53d&oz_df=1668333540794&oz_l=101&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.81.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:59:00 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H3 204 collect
region1.google-analytics.com/g/ Frame 7BCE 0
17 B 54ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8NJ3QZRCY6&gtm=2oeb90&_p=1328619493&cid=1838979132.1668333535&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1668333535&sct=1&seg=0&dl=https%3A%2F%2Fstar.setn.com%2Fvod%2Flive%2F22078%3Fpagegroupid%3D8&dr=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&dt=2022%E6%A1%83%E5%9C%92%E5%9F%8E%E5%B8%82%E9%9B%BB%E7%AB%B6%E5%98%89%E5%B9%B4%E8%8F%AF-%E7%AC%AC%E4%BA%8C%E5%A4%A9&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8NJ3QZRCY6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://star.setn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bridge3.544.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2371 690 KB
221 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 173659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226556
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 09:44:42 GMT
expires: Sat, 11 Nov 2023 09:44:42 GMT
last-modified: Thu, 10 Nov 2022 19:42:54 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 273ms
272ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=ad.request&aui=22022&aup=glia_adx_4.5&auo=5&aut=google&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=7424204649638750
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:01 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=star.setn.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C662 28 B
52 B 21ms
21ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1668333541257
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmM1RmSjBBTEJQWSjf_8KbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668333536034&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C888%2C500&vis=1&wgl=true&ca_type=image&bid=ANyPxKpaJ06RQtHHzIQ7LIz9x6f-zJZVgE5E447DIISEqBl2M7faGXLpdEPjN0X_Qy4HK3hSgX4KLABlTX-DwEJK8Jxmcq5K0Q

Response headers

date: Sun, 13 Nov 2022 09:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2371 156 B
142 B 259ms
258ms XHR
text/xml 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Fglia_adx_4.5_tw_starsetn_desktop_1650972837.765382&description_url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=331872756249185&vpa=auto&sdkv=h.3.544.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3697049710&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.544.0&sid=690B0469-2576-45E0-B6BC-6C54D6F4E056&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&dt=1668333541304&cookie=ID%3D64f264759eb0c061-228fdbe07ace00b8%3AT%3D1668333535%3AS%3DALNI_Mbd21j9x1kEz9nWw0DWMhNgblfPSQ&gpic=UID%3D00000b809f7813dd%3AT%3D1668333535%3ART%3D1668333535%3AS%3DALNI_MZvLirpOwQgiP_r1k-Ghx6Ca1gp1g&scor=2072720300991251&ged=ve4_td7_tt2_pd7_la7000_er991.0.1145.300_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bridge3.544.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 054E 690 KB
221 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 173659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226556
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 09:44:42 GMT
expires: Sat, 11 Nov 2023 09:44:42 GMT
last-modified: Thu, 10 Nov 2022 19:42:54 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 280ms
278ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=ad.request&aui=43304&aup=glia_adx_4.5-2&auo=6&aut=google&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=8642399696874716
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:01 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 20ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=star.setn.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 054E 156 B
142 B 174ms
173ms XHR
text/xml 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Fglia_adx_4.5-2_tw_starsetn_desktop_1655120919.233128&description_url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2636924887881799&vpa=auto&sdkv=h.3.544.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3697049710&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.544.0&sid=690B0469-2576-45E0-B6BC-6C54D6F4E056&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&dt=1668333541718&cookie=ID%3D64f264759eb0c061-228fdbe07ace00b8%3AT%3D1668333535%3AS%3DALNI_Mbd21j9x1kEz9nWw0DWMhNgblfPSQ&gpic=UID%3D00000b809f7813dd%3AT%3D1668333535%3ART%3D1668333535%3AS%3DALNI_MZvLirpOwQgiP_r1k-Ghx6Ca1gp1g&scor=1635704658667438&ged=ve4_td8_tt3_pd8_la8000_er991.0.1145.300_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 202211130200 Show response
ad.setn.com/api/Tracker/Get/1/22078/ Frame 7BCE 17 B
346 B 16ms
16ms XHR
application/json 18.64.119.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.setn.com/api/Tracker/Get/1/22078/202211130200
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.119.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-119-96.txl50.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: ca33434aee7a3d5d2e4a269eb32ab6e1b5ce8fd727a20be25f725ea9afc1e0b6

Request headers

Accept: */*
Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:58:53 GMT
via: 1.1 bc66fd12bea603144bf0b6c1578cb3e0.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: TXL50-P4
age: 7
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 17
x-amz-cf-id: 3C8_JJoVpX_660GCt09H8CUDEaLLXJgHQBZEk-oY5-wfZDcFZHOMfw==
expires: -1

GET
H3 200 bridge3.544.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3BC9 690 KB
221 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://star.setn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 173659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226556
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 09:44:42 GMT
expires: Sat, 11 Nov 2023 09:44:42 GMT
last-modified: Thu, 10 Nov 2022 19:42:54 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 278ms
278ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=ad.request&aui=22967&aup=breaktime_adx_5&auo=7&aut=google&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=1178888747729316.5
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=star.setn.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3BC9 85 KB
17 KB 691ms
691ms XHR
text/xml 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Fbreaktime_adx_5_tw_starsetn_desktop_1651116764.221921&description_url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2364356631851059&vpa=auto&sdkv=h.3.544.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3697049710&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.544.0&sid=690B0469-2576-45E0-B6BC-6C54D6F4E056&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&dt=1668333542068&cookie=ID%3D64f264759eb0c061-228fdbe07ace00b8%3AT%3D1668333535%3AS%3DALNI_Mbd21j9x1kEz9nWw0DWMhNgblfPSQ&gpic=UID%3D00000b809f7813dd%3AT%3D1668333535%3ART%3D1668333535%3AS%3DALNI_MZvLirpOwQgiP_r1k-Ghx6Ca1gp1g&scor=1771874327447901&ged=ve4_td8_tt3_pd8_la8000_er991.0.1145.300_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4efcc41937759c5509e7e055b4fda820932b4ca0ba09586d0532dc71dc33e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17721
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK checksum Show response
api.dable.io/items/services/star.setn.com/id/1181936/ 102 B
414 B 229ms
228ms Script
text/javascript 3.34.29.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/star.setn.com/id/1181936/checksum?callback=dbljson3

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.34.29.73 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-34-29-73.ap-northeast-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

d83c17e3f17c3320040e26b41d0f8217afda08f957d4a54d63dd7563f4e33e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
etag: W/"66-Kq6YTTCu7A96DFbIOUUhLLH3Uq0"
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 3
Connection: keep-alive
Content-Length: 113

GET
H/1.1 200
OK update Show response
api.dable.io/items/services/star.setn.com/id/1181936/ 65 B
336 B 232ms
230ms Script
text/javascript 3.34.29.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/star.setn.com/id/1181936/update?title=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&image_url=https%3A%2F%2Fattach.setn.com%2Fnewsimages%2F2022%2F09%2F22%2F3836405-PH.jpg&price=&author=%E4%B8%89%E7%AB%8B%E6%96%B0%E8%81%9E%E7%B6%B2&currency=&sale_price=&sale_currency=&category1=%E5%A8%9B%E6%A8%82&category2=&category3=&custom1=&custom2=&custom3=&custom4=&custom5=&published_time=2022-09-22T22%3A35%3A00Z&url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&description=%E5%90%8D%E5%98%B4%E3%80%81%E8%B3%87%E6%B7%B1%E5%AA%92%E9%AB%94%E4%BA%BA%E5%91%A8%E7%8E%89%E8%94%BB%EF%BC%8C%E8%BF%91%E6%97%A5%E7%A0%B2%E7%81%AB%E7%8C%9B%E6%94%BB%E5%8F%B0%E5%8C%97%E5%B8%82%E9%95%B7%E5%80%99%E9%81%B8%E4%BA%BA%E8%94%A3%E8%90%AC%E5%AE%89%EF%BC%8C%E5%9C%A8%E7%AF%80%E7%9B%AE%E4%B8%AD%E6%8C%87%E5%87%BA%E8%94%A3%E8%90%AC%E5%AE%89%E7%88%B6%E8%A6%AA%E8%94%A3%E5%AD%9D%E5%9A%B4%EF%BC%8C%E5%BE%9E%E7%AB%A0%E6%94%B9%E5%A7%93%E8%94%A3%E7%9A%84DNA%E8%AD%89%E6%93%9A%E6%98%AF%E4%B8%96%E7%B4%80%E9%A8%99%E5%B1%80%EF%BC%8C%E9%82%84%E5%8A%A0%E7%A2%BC%E7%88%86%E5%87%BA%E7%95%B6%E5%B9%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%85%A7%E5%B9%95%EF%BC%8C%E4%BB%8A%EF%BC%8822%EF%BC%89%E6%97%A5%E6%99%9A%E9%96%93%E6%9B%B4%E5%85%AC%E9%96%8B%E4%BA%8B%E4%BB%B6%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%9A%84%E7%9C%9F%E5%AF%A6%E8%BA%AB%E5%88%86%E3%80%81&body_length=461&callback=dbljson4

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.34.29.73 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-34-29-73.ap-northeast-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

2a03fb4b5919e5b637568d74b2ae96d11a22a0ccaa32ece91c1337f269677099

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 4
Connection: keep-alive
Content-Length: 78

GET
H2 200 LOGO2.png
s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/ Frame 321A 8 KB
8 KB 27ms
18ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/LOGO2.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a2229c24af2943e070824e62ee4797532359978c36e319affb023727ef261886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
last-modified: Mon, 07 Nov 2022 10:59:47 GMT
server: nginx
x-amz-request-id: tx000001cae0a8fd9b71cb1-00637051f9-329354d9-default
etag: "c31ed0bbb7517eb550c72a40bcc367dc"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7705

GET
H2 200 cta2.png
s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/ Frame 321A 4 KB
5 KB 28ms
19ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/cta2.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e2d073fec2f5be90e60578570fac7de6364dc9f831d35abcac1b740088389d23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
last-modified: Mon, 07 Nov 2022 10:59:47 GMT
server: nginx
x-amz-request-id: tx000006ccfbc6bc179316d-0063705db8-329373d4-default
etag: "8193ac506f0d7b8117d379defb74c5a1"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4362

GET
H2 200 cta1.png
s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/ Frame 321A 5 KB
6 KB 29ms
21ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/cta1.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: db2442f1518fb962a7444adbd39296f84092fffb1e91447971a750720cd0857e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
last-modified: Mon, 07 Nov 2022 10:59:47 GMT
server: nginx
x-amz-request-id: tx00000213e986a2416f209-00637051f9-3293868f-default
etag: "bbaaacf2124353fc33f6de72fa520760"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5469

GET
H2 200 Price.png
s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/ Frame 321A 2 KB
3 KB 31ms
23ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/Price.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 64f25b1d8fe84f944df73cedb9825e06ae53e2bb9f662dc67ea405393f0c2d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
last-modified: Mon, 07 Nov 2022 10:59:47 GMT
server: nginx
x-amz-request-id: tx00000f784d12d83728fad-0063705db8-329354d9-default
etag: "2e0a5e77ea8a0620a862fb4efc41eaf1"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2500

GET
H2 200 MEGADEAL.png
s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/ Frame 321A 15 KB
15 KB 32ms
25ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/MEGADEAL.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d89cf7d2f9f6b01a67583497b14bd26f4715093a8da2f0d6cf45d59ebd189a9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
last-modified: Mon, 07 Nov 2022 10:59:47 GMT
server: nginx
x-amz-request-id: tx00000d30e425e4e18f3cb-0063705db8-32941e2b-default
etag: "52a815a050a27f1e4311c8bab07773a4"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15490

GET
H2 200 textsmall.png
s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/ Frame 321A 38 KB
39 KB 33ms
27ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/textsmall.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e804fc1f825696a3e8c33c5118ae6c0310d5c22efb95c464d8c8b18f1167ae82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
last-modified: Mon, 07 Nov 2022 10:59:47 GMT
server: nginx
x-amz-request-id: tx00000147baab03417ff2e-00637051f9-3293868f-default
etag: "31942b1401371fa8b4bade6a8fcd8b56"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 39176

GET
H2 200 PIC.jpg
s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/ Frame 321A 37 KB
37 KB 35ms
29ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/PIC.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b92560850edbb4f572032502694d83349c15bfca7e0887aa30b7f3f313a841b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
last-modified: Mon, 07 Nov 2022 10:59:47 GMT
server: nginx
x-amz-request-id: tx00000ef61083e5948253e-0063705db8-329354d9-default
etag: "c17d0d45230266e7d14ee497d145f181"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 37553

GET
H2 200 LOGO1.png
s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/ Frame 321A 11 KB
11 KB 38ms
34ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/LOGO1.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 16f8c930cda82b6e19b5049862a1c8d7f8d0fbd69ed5dc7c0d7959fc978bf242

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
last-modified: Mon, 07 Nov 2022 10:59:47 GMT
server: nginx
x-amz-request-id: tx00000dca7aafa14f90ebc-0063705db8-32941e2b-default
etag: "2c89f4ef79b87c892bc42ad1f52ded10"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11174

GET
H2 200 BG.png
s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/ Frame 321A 21 KB
21 KB 40ms
36ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11970852/bvpath_258/BG.png
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: af2ee81b605fb1101c66d6897f1fdb859946c030e84f264814cee01f7a1910c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:02 GMT
last-modified: Mon, 07 Nov 2022 10:59:47 GMT
server: nginx
x-amz-request-id: tx0000063073249ced1d390-00637051fb-329354d9-default
etag: "b6860dfd31e513913f93a4af1e1428a1"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21330

