urlscan.io logo urlscan.io
SecurityTrails logo

www.staradvertiser.com Open in urlscan Pro
34.68.132.100  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Submission: On December 26 via api from SK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 139 IPs in 8 countries across 105 domains to perform 714 HTTP transactions. The main IP is 34.68.132.100, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.staradvertiser.com. The Cisco Umbrella rank of the primary domain is 108123.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 29th 2022. Valid for: a year.
This is the only time www.staradvertiser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 34.68.132.100 396982 (GOOGLE-CL...)
11 2600:9000:211... 16509 (AMAZON-02)
66 141.193.213.11 209242 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:205... 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
1 2.18.37.49 16625 (AKAMAI-AS)
7 2a00:1450:400... 15169 (GOOGLE)
4 3.94.188.247 14618 (AMAZON-AES)
2 2a04:4e42::282 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
2 52.217.130.90 16509 (AMAZON-02)
13 34.96.77.232 396982 (GOOGLE-CL...)
1 2606:2800:233... 15133 (EDGECAST)
1 52.217.12.236 16509 (AMAZON-02)
8 2606:4700::68... 13335 (CLOUDFLAR...)
4 92.123.36.4 16625 (AKAMAI-AS)
11 2606:4700:303... 13335 (CLOUDFLAR...)
1 2.18.68.199 16625 (AKAMAI-AS)
3 13.32.28.197 16509 (AMAZON-02)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
13 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 143.204.215.51 16509 (AMAZON-02)
61 151.101.1.44 54113 (FASTLY)
2 108.139.243.74 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:4e:1... 8075 (MICROSOFT...)
7 52.55.6.121 14618 (AMAZON-AES)
1 2 107.178.250.234 15169 (GOOGLE)
1 18.66.15.49 16509 (AMAZON-02)
1 18.66.122.74 16509 (AMAZON-02)
1 2 34.204.208.160 14618 (AMAZON-AES)
1 99.86.4.40 16509 (AMAZON-02)
1 2a04:4e42::714 54113 (FASTLY)
4 52.208.114.227 16509 (AMAZON-02)
19 2a00:1450:400... 15169 (GOOGLE)
1 52.160.40.218 8075 (MICROSOFT...)
1 104.75.89.75 16625 (AKAMAI-AS)
3 2600:9000:206... 16509 (AMAZON-02)
3 54.166.121.131 14618 (AMAZON-AES)
5 2600:9000:206... 16509 (AMAZON-02)
1 52.72.183.186 14618 (AMAZON-AES)
1 52.88.111.28 16509 (AMAZON-02)
12 13 172.217.18.6 15169 (GOOGLE)
1 2.18.69.74 16625 (AKAMAI-AS)
1 143.204.215.96 16509 (AMAZON-02)
32 2a00:1450:400... 15169 (GOOGLE)
2 54.234.151.247 14618 (AMAZON-AES)
2 23.20.158.212 14618 (AMAZON-AES)
2 35.244.184.131 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:402... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
8 2a00:1450:400... 15169 (GOOGLE)
2 34.224.131.223 14618 (AMAZON-AES)
2 2 138.199.36.7 60068 (CDN77 ^_^)
2 6 2a04:4e42::485 54113 (FASTLY)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 99.86.4.77 16509 (AMAZON-02)
1 18.213.217.104 14618 (AMAZON-AES)
1 34.218.13.139 16509 (AMAZON-02)
1 54.195.159.200 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
13 34.201.233.242 14618 (AMAZON-AES)
1 3.229.55.30 14618 (AMAZON-AES)
2 2600:9000:211... 16509 (AMAZON-02)
2 65.9.66.74 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.65.173.232 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 23.203.125.36 16625 (AKAMAI-AS)
2 54.78.253.158 16509 (AMAZON-02)
12 141.226.228.48 200478 (TABOOLA-AS)
4 40.76.174.66 8075 (MICROSOFT...)
4 34.252.110.251 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
2 99.86.240.25 16509 (AMAZON-02)
1 143.204.215.41 16509 (AMAZON-02)
2 13.32.27.70 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
4 28 172.217.20.2 15169 (GOOGLE)
4 4 185.64.190.80 62713 (AS-PUBMATIC)
6 3.33.220.150 16509 (AMAZON-02)
2 2 37.252.171.22 29990 (ASN-APPNEX)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
19 2a02:2638::3 44788 (ASN-CRITE...)