GET
H3 200 videoplayback Show response
rr2---sn-4g5edndy.googlevideo.com/ Frame C662 448 KB
448 KB 11ms
9ms Fetch
video/webm 2a00:1450:4001:25::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edndy.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=yt_live_broadcast&requiressl=yes&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhANRxIQXCxTtsQw-f9ezyYKghESRsyRyZoGHX8znk6452AiEA32o5PrmGz1b2LkEfxsGY7YzFDxNIZnsXxl4hlva2OPk%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-n02xgoxufvg3-2gbz7k&cms_redirect=yes&cmsv=e&mh=WX&mm=29&mn=sn-4g5edndy&ms=rdu&mt=1668333446&mv=m&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgYSnWhczft73-4Y8UuW6gDBUvdDTp7I3xoxHchOimksgCIQDewiaJKQH6Y2B-eVvAw4EfVvwjp1yl7BwpMSzZarXSMA%3D%3D&sq=3193&rn=9&rbuf=11747&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:25::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9771aaa71702026448bf632a150d07ef2eaf17c537fe8763ad854f13abe1706c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
x-sequence-num: 3193
date: Sun, 13 Nov 2022 09:59:02 GMT
x-content-type-options: nosniff
x-segment-lmt: 1668317572032783
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 2740336
x-walltime-ms: 1668333542520
x-head-time-millis: 15970006
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 459118
x-bandwidth-est-comp: 2740336
last-modified: Sun, 13 Nov 2022 05:32:52 GMT
x-bandwidth-app-limited: false
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 15970
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
x-bandwidth-est3: 2468337
access-control-allow-credentials: true
x-head-seqnum: 3194
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-bandwidth-est-app-limited: false
expires: Sun, 13 Nov 2022 09:59:02 GMT

GET
H3 200 videoplayback Show response
rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/ Frame C662 80 KB
80 KB 19ms
16ms Fetch
audio/mp4 2a01:28:cb6:4::12
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=WX&mm=44%2C29&mn=sn-n02xgoxufvg3-2gbz%2Csn-4g5e6nsy&ms=lva%2Crdu&mv=u&mvi=7&pl=48&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&mt=1668332466&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgbrMuplEXZljDkKKuN4VWOPg8OsedV3M1E3AJV7TM6U8CIGO3c6AeOwP2GFszb8-B9EKmYstd3Lz_Nqv-9jwasGCL&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAPNAxASe712jqDyaYQpV7AhjkT3qzWXRaQTkqClblytOAiAkWrF3GwJatgmPqRFFQs2t56eP3F5aucrTVSRjDnlrtQ%3D%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&sq=3193&rn=10&rbuf=11758&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a01:28:cb6:4::12 Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

63c63750f6bafa136e5cb4de9a9191552cff5ad5d766ff8ee835387fa5a98446

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
x-sequence-num: 3193
date: Sun, 13 Nov 2022 09:59:02 GMT
x-content-type-options: nosniff
x-segment-lmt: 1668317572032778
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 2647601
x-walltime-ms: 1668333542527
x-head-time-millis: 15965001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81959
x-bandwidth-est-comp: 2647601
last-modified: Sun, 13 Nov 2022 05:32:52 GMT
x-bandwidth-app-limited: false
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 15965
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
x-bandwidth-est3: 985189
access-control-allow-credentials: true
x-head-seqnum: 3193
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-bandwidth-est-app-limited: false
expires: Sun, 13 Nov 2022 09:59:02 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3BC9 0
327 B 317ms
128ms Ping
image/gif 2a00:1450:4028:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~laf6prp8&c=8023334879299&slotId=4011667439649.5&qqid=CKOJlOHyqvsCFcV80wod1doAuA&gqid=5r9wY7HsBM_AzQbSpYnoBg&fb=ima_html5-lima&sdkv=h.3.544.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44748969%2C44765701&met.4=ghmsh_s.laf6psav~ghmsh_s.laf6psax&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=o8gMltJTAcQWCJCc
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4028:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3BC9 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 3BC9 453 B
478 B 8ms
7ms Image
image/png 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-5014624497146514

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:12:32 GMT
x-content-type-options: nosniff
age: 2790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Nov 2022 10:02:32 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3BC9 42 B
64 B 46ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUpnI5r9wY6P-BsX5zQbVtYPAC9CE_phtl5TFpd0QsJAfEAEg0LHcZWCVuq2CtAegAdHQ0MkCyAEFqQJAMbvREFyxPuACAKgDAZgEAKoEtwJP0BFpiMpUdt5OFcCfxV9t7dKHkeauWS9eyCn4PfsopMfWBgA6KRC8OZ41bx69aCrc5tAQIL5Stn3_4Xv0uF0KRQz9XaPZkJrggX9p5kp1GzVziaCsYxgPi-dztB9DShBJOJDsX9Jq1KgvwzfsJAUdvImjbhmvZhX7Y_YrUwLRQEeaSOqo_vUK6H8k2FDpF-BRyv1c4Kl-ljBzrpJc9G20ExMCLf9tiUl_j6WUShNntP4b26g0DD8kYqM-5eTuBIZAiAy2-PPLUySjlGugip3UHAcm_O2RaatW7tHQWUhZQQXmU6ovgQHz48ZFxL6iwrwQ9Pz9vuG_bPMiWHXc2WqT5XxatqdaCjzcuq1JH-y-etA8YfgP-m3Jol4zwC8DBdd8Rpc1E_Io13wyM55ObQYo3o2H4_KwNMAEqZ_z5J4E4AQBiAXn6f-ARZIFCAgDEAEYAVABoAZUgAeXr6-2AagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBAmgk9aHR0cHM6Ly93d3cuaHl1bmRhaS5kZS9rYW1wYWduZS9sZXQtaHl1bmRhaS1wb3dlci15b3VyLXdvcmxkL7EJyzfn2KQGiPOACgPICwHQCw_gCwG4DAGaDQEPsBPtlekQ2BMC2BQB0BUBqBYB-BYBgBcB&sigh=45hPQ69J4Vg&label=show_ad&sdkv=h.3.544.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NDc5OTAzODk5OTIMNjI2NDUxNjc0NzYwQLwFUiMQDyUAAHBCKAE6CzRkb0FRZ2JfYnVBQglnb29nbGVhZHNQABgB

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 3BC9 0
0 47ms
46ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C0C155r9wY6P-BsX5zQbVtYPAC9CE_phtl5TFpd0QsJAfEAEg0LHcZWCVuq2CtAegAdHQ0MkCyAEFqQJAMbvREFyxPuACAKgDAZgEAKoEuAJP0BFpiMpUdt5OFcCfxV9t7dKHkeauWS9eyCn4PfsopMfWBgA6KRC8OZ41bx69aCrc5tAQIL5Stn3_4Xv0uF0KRQz9XaPZkJrggX9p5kp1GzVziaCsYxgPi-dztB9DShBJOJDsX9Jq1Kgv4zd--r8ZeEt0xVc2sVJ_8sf3YjvXRkGZRO8NzUA54H8Y1yDpZc5RysR44Kk9lDBz_Zpc9CO8DhOnJAoufEJ3DlWVt9FitnLPLquyVLWnaC--ZRHtDoVAiPm1DfDLU9GiYWigiGjX6QQk_BiSo69XPBzWSJquRh6kqKck0wvTF8oG7aq4eFkiRAfUZNi94sZ1UzRhUIOnMuXKj5ypUF66CrDXTtCdgvijX8xlLW1CC3YRwCQQg4ZAZW8_MfIkw_sMB_SZZyQo0JtsuZDWhHHABKmf8-SeBOAEAZIFCAgbEAEYAVABkgUNCCIQARgBSKTtzQFQAaAGVIAHl6-vtgGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFELuFvgGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbAT7ZXpEMITBhjR0NDJAsgT6oic4QPYEwLYFAHQFQGoFgGAFwGyFx4KHAgAEhRwdWItNzk2ODE0NjUyNTU5Nzk3NhjIv3A&sigh=b8yAc58K7nY&cmd=Ch1jYS12aWRlby1wdWItNzk2ODE0NjUyNTU5Nzk3NhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDq26N90g-hdaW7wgsYgkegAUvZzcmN0ftCV-9Kd_pMSIhLPf7D1wx8ymPE57BTNJrA6YklDM_plZ0vGAEgEw&vt=10&sdkv=h.3.544.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NDc5OTAzODk5OTIMNjI2NDUxNjc0NzYwQLwFUiMQDyUAAHBCKAE6CzRkb0FRZ2JfYnVBQglnb29nbGVhZHNQABgB
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 277ms
129ms Ping
image/gif 2a00:1450:4028:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~laf6po5k&c=8023334879299&slotId=4011667439649.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4028:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BC9 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.544.0&e=44748969%2C44765701&id=ima_html5&c=688084558607989&domain=star.setn.com

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 videoplayback
rr2---sn-n02xgoxufvg3-2gbs.googlevideo.com/ 800 KB
0 93ms
14ms Media
video/mp4 2a01:28:cb6:3::d
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-n02xgoxufvg3-2gbs.googlevideo.com/videoplayback?expire=1668362342&ei=5r9wY7rqKtG3mLAP1a-DeA&ip=2a02:6ea0:c71b:0:1012:f2c1:8cef:d889&id=e1da004206ff6ee0&itag=22&source=youtube&requiressl=yes&mh=rL&mm=31&mn=sn-n02xgoxufvg3-2gbs&ms=au&mv=m&mvi=2&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=60.046&lmt=1665318535035317&mt=1668333231&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgTZh8TzmEV-oEK6gFntUOJli1ILjurRNTEJT5YAuMQ9gCIGxiKQf46Bqv_Zx-aU_ChmqM7eb1dgFHAN3BDaQRKsbn&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJRn3DI7j4yZ8eGhFOHfQVvWcxmmX8CPSv45oadg1a30AiEArJGnQB6Tw3nk4WP6lckPQeYchfJlkG1l1d8PkEwNSkc=&cpn=o8gMltJTAcQWCJCc

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a01:28:cb6:3::d Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://star.setn.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

client-protocol: quic
date: Sun, 13 Nov 2022 09:59:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 09 Oct 2022 12:28:55 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-4891504/4891505
cache-control: private, max-age=28500
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4891505
expires: Sun, 13 Nov 2022 09:59:02 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3BC9 42 B
64 B 46ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUpnI5r9wY6P-BsX5zQbVtYPAC9CE_phtl5TFpd0QsJAfEAEg0LHcZWCVuq2CtAegAdHQ0MkCyAEFqQJAMbvREFyxPuACAKgDAZgEAKoEtwJP0BFpiMpUdt5OFcCfxV9t7dKHkeauWS9eyCn4PfsopMfWBgA6KRC8OZ41bx69aCrc5tAQIL5Stn3_4Xv0uF0KRQz9XaPZkJrggX9p5kp1GzVziaCsYxgPi-dztB9DShBJOJDsX9Jq1KgvwzfsJAUdvImjbhmvZhX7Y_YrUwLRQEeaSOqo_vUK6H8k2FDpF-BRyv1c4Kl-ljBzrpJc9G20ExMCLf9tiUl_j6WUShNntP4b26g0DD8kYqM-5eTuBIZAiAy2-PPLUySjlGugip3UHAcm_O2RaatW7tHQWUhZQQXmU6ovgQHz48ZFxL6iwrwQ9Pz9vuG_bPMiWHXc2WqT5XxatqdaCjzcuq1JH-y-etA8YfgP-m3Jol4zwC8DBdd8Rpc1E_Io13wyM55ObQYo3o2H4_KwNMAEqZ_z5J4E4AQBiAXn6f-ARZIFCAgDEAEYAVABoAZUgAeXr6-2AagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBAmgk9aHR0cHM6Ly93d3cuaHl1bmRhaS5kZS9rYW1wYWduZS9sZXQtaHl1bmRhaS1wb3dlci15b3VyLXdvcmxkL7EJyzfn2KQGiPOACgPICwHQCw_gCwG4DAGaDQEPsBPtlekQ2BMC2BQB0BUBqBYB-BYBgBcB&sigh=45hPQ69J4Vg&label=video_ad_loaded&sdkv=h.3.544.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NDc5OTAzODk5OTIMNjI2NDUxNjc0NzYwQLwFUiMQDyUAAHBCKAE6CzRkb0FRZ2JfYnVBQglnb29nbGVhZHNQABgB

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 3BC9 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 19:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:01:03 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 3BC9 0
0 53ms
52ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C0C155r9wY6P-BsX5zQbVtYPAC9CE_phtl5TFpd0QsJAfEAEg0LHcZWCVuq2CtAegAdHQ0MkCyAEFqQJAMbvREFyxPuACAKgDAZgEAKoEuAJP0BFpiMpUdt5OFcCfxV9t7dKHkeauWS9eyCn4PfsopMfWBgA6KRC8OZ41bx69aCrc5tAQIL5Stn3_4Xv0uF0KRQz9XaPZkJrggX9p5kp1GzVziaCsYxgPi-dztB9DShBJOJDsX9Jq1Kgv4zd--r8ZeEt0xVc2sVJ_8sf3YjvXRkGZRO8NzUA54H8Y1yDpZc5RysR44Kk9lDBz_Zpc9CO8DhOnJAoufEJ3DlWVt9FitnLPLquyVLWnaC--ZRHtDoVAiPm1DfDLU9GiYWigiGjX6QQk_BiSo69XPBzWSJquRh6kqKck0wvTF8oG7aq4eFkiRAfUZNi94sZ1UzRhUIOnMuXKj5ypUF66CrDXTtCdgvijX8xlLW1CC3YRwCQQg4ZAZW8_MfIkw_sMB_SZZyQo0JtsuZDWhHHABKmf8-SeBOAEAZIFCAgbEAEYAVABkgUNCCIQARgBSKTtzQFQAaAGVIAHl6-vtgGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFELuFvgGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbAT7ZXpEMITBhjR0NDJAsgT6oic4QPYEwLYFAHQFQGoFgGAFwGyFx4KHAgAEhRwdWItNzk2ODE0NjUyNTU5Nzk3NhjIv3A&sigh=b8yAc58K7nY&cmd=Ch1jYS12aWRlby1wdWItNzk2ODE0NjUyNTU5Nzk3NhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDq26N90g-hdaW7wgsYgkegAUvZzcmN0ftCV-9Kd_pMSIhLPf7D1wx8ymPE57BTNJrA6YklDM_plZ0vGAEgEw&sdkv=h.3.544.0
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 B28404655.348257247;dc_trk_aid=539708479;dc_trk_cid=176853064;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI5-n_gEWoAuKd0AKwAuqInOEDQDsQs6iSAbngZfZnGc6Lb6fCvC9pEks=;ord=47363...
ad.doubleclick.net/ddm/trackimp/N822516.3772727IWEVIDEO/ Frame 3BC9 42 B
533 B 87ms
30ms Image
image/gif 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N822516.3772727IWEVIDEO/B28404655.348257247;dc_trk_aid=539708479;dc_trk_cid=176853064;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI5-n_gEWoAuKd0AKwAuqInOEDQDsQs6iSAbngZfZnGc6Lb6fCvC9pEks=;ord=473630280;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=14293318310838743836;dc_av=520;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?gclid=EAIaIQobChMIo4mU4fKq-wIVxXzTCh3V2gC4EAEYASAAEgI52PD_BwE

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3BC9 42 B
64 B 49ms
46ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cvg9v5r9wY6P-BsX5zQbVtYPAC9CE_phtl5TFpd0QsJAfEAEg0LHcZWCVuq2CtAegAdHQ0MkCyAEFqQJAMbvREFyxPuACAKgDAZgEAKoEtAJP0BFpiMpUdt5OFcCfxV9t7dKHkeauWS9eyCn4PfsopMfWBgA6KRC8OZ41bx69aCrc5tAQIL5Stn3_4Xv0uF0KRQz9XaPZkJrggX9p5kp1GzVziaCsYxgPi-dztB9DShBJOJDsX9Jq1KgvwzfsJAUdvImjbhmvZhX7Y_YrUwLRQEeaSOqo_vUK6H8k2FDpF-BRyv1c4Kl-ljBzrpJc9G20ExMCLf9tiUl_j6WUShNntP4b26g0DD8kYqM-5eTuBIZAiAy2-PPLUySjlGugip3UHAcm_O2RaatW7tHQWUhZQQXmU6ovgQHz48ZFxL6iwrwQ9Pz9vuG_bPN6WZeI0xBN1e6rJGwEvvfvaF4H-B_x80Vc6EVT2GdqqHcrXuvoSzCtlr8bC22FWhy7hGFmQR7beV7ZV8AEqZ_z5J4E4AQBiAXn6f-ARaAGVIAHl6-vtgGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbAT7ZXpENgTAtgUAdAVAagWAfgWAYAXAQ&sigh=xoC6vjl1vTs&cmd=Ch1jYS12aWRlby1wdWItNzk2ODE0NjUyNTU5Nzk3NhAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D60000%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D880%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D586567152%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668333537418%26ptlt%3D1668333543064%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1668333542858&sdkv=h.3.544.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NDc5OTAzODk5OTIMNjI2NDUxNjc0NzYwQLwFUiYQDyUAAHBCKAE6CzRkb0FRZ2JfYnVBQglnb29nbGVhZHNIzQFQABgB

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3BC9 42 B
64 B 47ms
44ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvP32R5BMRjhnvauY9D8iATHXLluc-QXk9WbuI6rJZ6ViptzXsv9OICLWIP1B09wYhspbcwHD4PBEUUcfLNH1r24DlAMvu0fgvG-aoQqykmlb7svlTc2GPg_PLR56gv9VUqFKRfgQ&sai=AMfl-YRVrRkGU6f005Pu59kKKSgdyLKfMfUIzscdit_m3X4vr7HK31KOQqG44cGS2GAQJV6qDQXMRt7yMMYNA4UqErSupax7looorh9rVY6AtrYDQVzeZ3LdSJOpOHNQaA&sig=Cg0ArKJSzNns9Xru-Sl9EAE&cid=CAQSOwDq26N90g-hdaW7wgsYgkegAUvZzcmN0ftCV-9Kd_pMSIhLPf7D1wx8ymPE57BTNJrA6YklDM_plZ0vGAEgEw&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D60000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D880%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D586567152%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668333537418%26ptlt%3D1668333543066%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1668333542858&avm=1

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview_ext
pagead2.googlesyndication.com/ Frame 3BC9 42 B
64 B 19ms
16ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=14293318310838743836&acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D60000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D880%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D586567152%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668333537418%26ptlt%3D1668333543066%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1668333542858?

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=14293318310838743836;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0...
ade.googlesyndication.com/ddm/activity_ext/ Frame 3BC9 42 B
494 B 83ms
52ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=14293318310838743836;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D60000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D880%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D586567152%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668333537418%26ptlt%3D1668333543066%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1668333542858?

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3BC9 42 B
64 B 51ms
48ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cvg9v5r9wY6P-BsX5zQbVtYPAC9CE_phtl5TFpd0QsJAfEAEg0LHcZWCVuq2CtAegAdHQ0MkCyAEFqQJAMbvREFyxPuACAKgDAZgEAKoEtAJP0BFpiMpUdt5OFcCfxV9t7dKHkeauWS9eyCn4PfsopMfWBgA6KRC8OZ41bx69aCrc5tAQIL5Stn3_4Xv0uF0KRQz9XaPZkJrggX9p5kp1GzVziaCsYxgPi-dztB9DShBJOJDsX9Jq1KgvwzfsJAUdvImjbhmvZhX7Y_YrUwLRQEeaSOqo_vUK6H8k2FDpF-BRyv1c4Kl-ljBzrpJc9G20ExMCLf9tiUl_j6WUShNntP4b26g0DD8kYqM-5eTuBIZAiAy2-PPLUySjlGugip3UHAcm_O2RaatW7tHQWUhZQQXmU6ovgQHz48ZFxL6iwrwQ9Pz9vuG_bPN6WZeI0xBN1e6rJGwEvvfvaF4H-B_x80Vc6EVT2GdqqHcrXuvoSzCtlr8bC22FWhy7hGFmQR7beV7ZV8AEqZ_z5J4E4AQBiAXn6f-ARaAGVIAHl6-vtgGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbAT7ZXpENgTAtgUAdAVAagWAfgWAYAXAQ&sigh=xoC6vjl1vTs&cmd=Ch1jYS12aWRlby1wdWItNzk2ODE0NjUyNTU5Nzk3NhAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D60000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D880%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D586567152%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668333537418%26ptlt%3D1668333543067%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1668333542858&sdkv=h.3.544.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NDc5OTAzODk5OTIMNjI2NDUxNjc0NzYwQLwFUiYQDyUAAHBCKAE6CzRkb0FRZ2JfYnVBQglnb29nbGVhZHNIzQFQABgB

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=14293318310838743836;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 3BC9 42 B
107 B 84ms
53ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=14293318310838743836;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D60000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D880%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D586567152%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668333537418%26ptlt%3D1668333543067%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1668333542858?

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BC9 0
20 B 45ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.544.0&e=44748969%2C44765701&id=ima_html5&c=688084558607989&domain=star.setn.com

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3BC9 42 B
64 B 50ms
47ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cvg9v5r9wY6P-BsX5zQbVtYPAC9CE_phtl5TFpd0QsJAfEAEg0LHcZWCVuq2CtAegAdHQ0MkCyAEFqQJAMbvREFyxPuACAKgDAZgEAKoEtAJP0BFpiMpUdt5OFcCfxV9t7dKHkeauWS9eyCn4PfsopMfWBgA6KRC8OZ41bx69aCrc5tAQIL5Stn3_4Xv0uF0KRQz9XaPZkJrggX9p5kp1GzVziaCsYxgPi-dztB9DShBJOJDsX9Jq1KgvwzfsJAUdvImjbhmvZhX7Y_YrUwLRQEeaSOqo_vUK6H8k2FDpF-BRyv1c4Kl-ljBzrpJc9G20ExMCLf9tiUl_j6WUShNntP4b26g0DD8kYqM-5eTuBIZAiAy2-PPLUySjlGugip3UHAcm_O2RaatW7tHQWUhZQQXmU6ovgQHz48ZFxL6iwrwQ9Pz9vuG_bPN6WZeI0xBN1e6rJGwEvvfvaF4H-B_x80Vc6EVT2GdqqHcrXuvoSzCtlr8bC22FWhy7hGFmQR7beV7ZV8AEqZ_z5J4E4AQBiAXn6f-ARaAGVIAHl6-vtgGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbAT7ZXpENgTAtgUAdAVAagWAfgWAYAXAQ&sigh=xoC6vjl1vTs&cmd=Ch1jYS12aWRlby1wdWItNzk2ODE0NjUyNTU5Nzk3NhAAGAI&label=admute&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D60000%26vmtime%3D-1%26dvs%3D11%26dfvs%3D11%26dvpt%3D11%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D880%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D586567152%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668333537418%26ptlt%3D1668333543072%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1668333542858&sdkv=h.3.544.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NDc5OTAzODk5OTIMNjI2NDUxNjc0NzYwQLwFUiYQDyUAAHBCKAE6CzRkb0FRZ2JfYnVBQglnb29nbGVhZHNIzQFQABgB

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=14293318310838743836;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3...
ade.googlesyndication.com/ddm/activity_ext/ Frame 3BC9 42 B
107 B 83ms
53ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=14293318310838743836;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D60000%26vmtime%3D-1%26dvs%3D11%26dfvs%3D11%26dvpt%3D11%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D880%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D586567152%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668333537418%26ptlt%3D1668333543072%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1668333542858?

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 277ms
276ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=ad.start&aui=22967&aup=breaktime_adx_5&auo=7&aut=google&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=5885531291300594
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:03 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 8A96 23 KB
9 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 325353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 15:36:30 GMT
expires: Thu, 09 Nov 2023 15:36:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A96 36 KB
16 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 00:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 00:44:42 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3BC9 0
54 B 126ms
125ms Ping
image/gif 2a00:1450:4028:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~laf6psc8&c=8023334879299&slotId=4011667439649.5&qqid=CKOJlOHyqvsCFcV80wod1doAuA&gqid=5r9wY7HsBM_AzQbSpYnoBg&fb=ima_html5-lima&sdkv=h.3.544.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.laf6pscb~vss_tr.pt~ff.laf6psik
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4028:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A96 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.544.0&bgai=Be7hk5r9wY6P-BsX5zQbVtYPACwAAAAA4AboFEwix95Hh8qr7AhVPYNMKHdJSAm0&bg=!u7iluPzNAAbvMpMzzzI7ACkAdvg8WkNafZ1hygER5awW32xfHbsljRJ108yMAcjkqqKoeG-NH1082wIAAABYUgAAAAJoAQcKAS32rEOHrrDMhhymupXygLSGncGpnUkUccX8dqecjG20hinSj-sYx-cgve0i1wFlH47NuexmGajLaXXIjfKMh_5vC-7ziCbzpLeNbWzoQOll-z3-V_RscY9SLs-tkJ1TPEeCo6U7anomFm22TzRMuha1RgplbcnV0mBbhBOAp0Mq1IVwQH1rkhxcmWt_xSYiDrPQM_XFOzWkPygUN9422ZXIatM4FmEQFbVaIgkGz1gBW6iTcw71r74jAZt7VQMBtezgpWoH3EGq9OfhBczIyKdtBwBIkFXnlb8trf0SI6uLYGzJI6NKHinV3HXtpX_b8BtsMjEGbhv7jZ5et-S1llgzRMBAq9GJBv4rIlyeZy_EmxVTa6-53Jkl-UmgQB3B5DvV323x16bKMeySt7O6mQJIhNRsMfz6QHvWtCrU2DgbDNAxvH1Sw9NO59jlpqzZy9XFfrDTHJaEQwCnT-zx5H_wqHyc5LZkSBi7R70G7lERjQ-BYAE8STM2vW-KRdSJWQpGqGfgwE5gS_BIUJOXvvvOs_J3cVu-_OFlGFSSwC2HXPvZF86ubTH_Zxp0FIUC1CgIw5Hqc2uRurbqzlCIai0RcF4vC5Obvj2PZEyw9KIvLlRlhWECTY5JuklulGSOWJIAuJWASkx6iDShmkGrkv9v-P4a1RToDnRJqybdObUQ4peM7aC0CVWNcdkuQ09cNsqFjSYwbc-y_NYkejEWKErM8IiB462KlV7hRH1lbxwUmwt5gM3Kg8UeMFV07DFLDhOEMG9DSKzBs4A-dh2EJLeIJS2yJhGsFIlTYPXL1m8xUznHYhxO8WykCFHarKBj04TuhJomQMsWkXiUqcSMIvRy_Nsu1ch7SqI-NnbjvWdRvIbiBdHlZsm8bqOSMsJt7RurDAkcWpABPR0booZXLfPixi70dYkkZM3uO9YfsMiYWz_8dCPzh2YfmxV7_zPnMxgT9LdaOyas6KzjS9qBbSb59ENINu_SqovbO4YqDZrSJ8cIFYbDEysX30Ucmq7wofDbc2nbN_6eO5IOzuzNMzjxewO3wLqbKBxYeAvelzy__KcLqYHB32xY52S5_NPzP6PwUcrG-rRWfXL4Jh6wT91F6naNAa15M-k7lgFBtR5GVmeXxowXW8x31veDZ1UaEepqZMr0pqt_VvT1B_Qg58MxZ27X7RQfHNI