1 18.66.97.88 16509 (AMAZON-02)
30 2a00:1450:400... 15169 (GOOGLE)
21 20.60.81.107 8075 (MICROSOFT...)
6 3.95.107.2 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
4 2a04:4e42:41:... 54113 (FASTLY)
3 2600:1901:0:7... 15169 (GOOGLE)
36 2606:4700:20:... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
4 52.18.137.33 16509 (AMAZON-02)
1 172.255.62.201 36483 (GOSSAMERT...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2600:1901:0:8... 15169 (GOOGLE)
3 178.250.2.146 44788 (ASN-CRITE...)
2 162.19.138.116 16276 (OVH)
2 54.73.211.146 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
3 3 2a05:d018:d29... 16509 (AMAZON-02)
2 2 34.252.50.213 16509 (AMAZON-02)
4 4 13.248.245.213 16509 (AMAZON-02)
1 1 23.203.124.21 16625 (AKAMAI-AS)
2 2620:116:800d... 16509 (AMAZON-02)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
7 7 3.124.135.253 16509 (AMAZON-02)
2 2 54.229.65.185 16509 (AMAZON-02)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 104.18.33.19 13335 (CLOUDFLAR...)
1 1 2600:9000:211... 16509 (AMAZON-02)
3 3 213.19.147.44 26120 (RHYTHMONE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 185.64.190.79 62713 (AS-PUBMATIC)
2 2600:1f18:612... 14618 (AMAZON-AES)
4 4 185.94.180.126 35220 (SPOTX-AMS)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 34.120.58.62 396982 (GOOGLE-CL...)
1 141.226.224.32 200478 (TABOOLA-AS)
12 12 84.200.5.215 44066 (DE-FIRSTC...)
6 46.4.41.145 24940 (HETZNER-AS)
3 3 23.2.214.113 16625 (AKAMAI-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638::b 44788 (ASN-CRITE...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 35.186.253.211 15169 (GOOGLE)
1 1 51.89.9.253 16276 (OVH)
1 1 18.156.0.31 16509 (AMAZON-02)
2 178.250.0.160 44788 (ASN-CRITE...)
10 2a02:2638:1::8 44788 (ASN-CRITE...)
4 2a02:2638:1::17 44788 (ASN-CRITE...)
4 2600:9000:211... 16509 (AMAZON-02)
1 216.52.2.48 32475 (SINGLEHOP...)
1 35.157.246.167 16509 (AMAZON-02)
1 69.166.1.15 27630 (AS-XFERNET)
3 37.252.173.215 29990 (ASN-APPNEX)
1 172.64.154.237 13335 (CLOUDFLAR...)
1 151.101.193.108 54113 (FASTLY)
1 172.64.151.162 13335 (CLOUDFLAR...)