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 playback
s.youtube.com/api/stats/ Frame 3BC9 0
0 95ms
28ms Image
text/html 2a00:1450:400c:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44748969%2C44765701&el=adunit&cpn=o8gMltJTAcQWCJCc&docid=4doAQgb_buA&visitordata=CgtCeXR0bEFFRWl0RQ%253D%253D&ver=2&cmt=0.209&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fstar.setn.com%2F&len=60.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=107.0.5304.110&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::71 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame C662 0
22 B 20ms
19ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=GtbrCDB2vZGbVKBV&ver=2&cmt=15954.683&fmt=244&fs=0&rt=6.98&euri=https%3A%2F%2Fstar.setn.com%2F&lact=7457&live=dvr&cl=486528943&mos=1&volume=100&cbr=Chrome&cbrver=107.0.5304.110&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&delay=5&hl=de_DE&cr=DE&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24230619%2C24255165%2C24288488%2C24292955%2C24293803%2C24406605%2C24407199%2C24408610%2C24413559%2C24416290&afmt=140&lio=1668317565.788&muted=1&docid=NA9Jlcekyik&ei=4L9wY86DLv63x_APgdeRkAc&plid=AAXtVyvT8G98Dour&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FNA9Jlcekyik%3Fwidget_referrer%3Dhttps%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fstar.setn.com%26widgetid%3D1&of=Q-x-uO9svJJGJhdOazSARw&vm=CAEQARgEOjJBUEV3RWxRMVhwUHBKUzNXcUZNa1o5d29Wby1ldmlXc0V2UFpFd1d5WUpUWFZ2bGxVd2JUQVBta0tES1g3eDhCZFA4YzlOYmxwanVaYy1XUjR3bVN3WjhpVjd1VVotUUlXOWlnSVIzQjVyVjFoXzdJOWJQNkdUTkJHNGZRZnZ1YUJJLWtkWUhoaAE

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmM1RmSjBBTEJQWSjf_8KbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668333536119&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C888%2C500&vis=1&wgl=true&ca_type=image&bid=ANyPxKpaJ06RQtHHzIQ7LIz9x6f-zJZVgE5E447DIISEqBl2M7faGXLpdEPjN0X_Qy4HK3hSgX4KLABlTX-DwEJK8Jxmcq5K0Q

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A64B 0
127 B 17ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:59:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame BBA0 15 B
363 B 43ms
42ms XHR
application/json 188.65.124.58
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_vendor.cb0d857b291806973621.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed1.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept: application/json, text/plain, */*
X-Dm-EventBus-Worker-Duration: 0
Referer: https://geo.dailymotion.com/
accept-language: de-DE,de;q=0.9
X-Dm-EventBus-Compression-Duration: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Sun, 13 Nov 2022 09:59:04 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

OPTIONS
H/1.1 200
OK /
pebed.dm-event.net/ Frame 0
0 21ms
21ms Preflight 188.65.124.58
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed1.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Access-Control-Request-Method: POST
Origin: https://geo.dailymotion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 604800
Content-Length: 0
Date: Sun, 13 Nov 2022 09:59:04 GMT
Server: edward-ed/2.2.1

POST
H2 200 /
track.adform.net/serving/unload/ Frame C4BD 35 B
478 B 21ms
21ms Ping
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=7724760076277174534@@59299047,6462448572316214283,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|uklA2jd8zdZcPlakbYq96Ztg9fSIOkEx_wvQH2hSZshpY5UdsEIRc_L_QlhaeLlf0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900021.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900021.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 204 delayplay Show response
www.youtube.com/api/stats/ Frame C662 0
20 B 18ms
17ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/delayplay?ns=yt&el=embedded&cpn=GtbrCDB2vZGbVKBV&ver=2&cmt=15955.44&fmt=244&fs=0&rt=7.738&euri=https%3A%2F%2Fstar.setn.com%2F&lact=8215&live=dvr&cl=486528943&mos=1&volume=100&cbr=Chrome&cbrver=107.0.5304.110&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&delay=5&hl=de_DE&cr=DE&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24230619%2C24255165%2C24288488%2C24292955%2C24293803%2C24406605%2C24407199%2C24408610%2C24413559%2C24416290&afmt=140&lio=1668317565.774&size=888%3A500&inview=0&muted=1&docid=NA9Jlcekyik&ei=4L9wY86DLv63x_APgdeRkAc&plid=AAXtVyvT8G98Dour&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FNA9Jlcekyik%3Fwidget_referrer%3Dhttps%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fstar.setn.com%26widgetid%3D1&of=Q-x-uO9svJJGJhdOazSARw&vm=CAEQARgEOjJBUEV3RWxRMVhwUHBKUzNXcUZNa1o5d29Wby1ldmlXc0V2UFpFd1d5WUpUWFZ2bGxVd2JUQVBta0tES1g3eDhCZFA4YzlOYmxwanVaYy1XUjR3bVN3WjhpVjd1VVotUUlXOWlnSVIzQjVyVjFoXzdJOWJQNkdUTkJHNGZRZnZ1YUJJLWtkWUhoaAE

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmM1RmSjBBTEJQWSjf_8KbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668333536119&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C888%2C500&vis=1&wgl=true&ca_type=image&bid=ANyPxKpaJ06RQtHHzIQ7LIz9x6f-zJZVgE5E447DIISEqBl2M7faGXLpdEPjN0X_Qy4HK3hSgX4KLABlTX-DwEJK8Jxmcq5K0Q

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:04 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/ Frame C662
Redirect Chain

https://www.youtube.com/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20221106&foc_id=IU8ha-NHmLjtUwU7dFiXUA&label=followon_view&ptype=no_rmkt&random=667019442
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20221106&foc_id=IU8ha-NHmLjtUwU7dFiXUA&label=followon_view&ptype=no_rmkt&random=667019442...

0
0

OPTIONS
H3 204 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20221106&foc_id=IU8ha-NHmLjtUwU7dFiXUA&label=followon_view&ptype=no_rmkt&random=667019442&cv_attributed=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-visitor-id,x-youtube-ad-signals,x-youtube-client-name,x-youtube-client-version,x-youtube-time-zone,x-youtube-utc-offset
Access-Control-Request-Method: GET
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-goog-visitor-id,x-youtube-ad-signals,x-youtube-client-name,x-youtube-client-version,x-youtube-time-zone,x-youtube-utc-offset
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 09:59:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 videoplayback Show response
rr2---sn-4g5edndy.googlevideo.com/ Frame C662 482 KB
482 KB 9ms
9ms Fetch
video/webm 2a00:1450:4001:25::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edndy.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=yt_live_broadcast&requiressl=yes&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhANRxIQXCxTtsQw-f9ezyYKghESRsyRyZoGHX8znk6452AiEA32o5PrmGz1b2LkEfxsGY7YzFDxNIZnsXxl4hlva2OPk%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-n02xgoxufvg3-2gbz7k&cms_redirect=yes&cmsv=e&mh=WX&mm=29&mn=sn-4g5edndy&ms=rdu&mt=1668333446&mv=m&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgYSnWhczft73-4Y8UuW6gDBUvdDTp7I3xoxHchOimksgCIQDewiaJKQH6Y2B-eVvAw4EfVvwjp1yl7BwpMSzZarXSMA%3D%3D&sq=3194&rn=11&rbuf=14596&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:25::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d0fbe6623e329db4cee1966e594d8d3a99376956b933f1f47ff603ea6fe1ea83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
x-sequence-num: 3194
date: Sun, 13 Nov 2022 09:59:04 GMT
x-content-type-options: nosniff
x-segment-lmt: 1668317572032803
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 3156401
x-walltime-ms: 1668333544670
x-head-time-millis: 15970006
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 493103
x-bandwidth-est-comp: 3156401
last-modified: Sun, 13 Nov 2022 05:32:52 GMT
x-bandwidth-app-limited: false
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 15970
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21292
x-bandwidth-est3: 2468337
access-control-allow-credentials: true
x-head-seqnum: 3194
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-bandwidth-est-app-limited: false
expires: Sun, 13 Nov 2022 09:59:04 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6A1D 0
127 B 17ms
17ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:59:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 videoplayback Show response
rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/ Frame C662 79 KB
79 KB 322ms
322ms Fetch
audio/mp4 2a01:28:cb6:4::12
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=WX&mm=44%2C29&mn=sn-n02xgoxufvg3-2gbz%2Csn-4g5e6nsy&ms=lva%2Crdu&mv=u&mvi=7&pl=48&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&mt=1668332466&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgbrMuplEXZljDkKKuN4VWOPg8OsedV3M1E3AJV7TM6U8CIGO3c6AeOwP2GFszb8-B9EKmYstd3Lz_Nqv-9jwasGCL&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAPNAxASe712jqDyaYQpV7AhjkT3qzWXRaQTkqClblytOAiAkWrF3GwJatgmPqRFFQs2t56eP3F5aucrTVSRjDnlrtQ%3D%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&sq=3194&rn=12&rbuf=14337&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a01:28:cb6:4::12 Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3376e1d187b260cfd89722ad517a2c9a8f04495b31579fb65049915f51b516d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Sun, 13 Nov 2022 09:59:05 GMT
x-sequence-num: 3194
date: Sun, 13 Nov 2022 09:59:05 GMT
x-content-type-options: nosniff
x-segment-lmt: 1668317572032798
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 2857243
x-walltime-ms: 1668333545193
x-head-time-millis: 15970006
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 2857243
last-modified: Sun, 13 Nov 2022 05:32:52 GMT
x-bandwidth-app-limited: false
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 15970
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21291
x-bandwidth-est3: 985189
access-control-allow-credentials: true
x-head-seqnum: 3194
timing-allow-origin: https://www.youtube.com
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H2 200 111200_140x270.jpg
attach.setn.com/images/ 18 KB
18 KB 37ms
36ms Image
image/jpeg 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attach.setn.com/images/111200_140x270.jpg
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c003e3a7f837e632de8240a229decb256484f990d909f3d0f80f3f146a5b1d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:58:26 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
last-modified: Fri, 28 Oct 2022 03:12:01 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 39
etag: "6ed24b8ffc7be03eb5ce67c89d2cf42d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18506
x-amz-cf-id: QVHfDzeANMJv6jJ3KkFLvPGN1IFD96CKyS_VjjviOSWQxXZU0IM9wQ==

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 33ms
32ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&sid=AaHdyD4OEAHlcKgY&oz_sc=094e6c9e57606cd049bbb53d&oz_df=1668333545047&oz_l=713&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.81.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:59:04 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media1/ 43 B
57 B 278ms
277ms Image
image/gif 35.227.207.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a&ea=ad.viewable&aui=22967&aup=breaktime_adx_5&auo=7&aut=google&pp=315%2C177.1875%2C0%2C990.8125&bp=1600%2C1200&wp=1600%2C8133%2C0%2C0&pgu=https%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249&pgt=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&sid=glia-tw_starsetn_desktop&sk=tw_starsetn_desktop&si=tw_starsetn_desktop&sa=tw_starsetn&pt=DailyMotion&pv=0.3.80&ab=0&ta=0&cb=6333605017275306
Requested by: Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://star.setn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:05 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3BC9 42 B
64 B 50ms
49ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvP32R5BMRjhnvauY9D8iATHXLluc-QXk9WbuI6rJZ6ViptzXsv9OICLWIP1B09wYhspbcwHD4PBEUUcfLNH1r24DlAMvu0fgvG-aoQqykmlb7svlTc2GPg_PLR56gv9VUqFKRfgQ&sai=AMfl-YRVrRkGU6f005Pu59kKKSgdyLKfMfUIzscdit_m3X4vr7HK31KOQqG44cGS2GAQJV6qDQXMRt7yMMYNA4UqErSupax7looorh9rVY6AtrYDQVzeZ3LdSJOpOHNQaA&sig=Cg0ArKJSzNns9Xru-Sl9EAE&cid=CAQSOwDq26N90g-hdaW7wgsYgkegAUvZzcmN0ftCV-9Kd_pMSIhLPf7D1wx8ymPE57BTNJrA6YklDM_plZ0vGAEgEw&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D2035,0,0,0,0%26mtos%3D2035,2035,2035,2035,2035%26amtos%3D0,0,0,0,0%26mcvt%3D2035%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2035%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D618%26pst%3D413%26dur%3D60000%26vmtime%3D1801%26dtos%3D2035%26dtoss%3D1%26dvs%3D2024%26dfvs%3D2024%26dvpt%3D2024%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D880%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D586567152%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1668333537418%26ptlt%3D1668333545097%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2035&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1668333542858

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview_ext
pagead2.googlesyndication.com/ Frame 3BC9 42 B
64 B 16ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&dc_pubid=3&dc_exteid=14293318310838743836&acvw=sv%3D941%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D2035,0,0,0,0%26mtos%3D2035,2035,2035,2035,2035%26amtos%3D0,0,0,0,0%26mcvt%3D2035%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2035%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D618%26pst%3D413%26dur%3D60000%26vmtime%3D1801%26dtos%3D2035%26dtoss%3D1%26dvs%3D2024%26dfvs%3D2024%26dvpt%3D2024%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D880%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D586567152%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1668333537418%26ptlt%3D1668333545097%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2035&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1668333542858?

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pubid=3;dc_exteid=14293318310838743836;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D941%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D2035,0,0,0,0%26mtos%3D2035,2035,2035,2035...
ade.googlesyndication.com/ddm/activity_ext/ Frame 3BC9 42 B
63 B 62ms
46ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=14293318310838743836;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D941%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D991,0,1168,315%26tos%3D2035,0,0,0,0%26mtos%3D2035,2035,2035,2035,2035%26amtos%3D0,0,0,0,0%26mcvt%3D2035%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2035%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D618%26pst%3D413%26dur%3D60000%26vmtime%3D1801%26dtos%3D2035%26dtoss%3D1%26dvs%3D2024%26dfvs%3D2024%26dvpt%3D2024%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D880%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D586567152%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1668333537418%26ptlt%3D1668333545097%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2035;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1668333542858?

Requested by

Host: star.setn.com
URL: https://star.setn.com/news/1181936?from=y&ClickIP=198.59.191.249

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D139 0
127 B 17ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 09:59:05 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame C662 0
22 B 16ms
15ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=244&afmt=140&cpn=GtbrCDB2vZGbVKBV&el=embedded&ns=yt&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24230619%2C24255165%2C24288488%2C24292955%2C24293803%2C24406605%2C24407199%2C24408610%2C24413559%2C24416290&cl=486528943&live=dvr&seq=2&docid=NA9Jlcekyik&ei=4L9wY86DLv63x_APgdeRkAc&event=streamingstats&plid=AAXtVyvT8G98Dour&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FNA9Jlcekyik%3Fwidget_referrer%3Dhttps%253A%252F%252Fstar.setn.com%252Fnews%252F1181936%253Ffrom%253Dy%2526ClickIP%253D198.59.191.249%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fstar.setn.com%26widgetid%3D1&cbr=Chrome&cbrver=107.0.5304.110&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&lra=0.242:20&cat=manifestless,live-segment-5.0&stream=1.414:A&user_intent=0&bh=2.466:4.892,2.467:4.892,8.794:18.477,10.001:17.412&e2el=2.466:23.252,8.794:23.221&cmt=2.467:15950.119,3.240:15950.943,10.001:15957.703&vps=2.467:PL,10.001:PL&bwm=10.001:2920208:3.753&bwe=10.001:932713&bat=10.001:1:1&df=10.001:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmM1RmSjBBTEJQWSjf_8KbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668333536119&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C888%2C500&vis=1&wgl=true&ca_type=image&bid=ANyPxKpaJ06RQtHHzIQ7LIz9x6f-zJZVgE5E447DIISEqBl2M7faGXLpdEPjN0X_Qy4HK3hSgX4KLABlTX-DwEJK8Jxmcq5K0Q

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:06 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 202211130200 Show response
ad.setn.com/api/Tracker/Get/1/22078/ Frame 7BCE 17 B
343 B 30ms
30ms XHR
application/json 18.64.119.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.setn.com/api/Tracker/Get/1/22078/202211130200
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.119.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-119-96.txl50.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 9b479a3d07de2ad89bc0bee8b3660b6bd352e4c9738385aa4d712a7e66dfb5ad

Request headers

Accept: */*
Referer: https://star.setn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 09:59:03 GMT
via: 1.1 bc66fd12bea603144bf0b6c1578cb3e0.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: TXL50-P4
age: 2
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 17
x-amz-cf-id: -qNiDYz-Ys2s3_u1A8SzL6uh_ziNKWF2Z7c0fCikHj_UWRcyVq3ugw==
expires: -1

GET
H3 200 videoplayback Show response
rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/ Frame C662 80 KB
80 KB 309ms
308ms Fetch
audio/mp4 2a01:28:cb6:4::12
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=WX&mm=44%2C29&mn=sn-n02xgoxufvg3-2gbz%2Csn-4g5e6nsy&ms=lva%2Crdu&mv=u&mvi=7&pl=48&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&mt=1668332466&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgbrMuplEXZljDkKKuN4VWOPg8OsedV3M1E3AJV7TM6U8CIGO3c6AeOwP2GFszb8-B9EKmYstd3Lz_Nqv-9jwasGCL&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAPNAxASe712jqDyaYQpV7AhjkT3qzWXRaQTkqClblytOAiAkWrF3GwJatgmPqRFFQs2t56eP3F5aucrTVSRjDnlrtQ%3D%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&sq=3195&rn=13&rbuf=17420&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a01:28:cb6:4::12 Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

24bcae780e492301c67f404efad970477afd44ab5705a797b282e093e76ebae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Sun, 13 Nov 2022 09:59:07 GMT
x-sequence-num: 3195
date: Sun, 13 Nov 2022 09:59:07 GMT
x-content-type-options: nosniff
x-segment-lmt: 1668317572032818
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 2857243
x-walltime-ms: 1668333547096
x-head-time-millis: 15975011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 2857243
last-modified: Sun, 13 Nov 2022 05:32:52 GMT
x-bandwidth-app-limited: false
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 15975
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21289
x-bandwidth-est3: 985189
access-control-allow-credentials: true
x-head-seqnum: 3195
timing-allow-origin: https://www.youtube.com
x-bandwidth-est-app-limited: false
client-protocol: quic

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/ Frame 7984 0
145 B 32ms
32ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.81.0/619621/AaHdyD4OEAHlcKgY/postback?pd=avt&pv=97ee11b2-c92e-471f-987c-15e60ca83978&pp=pub-7415831428202174&c1=12460949&ti=7508491101934025004&sr=4&si=1239870914&cr=11050095&ai=215543&r1=2a02%3A6ea0%3Ac71b%3A%3A&di=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936&ap=&de=43003&ac=1230238&r2=&r3=&ci=619621&dt=6196211556140246740000&ui=d77f3a0a-0000-0000-0000-000000000000&dm=300x250&sid=AaHdyD4OEAHlcKgY&oz_sc=094e6c9e57606cd049bbb53d&oz_df=1668333546886&oz_l=324&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.81.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Nov 2022 09:59:06 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 videoplayback Show response
rr2---sn-4g5edndy.googlevideo.com/ Frame C662 391 KB
391 KB 723ms
723ms Fetch
video/webm 2a00:1450:4001:25::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edndy.googlevideo.com/videoplayback?expire=1668355136&ei=4L9wY86DLv63x_APgdeRkAc&ip=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Af2c1%3A8cef%3Ad889&id=NA9Jlcekyik.1&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=yt_live_broadcast&requiressl=yes&spc=SFxXNuIyrE6IgpPMoCTR6r83LOChrHk&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=ICrXS78sY_JgeKSv2m-Z2QwJ&gir=yes&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=GHTfm7-mhM-D8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhANRxIQXCxTtsQw-f9ezyYKghESRsyRyZoGHX8znk6452AiEA32o5PrmGz1b2LkEfxsGY7YzFDxNIZnsXxl4hlva2OPk%3D&alr=yes&cpn=GtbrCDB2vZGbVKBV&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-n02xgoxufvg3-2gbz7k&cms_redirect=yes&cmsv=e&mh=WX&mm=29&mn=sn-4g5edndy&ms=rdu&mt=1668333446&mv=m&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgYSnWhczft73-4Y8UuW6gDBUvdDTp7I3xoxHchOimksgCIQDewiaJKQH6Y2B-eVvAw4EfVvwjp1yl7BwpMSzZarXSMA%3D%3D&sq=3195&rn=14&rbuf=16885&pot=DzUkI4iJdz86NRwyWWywWQ2MJl46rccueHJlM5Ws3MxWiWF30PvRINtcTYSMKMMmBI1kDI6EiX3365yqqh0doZKkS_MnobhZfZy8gcWWtN5LvO-ZQKfVC4qocOTUwD1MNMYIPMc=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:25::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b2507cdc8624ac0f6aa8365b2b8e502034238ded3eb688347eef4b08024cd297

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Sun, 13 Nov 2022 09:59:07 GMT
x-sequence-num: 3195
date: Sun, 13 Nov 2022 09:59:07 GMT
x-content-type-options: nosniff
x-segment-lmt: 1668317572032823
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 2904187
x-walltime-ms: 1668333547851
x-head-time-millis: 15975011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 2904187
last-modified: Sun, 13 Nov 2022 05:32:52 GMT
x-bandwidth-app-limited: false
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 15975
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21289
x-bandwidth-est3: 2468337
access-control-allow-credentials: true
x-head-seqnum: 3195
timing-allow-origin: https://www.youtube.com
x-bandwidth-est-app-limited: false
client-protocol: quic

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify.alexametrics.com
URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&time=1668333534676&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&random_number=20405123666&sess_cookie=17162bea184706d7dd3313d9738&sess_cookie_flag=1&user_cookie=17162bea184706d7dd3313d9738&user_cookie_flag=1&dynamic=true&domain=setn.com&account=dMuYi1a8Dy00yP&jsv=20130128&user_lang=en-US

Domain: certify.alexametrics.com
URL: https://certify.alexametrics.com/atrk.gif?frame_height=500&frame_width=888&iframe=1&title=2022%E6%A1%83%E5%9C%92%E5%9F%8E%E5%B8%82%E9%9B%BB%E7%AB%B6%E5%98%89%E5%B9%B4%E8%8F%AF-%E7%AC%AC%E4%BA%8C%E5%A4%A9&time=1668333535568&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&host_url=https%3A%2F%2Fstar.setn.com%2Fvod%2Flive%2F22078%3Fpagegroupid%3D8&random_number=630242780&sess_cookie=17162bea184706d7dd3313d9738&sess_cookie_flag=0&user_cookie=17162bea184706d7dd3313d9738&user_cookie_flag=0&dynamic=true&domain=setn.com&account=dMuYi1a8Dy00yP&jsv=20130128&user_lang=en-US

Domain: star.sanlih.com.tw
URL: https://star.sanlih.com.tw/Content/images/imgNewsBg.png

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20221106&foc_id=IU8ha-NHmLjtUwU7dFiXUA&label=followon_view&ptype=no_rmkt&random=667019442&cv_attributed=0