714 139
4    34.68.132.100 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 100.132.68.34.bc.googleusercontent.com
www.staradvertiser.com
11    2600:9000:211a:5a00:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
66    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
staradvertiser.wpenginepowered.com
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
6    2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:2057:3400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2600:9000:214f:e200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
1    2.18.37.49 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-37-49.deploy.static.akamaitechnologies.com
s.ntv.io
7    2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
www.google-analytics.com
4    3.94.188.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-188-247.compute-1.amazonaws.com
powerad.ai
2    2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
cdn.polyfill.io
7    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    52.217.130.90 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
sa-media.s3.us-east-1.amazonaws.com
13    34.96.77.232 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 232.77.96.34.bc.googleusercontent.com
origami.secure.ownlocal.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
1    52.217.12.236 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
sa-media.s3.amazonaws.com
8    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    92.123.36.4 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-4.deploy.static.akamaitechnologies.com
a.teads.tv
11    2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
1    2.18.68.199 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-199.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
13    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:9000:206f:7200:14:c3e7:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aamcftag.aamsitecertifier.com
1    143.204.215.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-51.fra53.r.cloudfront.net
d2na2p72vtqyok.cloudfront.net
61    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
2    108.139.243.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-74.mxp63.r.cloudfront.net
sb.scorecardresearch.com
4    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
7    52.55.6.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-6-121.compute-1.amazonaws.com
travel.payvibe.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    18.66.15.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-49.vie50.r.cloudfront.net
ecdn.analysis.fi
1    18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-74.fra60.r.cloudfront.net
ecdn.firstimpression.io
2    34.204.208.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-208-160.compute-1.amazonaws.com
trkn.us
1    99.86.4.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-40.fra6.r.cloudfront.net
ats.rlcdn.com
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
4    52.208.114.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-114-227.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
19    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.cityspark.com
1    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
at.teads.tv
3    2600:9000:206e:8400:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
3    54.166.121.131 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-121-131.compute-1.amazonaws.com
geoip.instiengage.com
cms.instiengage.com
5    2600:9000:206e:4200:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
product.instiengage.com
1    52.72.183.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-183-186.compute-1.amazonaws.com
ping.chartbeat.net
1    52.88.111.28 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-111-28.us-west-2.compute.amazonaws.com
aamcf.aamsitecertifier.com
13    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net
ad.doubleclick.net
1    2.18.69.74 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-69-74.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    143.204.215.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-96.fra53.r.cloudfront.net
geo.privacymanager.io
32    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com
reporting.powerad.ai
2    23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com
hb.brainlyads.com
2    35.244.184.131 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 131.184.244.35.bc.googleusercontent.com
snowplow.ownlocal.com
2    2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
4    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    34.224.131.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-131-223.compute-1.amazonaws.com
www.i.matheranalytics.com
2    138.199.36.7 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-7.bunnyinfra.net
cdn.materialdesignicons.com
6    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    2606:4700:3030::ac43:dfc1 (United States)

ASN13335 (CLOUDFLARENET, US)
rsms.me
1    99.86.4.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-77.fra6.r.cloudfront.net
cdn.firstimpression.io
1    18.213.217.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-217-104.compute-1.amazonaws.com
pixel.zprk.io
1    34.218.13.139 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-13-139.us-west-2.compute.amazonaws.com
a.ad.gt
1    54.195.159.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-159-200.eu-west-1.compute.amazonaws.com
p.cpx.to
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
13    34.201.233.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-233-242.compute-1.amazonaws.com
geoip.insticator.com
event.insticator.com
1    3.229.55.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-55-30.compute-1.amazonaws.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com
2    2600:9000:211e:6c00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
2    65.9.66.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-74.fra56.r.cloudfront.net
get.s-onetag.com
6    2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    18.65.173.232 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-173-232.nrt57.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    23.203.125.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com
t.teads.tv
2    54.78.253.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
tag.escalated.io
12    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
4    40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
d.clarity.ms
4    34.252.110.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-110-251.eu-west-1.compute.amazonaws.com
s.cpx.to
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
1    2a02:26f0:dc::6853:521 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
csp.azureedge.net
2    99.86.240.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-25.vie50.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.215.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-41.fra53.r.cloudfront.net
signal-beacon.s-onetag.com
2    13.32.27.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-70.fra56.r.cloudfront.net
signal-segments.s-onetag.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
28    172.217.20.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s28-in-f2.1e100.net
cm.g.doubleclick.net
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
6    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    37.252.171.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
19    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net
tags.crwdcntrl.net
30    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
21    20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
citysparkstorage.blob.core.windows.net
6    3.95.107.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-107-2.compute-1.amazonaws.com
api.payvibe.com
2    2a00:1450:400d:808::2010 (Ireland)

ASN15169 (GOOGLE, US)
storage.googleapis.com
3    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-kube-ownlocal.cloudfunctions.net
4    2a04:4e42:41::720 (Vienna, Austria)

ASN54113 (FASTLY, US)
images.unsplash.com
3    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
36    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
11    2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    52.18.137.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-137-33.eu-west-1.compute.amazonaws.com
protected-by.clarium.io
1    172.255.62.201 (London, United Kingdom)

ASN36483 (GOSSAMERTHREADS, CA)
tradehouse.advertserve.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
2    54.73.211.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
bcp.crwdcntrl.net
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    2a05:d018:d29:3605:9af0:2701:a426:d747 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    34.252.50.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-50-213.eu-west-1.compute.amazonaws.com
match.360yield.com
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    23.203.124.21 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-21.deploy.static.akamaitechnologies.com
cs.media.net
2    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
4    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
7    3.124.135.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-135-253.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.229.65.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-65-185.eu-west-1.compute.amazonaws.com
ads.avct.cloud
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    2600:9000:211e:ba00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    2600:1f18:612b:4200:8aa9:ea43:9402:2506 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
4    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
6    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com
americanhometownmedia.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
12    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
6    46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de
partner.o2online.de
partner.blau.de
3    23.2.214.113 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-214-113.deploy.static.akamaitechnologies.com
www.awin1.com
3    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
10    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
4    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    2600:9000:211e:5c00:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.instiengage.com