Verdicts & Comments Add Verdict or Comment

261 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
star.setn.com/vod/live	1970-01-20 17:01:33	Name: userKey Value: 52eea2e7-89cd-4de5-9353-401feac64b17
star.setn.com/news	1970-01-20 07:25:35	Name: m_adRecycle Value: 1
star.setn.com/news	1969-12-31 23:59:59	Name: m_adRecycleCount Value: 1
star.setn.com/news	1970-01-20 17:01:33	Name: userKey Value: 52eea2e7-89cd-4de5-9353-401feac64b17
.setn.com/	1970-01-20 07:25:35	Name: __asc Value: 17162bea184706d7dd3313d9738
.setn.com/	1970-01-20 16:12:35	Name: __auc Value: 17162bea184706d7dd3313d9738
.star.setn.com/	1970-01-20 17:01:33	Name: _ga Value: GA1.3.1838979132.1668333535
.star.setn.com/	1970-01-20 07:26:59	Name: _gid Value: GA1.3.18956011.1668333535
.star.setn.com/	1970-01-20 07:25:33	Name: _gat_setn Value: 1
.setn.com/	1970-01-20 16:51:28	Name: _pk_id.6.01c3 Value: 19a8920cf5046ce9.1668333535.
.setn.com/	1970-01-20 07:25:35	Name: _pk_ses.6.01c3 Value: 1
setana.setn.com/	1970-01-20 07:25:33	Name: AWSELB Value: F96999630200DE312731427B5C459E2400C569ABFA5F31B0D7677F6DB142EB98B301BFA274FF9DA77DE3A9E16967D8B2B4E96828D4A70A39AF90A9E87428D700C10749FE4B
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Ps5mIAhTwBw
.youtube.com/	1970-01-20 11:44:45	Name: VISITOR_INFO1_LIVE Value: f3TfJ0ALBPY
.setn.com/	1970-01-20 07:26:59	Name: _gid Value: GA1.2.18956011.1668333535
.setn.com/	1970-01-20 07:25:33	Name: _dc_gtm_UA-117496391-1 Value: 1
.dable.io/	1970-01-20 07:26:24	Name: _skp Value: 1
.dable.io/	1970-01-20 07:43:40	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 07:43:40	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 07:43:40	Name: _nh_ck_match Value: 1
.doubleclick.net/	1970-01-20 16:47:09	Name: IDE Value: AHWqTUmJEdiNCouQc53MQ0K9pxH8G-TtwIRb-1zwYduXvI-I5wgOnsxhPYN3FRLWMXc
.star.setn.com/	1970-01-20 17:01:33	Name: dable_uid Value: 00000000.0000000000000
.setn.com/	1970-01-20 09:35:09	Name: _fbp Value: fb.1.1668333536014.2057579595
star.setn.com/	1970-01-20 07:25:35	Name: gliaplayer_ssid Value: c9565f40-6339-11ed-9c9a-7f3bd0c0ff0a
.setn.com/	1970-01-20 16:11:09	Name: _ss_pp_id Value: 9d644a1bae4cdd602d41668333536071
.spotxchange.com/	1970-01-20 08:05:52	Name: audience Value: c96ab50e-6339-11ed-a6b3-1348667f0506
.toast.com/	1970-01-20 17:01:33	Name: BID Value: W7ACADF5OLKV47CAD9QGAYK5Y
.toast.com/	1970-01-20 11:44:45	Name: txmed_1440080439 Value: 00000000.0000000000000_:_EXP_:_1683885536
.toast.com/	1970-01-20 11:44:45	Name: txsync Value: 1668333536
.setn.com/	1970-01-20 16:47:09	Name: __gpi Value: UID=00000b809f7813dd:T=1668333535:RT=1668333535:S=ALNI_MZvLirpOwQgiP_r1k-Ghx6Ca1gp1g
.setn.com/	1970-01-20 17:01:33	Name: _ga Value: GA1.2.1838979132.1668333535
.star.setn.com/	1970-01-20 08:08:45	Name: _im_vid Value: 01GHR6V1XADS63FMRP01FTV74E
.mathtag.com/	1970-01-20 16:11:09	Name: uuid Value: 1b3e6370-bfe1-4501-a1c5-43d0490ea376
.popin.cc/	1970-01-20 16:11:09	Name: uid Value: 9d644a1bae4cdd602d41668333536071
.admixer.co.kr/	1970-01-20 17:01:33	Name: __auid Value: 54ab7e149015e337727d7271e3a04b29
.admixer.co.kr/	1970-01-20 17:01:33	Name: __puid_120 Value: 00000000.0000000000000
.admixer.co.kr/	1970-01-20 17:01:33	Name: __id_utm Value: 20221113
.admixer.co.kr/	1970-01-20 17:01:33	Name: __id_inf_120 Value: 0_00000000.0000000000000
.setn.com/	1970-01-20 17:01:33	Name: _td Value: 8470fb64-0bb7-4fdd-bd11-cc80143aa261
.ad.daum.net/	1970-01-20 09:35:09	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220221113%22%2C%22u%22%3A%2200000000.0000000000000%22%7D%7D
.in.treasuredata.com/	1970-01-20 17:01:33	Name: _td_global Value: c990724d-2dfc-4c13-90b9-009db80a38bb
.dailymotion.com/	1969-12-31 23:59:59	Name: dmvk Value: 6370bfe28c7c4
.dailymotion.com/	1970-01-20 16:54:21	Name: ts Value: 763964
.dailymotion.com/	1970-01-20 16:54:21	Name: v1st Value: F31F43E65557F63A1BB6BA6969BAE7D8
.adform.net/	1970-01-20 08:08:45	Name: C Value: 1
onead.onevision.com.tw/	1970-01-20 16:11:09	Name: onevision_guid Value: cad1c350-6339-11ed-974d-0242ac130002
.ds.kakao.com/	1970-01-20 09:35:09	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220221113%22%2C%22u%22%3A%2200000000.0000000000000%22%7D%7D
.adform.net/	1970-01-20 08:51:57	Name: uid Value: 7724760076277174534
.adform.net/	1970-01-20 07:35:38	Name: TPC Value: 1668333539035
.setn.com/	1970-01-20 17:01:33	Name: _ga_8NJ3QZRCY6 Value: GS1.1.1668333535.1.0.1668333539.0.0.0
.dailymotion.com/	1970-01-20 16:54:21	Name: usprivacy Value: 1---
.setn.com/	1970-01-20 16:11:09	Name: FCNEC Value: %5B%5B%22AKsRol_yPt2xoIpG-6VfGtFiGhdd4sjc49_a5SZaYamV2c44oxZJ_Jeaajf1v6-meKhYA2kWQJYq8rJdDuiZOFOxg1xOBO6CZMALibwBLwB5QHqYD2klFeNrywUvhYyJI2TLAQQsO6DwBbHVBhLRxzmG1kQz5HqkgQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.setn.com/	1970-01-20 16:47:09	Name: __gads Value: ID=64f264759eb0c061:T=1668333535:S=ALNI_MaB7QgB1q2Nbo7TEhnA4p3UyOHAGA