1    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
Apex Domain
Subdomains		 Transfer
77 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 207
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 251
stats.g.doubleclick.net — Cisco Umbrella Rank: 156
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 278
559 KB
75 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 990
trc.taboola.com — Cisco Umbrella Rank: 810
trc-events.taboola.com — Cisco Umbrella Rank: 1304
vidstat.taboola.com — Cisco Umbrella Rank: 3039
am-trc-events.taboola.com — Cisco Umbrella Rank: 19256
images.taboola.com — Cisco Umbrella Rank: 1538
imprammp.taboola.com — Cisco Umbrella Rank: 11969
am-match.taboola.com — Cisco Umbrella Rank: 11841
am-vid-events.taboola.com — Cisco Umbrella Rank: 11609
sync-t1.taboola.com — Cisco Umbrella Rank: 1285
pips.taboola.com — Cisco Umbrella Rank: 1598
cds.taboola.com — Cisco Umbrella Rank: 1846
12 MB
66 wpenginepowered.com
staradvertiser.wpenginepowered.com — Cisco Umbrella Rank: 258170
980 KB
48 googlesyndication.com
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
327 KB
42 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 30006
ad4m.at — Cisco Umbrella Rank: 9355
assets.ad4m.at — Cisco Umbrella Rank: 40199
1 MB
33 criteo.net
static.criteo.net — Cisco Umbrella Rank: 736
pix.eu.criteo.net — Cisco Umbrella Rank: 6889
csm.eu.criteo.net — Cisco Umbrella Rank: 7088
369 KB
23 google.com
www.google.com — Cisco Umbrella Rank: 15
adservice.google.com — Cisco Umbrella Rank: 129
47 KB
21 windows.net
citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 42025
3 MB
17 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
519 KB
15 ownlocal.com
origami.secure.ownlocal.com — Cisco Umbrella Rank: 101974
snowplow.ownlocal.com — Cisco Umbrella Rank: 130693
188 KB
13 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 433
mug.criteo.com — Cisco Umbrella Rank: 2069
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13581
ads.eu.criteo.com — Cisco Umbrella Rank: 6928
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 8650
105 KB
13 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 32115
event.insticator.com — Cisco Umbrella Rank: 25969
1 KB
13 gstatic.com
www.gstatic.com
fonts.gstatic.com
808 KB
13 payvibe.com
travel.payvibe.com — Cisco Umbrella Rank: 446183
api.payvibe.com — Cisco Umbrella Rank: 388429
2 MB
13 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
568 KB
12 instiengage.com
geoip.instiengage.com — Cisco Umbrella Rank: 34571
auth.instiengage.com — Cisco Umbrella Rank: 24852
product.instiengage.com — Cisco Umbrella Rank: 30330
static.instiengage.com — Cisco Umbrella Rank: 37707
cms.instiengage.com — Cisco Umbrella Rank: 46273
271 KB
11 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 594
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 597
image2.pubmatic.com — Cisco Umbrella Rank: 1234
image6.pubmatic.com — Cisco Umbrella Rank: 941
image8.pubmatic.com — Cisco Umbrella Rank: 820
66 KB
11 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 14079
5 KB
10 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 485
fonts.googleapis.com — Cisco Umbrella Rank: 111
storage.googleapis.com — Cisco Umbrella Rank: 529
93 KB
8 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 324
76 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 375
3 KB
7 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4572
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5551
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6576
signal-segments.s-onetag.com — Cisco Umbrella Rank: 9644
28 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 4227
adservice.google.de — Cisco Umbrella Rank: 6468
2 KB
7 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1497
at.teads.tv — Cisco Umbrella Rank: 5007
t.teads.tv — Cisco Umbrella Rank: 2753
136 KB
6 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 75242
2 KB
6 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 77150
1 KB
6 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 99595
static-de.ad4mat.net — Cisco Umbrella Rank: 152664
12 KB
6 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 570
ib.adnxs.com — Cisco Umbrella Rank: 275
acdn.adnxs.com — Cisco Umbrella Rank: 756
23 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 441
2 KB
6 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1704
279 KB
6 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 490
582 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1432
d.clarity.ms — Cisco Umbrella Rank: 10850
21 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 87
39 KB
6 powerad.ai
powerad.ai — Cisco Umbrella Rank: 19372
reporting.powerad.ai — Cisco Umbrella Rank: 22274
52 KB
6 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1388
137 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 575
ups.analytics.yahoo.com — Cisco Umbrella Rank: 368
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1428
3 KB
5 cpx.to
p.cpx.to — Cisco Umbrella Rank: 13201
s.cpx.to — Cisco Umbrella Rank: 3515
6 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 383
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 649