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E5%91%A8%E7%8E%89%E8%94%BB%E5%85%A8%E8%AA%AA%E4%BA%86%EF%BC%81%E8%94%A3%E5%AD%9D%E5%9A%B4%E3%80%8C%E6%99%B6%E8%8F%AF%E7%B7%8B%E8%81%9E%E6%A1%88%E3%80%8D%E5%A5%B3%E4%B8%BB%E8%A7%92%E7%AB%9F%E6%98%AF%E5%A5%B9%EF%BC%9A%E6%8F%AD%E9%96%8B%E5%A4%9A%E5%B9%B4%E7%9C%9F%E7%9B%B8%20%7C%20%E5%A8%9B%E6%A8%82%E6%98%9F%E8%81%9E&time=1668333534676&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&random_number=20405123666&sess_cookie=17162bea184706d7dd3313d9738&sess_cookie_flag=1&user_cookie=17162bea184706d7dd3313d9738&user_cookie_flag=1&dynamic=true&domain=setn.com&account=dMuYi1a8Dy00yP&jsv=20130128&user_lang=en-US Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://certify.alexametrics.com/atrk.gif?frame_height=500&frame_width=888&iframe=1&title=2022%E6%A1%83%E5%9C%92%E5%9F%8E%E5%B8%82%E9%9B%BB%E7%AB%B6%E5%98%89%E5%B9%B4%E8%8F%AF-%E7%AC%AC%E4%BA%8C%E5%A4%A9&time=1668333535568&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&host_url=https%3A%2F%2Fstar.setn.com%2Fvod%2Flive%2F22078%3Fpagegroupid%3D8&random_number=630242780&sess_cookie=17162bea184706d7dd3313d9738&sess_cookie_flag=0&user_cookie=17162bea184706d7dd3313d9738&user_cookie_flag=0&dynamic=true&domain=setn.com&account=dMuYi1a8Dy00yP&jsv=20130128&user_lang=en-US Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://ad.setn.com/api/Tracker/Create/1/22078/ Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://geo.dailymotion.com/libs/player/x9u8j.js?GK_PV5_OMSDK=0(Line 51) Message: Allow attribute will take precedence over 'allowfullscreen'.
worker	error	URL: blob:https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/5934e85f-837d-481e-865e-cd2595b9becd Message: Mixed Content: The page at 'blob:https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/5934e85f-837d-481e-865e-cd2595b9becd' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/5934e85f-837d-481e-865e-cd2595b9becd Message: Mixed Content: The page at 'blob:https://3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com/5934e85f-837d-481e-865e-cd2595b9becd' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
worker	info	URL: blob:https://geo.dailymotion.com/15c91a0a-43cb-4a6f-a9d9-1e738b50fa81 Message: [log] > manifest codec:mp4a.40.5,ADTS data:type:2,sampleingIndex:7[22050Hz],channelConfig:2
worker	info	URL: blob:https://geo.dailymotion.com/15c91a0a-43cb-4a6f-a9d9-1e738b50fa81 Message: [log] > parsed codec:mp4a.40.5,rate:22050,nb channel:2
worker	info	URL: blob:https://geo.dailymotion.com/15c91a0a-43cb-4a6f-a9d9-1e738b50fa81 Message: [log] > audio sampling rate : 22050
javascript	warning	URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920 Message: The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	error	URL: https://www.youtube.com/embed/NA9Jlcekyik?widget_referrer=https%3A%2F%2Fstar.setn.com%2Fnews%2F1181936%3Ffrom%3Dy%26ClickIP%3D198.59.191.249&enablejsapi=1&origin=https%3A%2F%2Fstar.setn.com&widgetid=1 Message: Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20221106&foc_id=IU8ha-NHmLjtUwU7dFiXUA&label=followon_view&ptype=no_rmkt&random=667019442&cv_attributed=0' (redirected from 'https://www.youtube.com/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20221106&foc_id=IU8ha-NHmLjtUwU7dFiXUA&label=followon_view&ptype=no_rmkt&random=667019442') from origin 'https://www.youtube.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20221106&foc_id=IU8ha-NHmLjtUwU7dFiXUA&label=followon_view&ptype=no_rmkt&random=667019442&cv_attributed=0 Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://geo.dailymotion.com/player/x9u8j.html?video=k68JwWItywNigGyuzgK&mute=true&scaleMode=fit&syndication=273920 Message: The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3f02a9469df6f81ddabd0df46dfd1b71.safeframe.googlesyndication.com
act.ds.kakao.com
ad.doubleclick.net
ad.setn.com
ade.googlesyndication.com
ads.eu.criteo.com
adservice.google.com
ajax.googleapis.com
analytics.ad.daum.net
api.dable.io
api.popin.cc
api.unibots.in
apis.google.com
attach.setn.com
audiencedata.im-apps.net
cat.nl.eu.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
certify.alexametrics.com
cm-exchange.toast.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
csm.eu.criteo.net
d31qbv1cthcecs.cloudfront.net
dmp.im-apps.net
dmxleo.dailymotion.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.dailymotion.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900021.redintelligence.net
i.ytimg.com
idsync.admixer.co.kr
images.dable.io
imasdk.googleapis.com
in.treasuredata.com
inrecsys.popin.cc
jnn-pa.googleapis.com
l.logly.co.jp
log.popin.cc
nt.compass-fit.jp
oauth.setn.com
onead.onevision.com.tw
pagead2.googlesyndication.com
pebed.dm-event.net
pix.eu.criteo.net
pixel.gliacloud.com
pixel.mathtag.com
platform.twitter.com
player.gliacloud.com
proxy-010.dc3.dailymotion.com
pubads.g.doubleclick.net
r-log.dable.io
r.popin.cc
recommend.setn.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
rr2---sn-4g5edndy.googlevideo.com
rr2---sn-n02xgoxufvg3-2gbs.googlevideo.com
rr7---sn-n02xgoxufvg3-2gbz.googlevideo.com
rtb.nl.eu.criteo.com
s.update.mediamathtag.com
s.youtube.com
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
setana.setn.com
sp-api.dable.io
speedtest.dailymotion.com
star.sanlih.com.tw
star.setn.com
static.criteo.net
static.dable.io
static.doubleclick.net
static1.dmcdn.net
stats.g.doubleclick.net
sync.logly.co.jp
sync.search.spotxchange.com
syndication.twitter.com
tags.mathtag.com
tpc.googlesyndication.com
track.adform.net
tw.popin.cc
ubas.setn.com
use.fontawesome.com
vendorlist.dmcdn.net
www.dailymotion.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.setn.com
www.youtube.com
yt3.ggpht.com
certify.alexametrics.com
googleads.g.doubleclick.net
star.sanlih.com.tw
103.243.202.190
104.244.42.8
107.178.241.176
108.159.80.114
119.63.193.220
119.63.197.136
119.63.198.143
119.63.198.188
119.63.198.189
13.32.121.21
13.32.27.107
142.250.186.130
144.76.238.55
172.217.16.194
178.250.2.148
178.79.242.16
18.181.126.176
18.64.103.20
18.64.119.96
183.110.238.136
185.29.132.242
185.94.180.126
188.65.124.58
188.65.124.66
188.65.124.90
188.65.124.91
188.65.126.245
2.18.233.201
2001:4860:4802:34::36
211.249.220.158
216.58.212.166
23.205.242.120
2600:1901:0:e207::
2600:9000:2057:3800:1a:7b30:2140:93a1
2600:9000:206f:fe00:1d:27df:6a00:93a1
2600:9000:2251:7e00:6:df3a:c980:93a1
2600:9000:225a:b600:1e:a43d:b640:93a1
2600:9000:2315:1200:c:e0d9:2a00:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:234:59:254c:406:2366:268c
2606:4700:3038::6815:eb5a
2606:4700::6810:5614
2606:4700:e2::ac40:840f
2a00:1450:4001:25::7
2a00:1450:4001:800::2002
2a00:1450:4001:802::2004
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:810::2016
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2006
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::71
2a00:1450:400c:c07::9a
2a00:1450:4028:801::2003
2a01:28:cb6:3::d
2a01:28:cb6:4::12
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::21
2a02:2638::c
2a02:26f0:3500:c::5c7b:6834
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f21c:81e5:face:b00c:0:4420
2a06:98c1:3123::
3.131.225.240
3.34.29.73
34.251.154.165
35.227.207.122
37.157.4.41
37.157.5.73
43.200.153.114
45.79.126.27
52.78.160.161
54.162.52.82
54.64.101.191
65.9.66.120
88.99.219.174
00ca25b6b052861666220275725c4d98e96c34819a2f081761892357f9e24284
01fdceb9c31d9dc6f0f54c522f78cd14793dc6d5c25dfc9012bd5277180b7833
02ae1c1bb6f0c680d2fcdbafa06bd4d35dcfd1d39609d60e9a31bbcc5d40589e
035a8ef68019f57ee6606334a3c4d6f7d5ba3ac8082c39d02fa9b2612d3fbbad
0365e3f4d308d0beec787524d9a2f686351e1011555515526ddfaf34176d0514
03b45e882f5762c1f94a167f2a6d5164c6f7da70f774b09d336083158c293575
04794fe635a21ea7666afce51e7d9ea566bd79e9a8d9f5862d3cf440bef1eb34
062423ece8ef0a046c96ed541fb8d46b0b53ec1dfa8e2b8f19ca50944ea25c75
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
0945b312323f62567440d264b80f31c9135e6ac3812faa63a17835424a00f8d7
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b01593a09b647524a0971192bbf8a7ad4164c490b286ad1a9bf033da2c3508
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0a47eba01af09bce7436c8a492c5157b0e414ce6418da64aca588eb64e4156d9
0b216ee87a644caf3104f2b7bcdfa4f1c983a2eaca2fc735b70a8d9e9fbe59f8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9725d592211cafba44740c9c2571a1c1a1cc77636001c31b34c4f9396b990f
0c9f7cf605fe9b7997cd43da48328bdfc7166b1d3cc48a69fdc120ca09440ccb
0cb81fa74ef83534bd8bd180064d98d45e4c906f26048da854fece3708613b3a
0d013d114dbc16f0cba554581c553d999367a739d6a60bf0c3c4a7463eb923da
0d14b8e10cd57b277f42d921ea10b3cc0f271ebb430ab03e6585751530834576
0e63b389b39a6ad92fa2ad6b5a5a29bda0ca175b2e9942ded49973b8cbd35db7
0f78fe76350f763d3ba780e0e1bd25414ed8d55276a5c419c22d10ba750dac7d
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
0fe40c5652ce04b1e56ca22a7ab824498d35aaff5e4fa1d06771260a46339c6d
1148c667f57d1456ee9121f7d7da0719059918517a41c9dfcd1d45f917358461
11f18b23897d17af52bd234d18155abf2e7248c99f37f90519a2dd3a51a928e1
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
16353e03e9d2f0c3ed006e490c0344289c422fe6fa8e5f64d26498a3a1930646
16f8c930cda82b6e19b5049862a1c8d7f8d0fbd69ed5dc7c0d7959fc978bf242
17c9d5ca43ed7fc8999db7dbc5ed6ff3f8169a9e98ede0f1d3bd3024273a4c85
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1b130abb9f803a330d2995975d403ed0b6ec0bce34f4028bf4ba61c1ca269a1a
1b4efcc41937759c5509e7e055b4fda820932b4ca0ba09586d0532dc71dc33e1
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1da28d218a9234d1c2cc6c0459e7031f21d0679e66ce8aab5b7a742674104768
1f3010b710717b7871653cbf6fff75da672e93c3a108db0726c25f66557e18f4
2203ed6fcf532e8035b03fb2bd0f913eac59636dd1fcd3495829b7d9653a4286
23dcf4c89871124e658e9ceb0069b07ea56ac09cfb416f898846c9f561546b00
24bcae780e492301c67f404efad970477afd44ab5705a797b282e093e76ebae7
258b953335bbbe69b9cae78300ce2221496cd98fb6ecb624752557a3704bd406
2679a5543d689ad417b6658cf46ad70d940762842a90435d3543ebe79c7c1a48
26c696c87b69f3effc2cb60cb5985ede563a03c7fa5cd8b526a1baec84faa413
29312e777fc4b6c653c6934c9c2092a8ef284e00fc520e19de40258a057e755c
2a03fb4b5919e5b637568d74b2ae96d11a22a0ccaa32ece91c1337f269677099
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
2bc342ab9f4dea0eb0b244afb0e55862e8f8eadf462e36b16c3bdf6b33c0f87d
2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d
2da1554426327c299fc13c5dcbd205694cf50a09d990a897dd5c3bbd93d86d65
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fb2848b49479ff8bfab46cbdfdd0b8d929c295fa5ad20270a668a133d3f27a2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
329c909d41d7ceb47b6543bc2681f578af80d6e0f659b0addafa8937c54c153e
3376e1d187b260cfd89722ad517a2c9a8f04495b31579fb65049915f51b516d0
34a0c92cbb0fb2ad74eb94341cd7e6087c4992080ab30bceb6affeacfb5218f3
366a810ba441442ffcbd5433a3c68c35249fbb5f816291bcc9ba476188b33921
382843b96a3a0f2c2b38c583563caad12733ae44b4b5f1b97abe948fc461596f
387b67877bd1b21e329b26463c44f99db190cb6f15a1b4b8004a6c27d999a410
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3ab4883f3623d0ce25db88d1901ba4d1983219d862fd67055001e1f0163c1510
3ae7cc1bf020be24b4250cf3f16036e2f25a41c6ab183385f396d2f0cc657d91
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b6a9f90ec8304834f717de38bd2d8721a7b602d9557ee81593a8059ee39698e
3c5e8c6ad66d889f3f73d3bd1d0f2e4945ebfbe47d28162ee206cd1b9e75d561
3cf7b16b49bcc0b942a9ffda4b28d1193fc68d6617612707faeb9d4ecf336df5
3d6f9a4f21d4766ec09fd436828354def461beed433f4d8fa16e31cde63f5a49
3d985f2dd9e4201c2a08a79ca20b0d755278d5fe14a0f83ada46493e749af6ef
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e32977b883b9c5aa954dbdd52b9d7876885b58fb68f427ea57235e413db796b
3ef22eac12cbbff104e247617db0aea70ec73b94bad362f55b838c07cd5d1dac
400e543fbdc7c7db272817488c9f25c4252835f6f95b84c68f9f7fbd76eaa619
406b06c70302d6e49a9840e6ac273d35a2789bed16f6d5cf1f88e3f5266587ee
407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b
408b4ed9241e6ee8881099b166dd8fa76419d6f5e7d2cc55b20c46d611866aae
4096bcc51c1225f67cb49a8d2a3c07ce81f6fbf735f527893fad713f15faf8dd
42d9fdc0ae8fcda3e7f8d3d962d9c3614448bbbe6096c8f19f6ebfbdef3b2a3b
4316741edab180807083eaafab69a7b53ddbe5bc14d637e3c410ab0573a78178
43fc41d5dd362a469882f2ec293f9064ff6200b77edfc4a8de8ddee3db6994d3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4691d63477ec4c86e69cce0a1d1c067ad1de02e00643134f38cbd7cf45726041
47ffafea10f5f7cb83e65585a2c50bcf02aff38fbcfa5ebb8202d2001cf2f850
489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a34057c8093dabed3b2b8939de29d752b473cdff22c316ee5a0df0159e71257
4a53dce780d977edd817fc96e34c6013295f312fadff0bb328e3ebf68e1189ad
4cf54a6eb9676ef17b3890208b3af8b336f8c8c2b8efe0d820b2baf274f7bd65
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
509dc4a9ec513367cd98265b2966836fc5fc91c1042bc08935e5345b81fc627f
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
5298d6aa96d4c31e65e9198beb08bc3de1b5b885f22ece667f35c05ea42e2424
532a8e65348794f09d3decd5b7aae67a0acdea25b0ad787c604edc4d02f29709
54bbb392350ab5b5cffe9bd202bc37518ffb19ab7ad60e7a8f0c885d02afca6a
54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458
5624b069293225dbcb8e489da394f89dda55ccbb2b3c00b5a5a26cc8ae7b3724
564a6115ffed74668c64b239fd6c34397c98895a9161680a7c8b82eaa12efa03
5684419a67d14ab2c790827fc3d6a761f430585597f31bd3bbcb4b5d34130dab
57549ec703978f56ade3a8f4892ab24cdd4c9e65ae886de5e70e3551fb2e1051
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a9ad4cac06401d8e1ecf2f6b89e8e23eddcf165ae21f01f9157468619dc27e6
5c542d1db2a3484621f08d1e051b8208e59c02d027ac89ea8177992212086c97
5c6c6d1ac762ea323fbf8df434598c58ab8bebcadf8dd43d67100d109d3f50f1
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fd52c862b8e1d4414e19fd079b0fa8fb96e96e219c8b58533e75f631317f6b2
63c63750f6bafa136e5cb4de9a9191552cff5ad5d766ff8ee835387fa5a98446
63e55165cb26efa3df20628f8c2dfc0b13e7d7e7629761fe9f43b34d5498ea46
6417540f542003ef58a3e2d90ca762c9e4a7e403b75d6e5cb2f6e1643d857048
64d9ea5c8f7241f5442f2c74b061b44a4d74c8fac3a53e8521b52d57f9be03a0