49 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 876
p.typekit.net — Cisco Umbrella Rank: 1068
38 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 752
3 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1054
s.tribalfusion.com — Cisco Umbrella Rank: 2371
2 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 461
2 KB
4 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1736
973 B
4 unsplash.com
images.unsplash.com — Cisco Umbrella Rank: 13380
245 KB
4 rsms.me
rsms.me — Cisco Umbrella Rank: 18690
448 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1135
70 KB
4 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1362
2 KB
4 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 14377
www.i.matheranalytics.com — Cisco Umbrella Rank: 13774
42 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 115
184 KB
4 amazonaws.com
sa-media.s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 430404
sa-media.s3.amazonaws.com — Cisco Umbrella Rank: 417762
h99w9l39sa.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 39804
47 KB
4 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1876
cdn.polyfill.io — Cisco Umbrella Rank: 3500
1 KB
4 staradvertiser.com
www.staradvertiser.com — Cisco Umbrella Rank: 108123
41 KB
3 conrad.de
www.conrad.de — Cisco Umbrella Rank: 65384
1 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 17099
2 KB
3 blau.de
partner.blau.de — Cisco Umbrella Rank: 120367
3 KB
3 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 90337
4 KB
3 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562
htlb.casalemedia.com — Cisco Umbrella Rank: 630
3 KB
3 cloudfunctions.net
us-central1-kube-ownlocal.cloudfunctions.net — Cisco Umbrella Rank: 132510
543 B
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1693
id.crwdcntrl.net — Cisco Umbrella Rank: 1794
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1179
10 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1338
id5-sync.com — Cisco Umbrella Rank: 510
18 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1821
mab.chartbeat.com — Cisco Umbrella Rank: 2817
25 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1110
66 KB
2 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3397
365 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 711
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1074
r.turn.com — Cisco Umbrella Rank: 4129
869 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4750
890 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 924
927 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3064
787 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
203 B
2 escalated.io
tag.escalated.io — Cisco Umbrella Rank: 32445
30 KB
2 materialdesignicons.com
cdn.materialdesignicons.com — Cisco Umbrella Rank: 31638
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
113 KB
2 brainlyads.com
hb.brainlyads.com — Cisco Umbrella Rank: 19438
191 KB
2 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2399
api.rlcdn.com — Cisco Umbrella Rank: 1016
38 KB
2 trkn.us
trkn.us — Cisco Umbrella Rank: 2798
1 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 27305
cdn.firstimpression.io — Cisco Umbrella Rank: 27373
100 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 196
2 KB
2 aamsitecertifier.com
aamcftag.aamsitecertifier.com — Cisco Umbrella Rank: 87221
aamcf.aamsitecertifier.com — Cisco Umbrella Rank: 59025
28 KB
2 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 49591
p.cityspark.com — Cisco Umbrella Rank: 32543
16 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 855
2 KB
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2890
1 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 835
533 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 956
338 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 2302
351 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1107
761 B
1 americanhometownmedia.com
americanhometownmedia.com — Cisco Umbrella Rank: 83086
103 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1476
574 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 856
443 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1937
1 KB
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 12714
551 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 33731
607 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2692
255 B
1 advertserve.com
tradehouse.advertserve.com — Cisco Umbrella Rank: 108844
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3341
8 KB
1 azureedge.net
csp.azureedge.net — Cisco Umbrella Rank: 46691
61 KB
1 ad.gt
a.ad.gt — Cisco Umbrella Rank: 4103
4 KB
1 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 22009
3 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2294
596 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1438
3 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1334
201 B
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 34863
2 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1273
44 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4062
149 KB
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 3814
45 KB
0 insiderdata360online.com Failed
insiderdata360online.com Failed
714 105
Domain Requested by