64f25b1d8fe84f944df73cedb9825e06ae53e2bb9f662dc67ea405393f0c2d68
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
65efdc7a64ca5bcc8cb0369e47a24116557b9c5513e2ce558f7780fd5b092f5a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67eff95953a83f57a424313f80bbe3e5d4f7f751f0e7ec7e733e7f8ffa31a554
681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064
68ecd348cff7fa1c9525c8a3e6b2d288061ad0ba4f48be3fe7357b1712753dee
68f29ea116dfce2edab31f919c4aee8e884315852edabf3d894b54b4ba0cc4a2
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a943eced0b26bc9046a54239e563b32d665bac9ccf8e462d52b3d9b178f16bf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6afa897c54f8dc8efa1ffc396703bf56befe963a4102a4ab88842ccd19b3db34
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c64fcbaf5909fcab9ad263ef654d029a486aac70414f6504a0c7d3f04a93fcb
6e1ab444bf337a36629ce37b42c8eb707a6009b07e9fbb789f3b3d2288670215
6e9eda5dc74a1c770c667f5ae3110bb5ac7158fd79f277676f66b9e44385f353
6eb6e3d4b6c172af3b588339d326eae602d109c508198e804e0645f699cf6b98
701dd48c67a7d58eb2fb2751ee7d3e72e35b2b4a0600dc7eebaf4e413e2439fc
7059cf37c91a6e02f19b47e7ba386fc320a01931bd608c51d728d95a17f5f163
7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e
70e4adc85bd25966a1d21d019e8e9f7a66109b1d4d8faa6c8caa131b71ef6b33
71372e3deea1a02abbfea90837ba538bccef8be7f70de68d06ab238ee9223b57
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7665ee3bb9b92902883817816f37f8ae075cd0915479d94561599d9b11f2d707
76964aba4a6d7298bf312002ceca2e7a6cdaeed9371263d4260bf0390ebca800
78a435cf87f4fa36f000faadb6da2a3685b5bcad0955f51806a548779e09a676
790efbfcb8ef5b26f1eb56e9308b3270e6048e7117af62d4dcf1504be64311bb
79ee2b95817d9e8f81038fa64d80387ede9018841a5fe48422908c988cc58ac1
7b31098d427d2cbbc2ba39d526c6566a3bb0a0c88820b787787d6c419b9f8e54
7b3eaec5f195b43d0a5f36960e60adde228d0b0150f359353fdbc31f45363ad4
7b6aa605cde335732104ab43de259be810a0e6ca141f0f5da2bfae03cae03ea0
7b7d7f9015fcb6dd5066c5065a970e8d3d467756475eb193d7e5647f5ea7cdd0
7c47bf24d842f42552e6fa09fc5206bb5014680b92b11f57d7d4e2e1fe85df8d
7c74ff68c718ab5620c7ddf97bbed63e90938647ea09ccebba43a3e97f22a18c
7cc106e0958864cf8e0bb84b422b6cabc9fd7dc49a9c850bf3d5113506bcfd2f
7d4d049153a4ed271dbe3417882ab5730308f8feb78496fae5f48f7267b7de74
7f6c02abdfc91241a2d141f9ea82c1266a94e382ae3fa942805867f66c8720db
7f7c32ec00c404a060c4ef6492977f9baf64aad6e2c2ebcc439aec8f7099090a
8160d33da742994ee63e5d165cf3605bc8b8ec15f2054c2e0d8f2aef0f5f2de8
81e673642cdd59c8f0d1db22e6d9972e9fa6fad913c838682e834caaa167775d
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82e5b0339f1b05e6733445e1a1cb2a9479b987ee0f26076d8bbf201d1d9ad01d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b
84fa0b2209fb34cf5b399e83a2aad222aca5706c6f02cfd88ca6e79e5e487f8a
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85bb911b612374a910a2dae700bf8507c8bfa7db0d2d3828c6a053de027abde8
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
865a88958ead6a317ef0e0661a8712b65d3276a8d1eb90e8eff40e71865aca22
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
874e87fa935e7bccb5fa562bb4796cb9016ffda5fe036c748cd6458de421bf67
87755f241d10ae4ef67d080f39e282796b5cc86a9685396e66975977ea695cec
893f8d38e60607f41ebcf4feda1eebc53cad9eff78778925c78c1653ee755139
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8ae29ef2af637bea2fcb58732d4e2646bdee325bbbaa8f20bb36b9b98522e4a8
8b4d2c289fa7f9dbb281f71737ef39faffe1c21eb39d737052e9eff849452b6e
8bea0dc65e14260263724a81e33f2dfbe8329669b2cb299dff403a7e52add016
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c0a44794ae15b9d01f889c0284fe6adae0d3252a95d67b5216d787bb503cc86
8c64b0ec0a7209c802842f9921013ec87376747e5a95150b9a111653295d2f11
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8dc171e8db8becf9c8470090f60fdd6505e01429a47f54c144d03297f7d531f3
8df3eed16af13a1c0a7c76240a20329f23ddd2efe0109fed0d6a08c68d68f4a0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9051b3f8f11b99260dad8ab0fa02f0f4ae2d7db53fefb5fc76764192f4c82eb8
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
925b14e459bf823ab902345915a7a9d44aa56817f46b2bf2a61a20f9246b7bb1
935a3cb18e203a4a3358b10e2e58ce6ddba8c68602eb5b7ecc30ce24f877b366
958f3b968255285c5047e47b2b7da8dcec0d61c2606496e900a2a9c73ebba714
963ec2c069e966a55e8d747c37c26b1827b3d0d90d924970449549fed156b34b
9771aaa71702026448bf632a150d07ef2eaf17c537fe8763ad854f13abe1706c
99db7c45413b65d885b0ed8ee9b5adcb77066510eeb758cf53c6fdd1f07c0eda
99db8acc14f8b55c52b511b5109abd6eb1078a30d1e36a6ee171dc03d8a454a4
9aa8beda20bfad4c81e6a927e921a5ea9cc99e5a9980b0a9d35a2b31c181cbb0
9b479a3d07de2ad89bc0bee8b3660b6bd352e4c9738385aa4d712a7e66dfb5ad
9bb7d289ee069435c87b7952e8e218726d934e5d2d2fd55b66ad5a317c87dfb4
9bfc9ee4b4c849581327cffaa3b10a499181933e5cd11fc3eee2696d74d9e23d
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9cb23ffd20e676abfd95731e63a42cb86a8d38ffc2c7aea257a89e864ff0fb63
9d36f365bf5bbc704d3599feb0f4183bfc02ad2682a1aee8d9d84d1117db3cd2
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e49999e407e8d227c0b6e5cd23c0f0ff59c27b1f44319b28f90723fe681ff5a
9eeae2f294ccddab4a568911b9962c87e5ae20c3b46f3710c9e78385f781a109
9f0384a2c4cddef7a95fce9cc026e0901482723d031610c2dc33f23864e8d5c3
9fa0f4513eaf62288b7843b7cff59bd539d068488a802e3a3903d041038d7940
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2229c24af2943e070824e62ee4797532359978c36e319affb023727ef261886
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a49519b0a8becc8e9660230a0e1fc36c2d6996ecd9d31677b17275b1b9f86981
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50578392f995e6f517d4fdeab17b0179363f31e0931d013461b346f29787249
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7bdadbdbc5d982af1dfbc9c02b8b0cdacaa166b325ad0d8d7589a985516dc03
a900f50ba729ab09efed100802ecbc571311427c9a9dd1552661614ad9ad9888
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa57778bd7d7db9432b192b1cdb9f08e34d01846b15f84e75d017792db4f12fd
abb9f0bdb272c37a41208df76c446a35ba557f867c21b8cee269bc998f40c9c3
accc03e429ddb0f993efcdf689adefff20bbd78701c2631f3da650a336b221a4
ae12aca37d0fe439ac829289f9ac0f67bad39144096d71ad9557ebaecbc29041
ae641f34aad32873e6434367397ecfe974931933068de97542a56fa2eaf44c76
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee34d055ee5c2d7065887c8e64448ccc3526b9f0d9ee9f5cc67c91faabc6e63
af2ee81b605fb1101c66d6897f1fdb859946c030e84f264814cee01f7a1910c0
b06fc6631868407530d7e4bd9eb906da343a3e5b6e13ae77781ce78fbcc4be57
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17de2bb097917f12756ebb689a9cdcdf47a46ca5df26ea2b27b6620452ea6a7
b2507cdc8624ac0f6aa8365b2b8e502034238ded3eb688347eef4b08024cd297
b2acebc85d9188ee80d3c9b04d3b5cda759566c88f2ca252b3cf4ba87e729d63
b3893e9aa5bce8611f5968e7b53a247f0314154a3e6ab6096669f08a61a0b20c
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4c52d065f54f30b3944ed6d83d97e3eec06f305c9ecaab134ff7ee6170077c8
b4da9a86b4b014e7589433619649f9c59df2ec599702f3183cdc30013ddb7497
b661e0d58fe82cc548b37e6c1413c0df62c46e0d32d84191f1dfe67acc4e6890
b84c84c465e0f531708b0947b39a936ab40e5b41cc2f1b5199b2220c5e06c245
b92560850edbb4f572032502694d83349c15bfca7e0887aa30b7f3f313a841b5
b96b75b78070db0e0e4f191160a255b674ec19773081599d0204580a47477609
b99292a9cdc6f5de6f8b929630b4b771625f07dd5df7728734983765cbb0caa1
bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bd62d7815589b49ecc6b7eaa3ad46cd85afa6694162005517c6b25c255af8bb6
bdb688e68d6d2d262aff549485e3e4d7ee0bec2d9d9e767a39e4105d8c4afcd4
bdddf2b353b67971f4c2395b6bf19e8b919b8ea16fd72ec30d4e173233893c11
be19ae37d7a6f4f4c1d1c7f56d9e4cd025012443430f20fd7dd5c6b9fe2d9a92
be3f949e506176f3b945667f012540a75bd591b53ead908bcda0781835f7b022
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf1a2b466ff48453cfda266a98033b049ac7a18db810f797c4b209f94e459e7b
bf32c22443eb80f8929595fe7ed9cb4ee17cfadf906b15b1036d152a6600a7dd
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
bf7c9e77da4ab1b55289de5b7aa63ef93965861db10c57bbe366162fe1ff77ba
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c003e3a7f837e632de8240a229decb256484f990d909f3d0f80f3f146a5b1d3b
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c44e756923af119c6bf2c38c4f57b190d5ad3fb8692a3a01d1a353a2d491ab8f
c46d01e3b8219a7168f1613b4080cebb853d3255867c810f27d65b7007d29889
c487489a1eb7708de8884b07b2137b932f45ff48fac207b06e19c6907ba630bf
c619e5d2a2c0091908f0bbd90efdf8cfcfd3383705c18dca8d50454446589d93
c74a71803fa7a6543d5ba449b6b2bc2c127f5359f2135ba6e2716134be7324fd
c7ac711772c9ce24a45ee87b6f3a920a6b150dc7c5cbef8b5492d1b7b869d8f3
c7d4f0248c14d5a5b76480239a78a841b2f25044c37e78e55ed78cbd746dca64
c9309ac6fb71d95263e9a4f5399611f2bce2de789491cb668cf93f6df89d6d9e
ca33434aee7a3d5d2e4a269eb32ab6e1b5ce8fd727a20be25f725ea9afc1e0b6
ca356d69f023a86170e7197b26266cc9f913b54fc90e96a760cec4152b7848b1
cb85a11a465d2b14325771eff9c3f3408de2ff334fec69a5c863bb9a557530df
cba59ba38105976d6e016b056d87565a3fde5ec976726d50ea9ac3bbadfecee4
cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e
ce42f96cb9bf968a920997e89a8df8ca6830d07542a069228600c6f768c19405
cef713f5a115bb5ee9a8b4234f7fa85a707406dcba91781dfecb5ae878584be5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8ccff1d7cb44e1cb7407e0c6feb6718a976c86d2246b9de610fc9ef486978
d0054b6ec34a3672b42e9b053aa98c465e09bbbd012bb240d18d46a2107868d3
d02f0eac80179ced49946852170823b5bbdf962effc707f12b1a42ef10618c1d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0fbe6623e329db4cee1966e594d8d3a99376956b933f1f47ff603ea6fe1ea83
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1dcf92b49d1bbea61c41a3ef2a84cc306018cbeab370adcc1f533f582efc705
d45a2ee52ae1b49e484d982f6559583526cb4ae277f0bc320d32028dbdd85140
d461cbc1b4996af6b92871a26194df7ed4c170a0386ed287a150d681b9007e42
d48f7ae16d6fe330590cd19e5b81ec1ba0696a0eccb1f569348776ca092f268a
d682bde21f3c0de169b625d3c64fab74e342c2a62c8838eabc43896facdb8938
d7017dd9b1587c1b4cd4e4d65b76f34c5831a5408e62b7171d6f8dc63237f4b9
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d825ca238a05262a76be777cbfb43207caba6ee2fe9444f01af19f3c9be833b6
d83c17e3f17c3320040e26b41d0f8217afda08f957d4a54d63dd7563f4e33e34
d86c8d510fc7334badac90c7e5413bac08c068cb403e85f49e299c13895fe113
d876e13e1aba02c05619198cef978e67140b92607836e2f93937e3cabbd42d77
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
d89cf7d2f9f6b01a67583497b14bd26f4715093a8da2f0d6cf45d59ebd189a9e
d934757fdc209e95c6535c475c6c74c89c105e7187d093bb436e2d919119734e
d9e024a450a3a5e409bf59da97b53bed49ccf1b669bf84f3cc74d12073ea9a8b
da9d76b9ac85c4c82d35392dfb854c4b2ee6235dc98097afb6bf7f0d23572cd5
db2442f1518fb962a7444adbd39296f84092fffb1e91447971a750720cd0857e
db2bf97ae5e4b1ad85644f41bc9e515b6b742bd413b8dccc1291050026225b8a
dcb79b9a04a8308601c932a08fc133afdf2d4f8ff9a35c6c94ce2750938de8d1
de83174e0ab93accde6e4dc8cf6880efe380384755f603a42c9a368094c9fddb
dea2ff2105a4352af7208f2c8cf2e6adccfce0f3ca955482e2b7ab45d36c2188
df4cd6f3b2e248d442621dc6ce284302b126f9af816cab8b60281725200d5190
dfe02b36097b5d7d98b5db99f4efd4baeb9aeb9761419213a6808d4f7c742d5d
e0d777eb199b730bb5d49e86661a3fac4c56e3f69cde1231b2cd1d8ea3b03de6
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1262ad3120ef8c2b626be0e70d0f1501ac6338e13634874e69afb698e937fa7
e26b96109b2963b95e44d197c3fdfa0a1ffebd26928e91323ee85e34a179c733
e2d073fec2f5be90e60578570fac7de6364dc9f831d35abcac1b740088389d23
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4617a5b39cda8cd99c5725cd79a12bf58f402b90f76c364ec7de7852ec15050
e50a4006b43083477edf914b5314853cec6a152eb134313d8d1942ba661104b1
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
e6f4f1f85dc79f55df0772f003fb9b2bacc470b7239a46eee7d29e2837bc5711
e804fc1f825696a3e8c33c5118ae6c0310d5c22efb95c464d8c8b18f1167ae82
e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae
eba4d3bf5611b8992dfdf23d77f65828dc011ec05f4b9816431cff06c0b979e0
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eee15ed38381795603e305695c1790aad5720f432095c54b7ddd66b416916316
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1236964460718b16aa3ff2ba1edf25c8ec519e956fcd80bb2ef8fd33d313dea
f14132b6c9d44f7b8e40d6e0b740b5a765bbdf0b5dcffc32760d035dbdf0d104
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa
f34b367b5731ec766e201da733463aef658056ce540a19c8c1aa93d6d94b5ffa
f3bcedac036a73da7e08fac585a9a382ae54bdc9272c4afa7cbde70c75098475
f488db8e4f7d5bda392a599548088ca9fad45dcc045f20c3e805e3aecdcb0642
f56e00fb627e19fb1be4d7cb356dea6e91fe6988d2f1c4ed0f7d6cc57c43c666
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5cc0d1f19367797bd6aad2d5e9786131373962ab4056e6b041f2f98324b0af7
f61350c8888a7d8365fad31a72f8e316db6237789edad198a258176675f400ea
f74a32e5a4f6d1cae28c38950b2295074af158c8c1d30af26cd94151cf62ce15
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fb16012742455b5e0fac64e502681e5df685d281134735b9bf1876feb1787fdd
fb6bb1fe9b79b6476a927e84153a32945111de5affaedc496c0c4520967b81d3
fc523f48d928b83459346ab54bb64e9bb99023d3e53055b3287151f65fc33670
fc60173098c569a574fdd9c5c790150d95333878f2e1f518c0f750f5d85834e6
fc996ca5fe5850dce6f4968296018aba0d6babac30c90f36a671e03c87f0d45e
fd74c05c0fcc29f728908b6c030cfc56d27dd67a1dec464e45da276ab6b58f5e
fe9f0570e6ea6a6e5c70f2e83fd46883a62e5fdd1ffce04471bedf0dbd23166e
ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5
ff94105619d51a3a6c46603924e4f9f3af2dd42584789e25e2bcfffeb9f12c61

star.setn.com Open in urlscan Pro 2600:9000:206f:fe00:1d:27df:6a00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

737 Requests

99 %HTTPS

54 %IPv6

51 Domains

103 Subdomains

96 IPs

12 Countries

13937 kBTransfer

31499 kBSize

53 Cookies

43 Outgoing links

Redirected requests

737 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

star.setn.com Open in urlscan Pro
2600:9000:206f:fe00:1d:27df:6a00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

737
Requests

99 %
HTTPS

54 %
IPv6

51
Domains

103
Subdomains

96
IPs

12
Countries

13937 kB
Transfer

31499 kB
Size

53
Cookies

737 HTTP transactions
18 data transactions