66 staradvertiser.wpenginepowered.com www.staradvertiser.com
staradvertiser.wpenginepowered.com
d3plfjw9uod7ab.cloudfront.net
32 securepubads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
travel.payvibe.com
www.staradvertiser.com
securepubads.g.doubleclick.net
www.googletagservices.com
d3lcz8vpax4lo2.cloudfront.net
30 images.taboola.com www.staradvertiser.com
30 tpc.googlesyndication.com www.staradvertiser.com
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
28 cm.g.doubleclick.net 4 redirects f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
www.staradvertiser.com
c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
27 cdn.taboola.com www.staradvertiser.com
cdn.taboola.com
21 citysparkstorage.blob.core.windows.net www.staradvertiser.com
19 static.criteo.net d3plfjw9uod7ab.cloudfront.net
ads.eu.criteo.com
19 www.google.com d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
travel.payvibe.com
www.google.com
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
tpc.googlesyndication.com
c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
18 assets.ad4m.at as.ad4m.at
13 ad.doubleclick.net 12 redirects www.staradvertiser.com
13 www.googletagservices.com www.staradvertiser.com
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
www.googletagmanager.com
c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
13 origami.secure.ownlocal.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
cdnjs.cloudflare.com
12 ad4m.at as.ad4m.at
ad4m.at
12 as.ad4m.at f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
12 event.insticator.com d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
11 pagead2.googlesyndication.com f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
www.staradvertiser.com
c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
tpc.googlesyndication.com
11 analyticssystems.net www.staradvertiser.com
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
11 d3plfjw9uod7ab.cloudfront.net www.staradvertiser.com
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
10 pix.eu.criteo.net ads.eu.criteo.com
8 www.gstatic.com www.google.com
www.gstatic.com
8 cdnjs.cloudflare.com www.staradvertiser.com
origami.secure.ownlocal.com
cdn.cityspark.com
ads.eu.criteo.com
7 x.bidswitch.net 7 redirects
7 am-trc-events.taboola.com www.staradvertiser.com
7 travel.payvibe.com www.staradvertiser.com
travel.payvibe.com
7 fonts.googleapis.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
origami.secure.ownlocal.com
travel.payvibe.com
client
6 www.lead-alliance.net 6 redirects
6 www.telefonica-partner.de 6 redirects
6 api.payvibe.com travel.payvibe.com
6 match.adsrvr.org www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
imprammp.taboola.com
am-match.taboola.com
c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
6 cdn.confiant-integrations.net d3lcz8vpax4lo2.cloudfront.net
cdn.confiant-integrations.net
www.googletagmanager.com
6 cdn.jsdelivr.net 2 redirects origami.secure.ownlocal.com
cdn.jsdelivr.net
6 www.google-analytics.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
www.googletagmanager.com
6 use.fontawesome.com www.staradvertiser.com
use.fontawesome.com
d3plfjw9uod7ab.cloudfront.net
5 fonts.gstatic.com www.google.com
fonts.googleapis.com
5 f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
4 static.instiengage.com www.staradvertiser.com
4 csm.eu.criteo.net ads.eu.criteo.com
4 sync.search.spotxchange.com 4 redirects
4 eb2.3lift.com 4 redirects
4 gum.criteo.com 2 redirects d3plfjw9uod7ab.cloudfront.net
4 protected-by.clarium.io f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
4 images.unsplash.com www.staradvertiser.com
4 image2.pubmatic.com 4 redirects
4 adservice.google.com d3plfjw9uod7ab.cloudfront.net
securepubads.g.doubleclick.net
4 adservice.google.de d3plfjw9uod7ab.cloudfront.net
securepubads.g.doubleclick.net
4 s.cpx.to d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
4 d.clarity.ms d3plfjw9uod7ab.cloudfront.net
4 rsms.me origami.secure.ownlocal.com
rsms.me
4 unpkg.com origami.secure.ownlocal.com
4 auth.instiengage.com d3plfjw9uod7ab.cloudfront.net
auth.instiengage.com
d3lcz8vpax4lo2.cloudfront.net
4 jadserve.postrelease.com d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
4 www.googletagmanager.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
www.googleoptimize.com
4 a.teads.tv www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
4 powerad.ai www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
4 use.typekit.net www.staradvertiser.com
use.typekit.net
d3plfjw9uod7ab.cloudfront.net
4 www.staradvertiser.com d3plfjw9uod7ab.cloudfront.net
3 ib.adnxs.com d3plfjw9uod7ab.cloudfront.net
acdn.adnxs.com
3 www.conrad.de as.ad4m.at
3 www.awin1.com 3 redirects
3 partner.blau.de as.ad4m.at
3 partner.o2online.de as.ad4m.at
3 image8.pubmatic.com 2 redirects www.staradvertiser.com
3 static-de.ad4mat.net as.ad4m.at
3 pr-bh.ybp.yahoo.com 3 redirects
3 mug.criteo.com www.staradvertiser.com
3 prod-rtb.ad4mat.net www.staradvertiser.com
3 us-central1-kube-ownlocal.cloudfunctions.net www.staradvertiser.com
3 www.google.de www.staradvertiser.com
3 stats.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
3 cdn.polyfill.io origami.secure.ownlocal.com
travel.payvibe.com
3 d3lcz8vpax4lo2.cloudfront.net d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
d3lcz8vpax4lo2.cloudfront.net
3 c.amazon-adsystem.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
3 maxcdn.bootstrapcdn.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
2 cat.fr.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
2 rtb.fr.eu.criteo.com www.staradvertiser.com
2 c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
2 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
2 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
2 sync.1rx.io 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 ads.avct.cloud 2 redirects
2 s.tribalfusion.com f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
2 a.tribalfusion.com 2 redirects
2 cms.quantserve.com f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
2 match.360yield.com 2 redirects
2 id5-sync.com d3plfjw9uod7ab.cloudfront.net
2 storage.googleapis.com www.staradvertiser.com
2 secure.adnxs.com 2 redirects
2 www.facebook.com www.staradvertiser.com
2 signal-segments.s-onetag.com d3plfjw9uod7ab.cloudfront.net
2 onetag-geo.s-onetag.com d3plfjw9uod7ab.cloudfront.net
2 tag.escalated.io d3plfjw9uod7ab.cloudfront.net
2 trc.taboola.com d3plfjw9uod7ab.cloudfront.net
2 t.teads.tv www.staradvertiser.com
2 aax-dtb-cf.amazon-adsystem.com d3plfjw9uod7ab.cloudfront.net
2 get.s-onetag.com d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
2 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
2 cdn.materialdesignicons.com 2 redirects
2 www.i.matheranalytics.com www.staradvertiser.com
2 connect.facebook.net www.staradvertiser.com
connect.facebook.net
2 snowplow.ownlocal.com www.staradvertiser.com
2 hb.brainlyads.com www.staradvertiser.com
powerad.ai
2 reporting.powerad.ai d3plfjw9uod7ab.cloudfront.net
2 geoip.instiengage.com d3plfjw9uod7ab.cloudfront.net
product.instiengage.com
2 trkn.us 1 redirects www.staradvertiser.com
2 js.matheranalytics.com 1 redirects www.staradvertiser.com
2 www.clarity.ms www.staradvertiser.com
www.clarity.ms
2 sb.scorecardresearch.com www.staradvertiser.com
2 sa-media.s3.us-east-1.amazonaws.com www.staradvertiser.com
2 static.chartbeat.com www.staradvertiser.com
1 js-sec.indexww.com americanhometownmedia.com
1 acdn.adnxs.com americanhometownmedia.com
1 htlb.casalemedia.com d3plfjw9uod7ab.cloudfront.net
1 apex.go.sonobi.com d3plfjw9uod7ab.cloudfront.net
1 c2shb.ssp.yahoo.com d3plfjw9uod7ab.cloudfront.net
1 ap.lijit.com d3plfjw9uod7ab.cloudfront.net
1 cms.instiengage.com product.instiengage.com
1 product.instiengage.com d2na2p72vtqyok.cloudfront.net
1 ups.analytics.yahoo.com 1 redirects
1 onetag-sys.com 1 redirects
1 rtb.openx.net c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
1 p.rfihub.com 1 redirects
1 cds.taboola.com d3plfjw9uod7ab.cloudfront.net
1 americanhometownmedia.com www.googletagmanager.com
1 pips.taboola.com d3plfjw9uod7ab.cloudfront.net
1 am-vid-events.taboola.com www.staradvertiser.com
1 am-match.taboola.com d3plfjw9uod7ab.cloudfront.net
1 imprammp.taboola.com d3plfjw9uod7ab.cloudfront.net
1 sync.targeting.unrulymedia.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 r.turn.com f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 cs.media.net 1 redirects
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 bcp.crwdcntrl.net d3plfjw9uod7ab.cloudfront.net
1 api.rlcdn.com d3plfjw9uod7ab.cloudfront.net
1 id.crwdcntrl.net d3plfjw9uod7ab.cloudfront.net
1 lexicon.33across.com d3plfjw9uod7ab.cloudfront.net
1 tradehouse.advertserve.com www.staradvertiser.com
1 vidstat.taboola.com d3plfjw9uod7ab.cloudfront.net
1 tags.crwdcntrl.net d3plfjw9uod7ab.cloudfront.net
1 cdn.id5-sync.com d3plfjw9uod7ab.cloudfront.net
1 oa.openxcdn.net d3plfjw9uod7ab.cloudfront.net
1 signal-beacon.s-onetag.com d3plfjw9uod7ab.cloudfront.net
1 csp.azureedge.net d3plfjw9uod7ab.cloudfront.net
1 trc-events.taboola.com www.staradvertiser.com
1 hbopenbid.pubmatic.com d3plfjw9uod7ab.cloudfront.net
1 h99w9l39sa.execute-api.us-east-1.amazonaws.com d3plfjw9uod7ab.cloudfront.net
1 geoip.insticator.com d3plfjw9uod7ab.cloudfront.net
1 p.cpx.to d3plfjw9uod7ab.cloudfront.net
1 a.ad.gt d3plfjw9uod7ab.cloudfront.net
1 pixel.zprk.io d3plfjw9uod7ab.cloudfront.net
1 cdn.firstimpression.io d3plfjw9uod7ab.cloudfront.net
1 googleads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
1 geo.privacymanager.io d3plfjw9uod7ab.cloudfront.net
1 widgets.outbrain.com www.staradvertiser.com
1 aamcf.aamsitecertifier.com www.staradvertiser.com
1 ping.chartbeat.net www.staradvertiser.com
1 at.teads.tv d3plfjw9uod7ab.cloudfront.net
1 p.cityspark.com d3plfjw9uod7ab.cloudfront.net
1 mab.chartbeat.com d3plfjw9uod7ab.cloudfront.net
1 ats.rlcdn.com d3plfjw9uod7ab.cloudfront.net
1 ecdn.firstimpression.io d3plfjw9uod7ab.cloudfront.net
1 ecdn.analysis.fi d3plfjw9uod7ab.cloudfront.net
1 d2na2p72vtqyok.cloudfront.net www.staradvertiser.com
1 aamcftag.aamsitecertifier.com www.staradvertiser.com
1 p.typekit.net use.typekit.net
1 ads.pubmatic.com www.staradvertiser.com
1 sa-media.s3.amazonaws.com www.staradvertiser.com
1 cdn.cityspark.com www.staradvertiser.com
1 polyfill.io www.staradvertiser.com
1 www.googleoptimize.com www.staradvertiser.com
1 s.ntv.io www.staradvertiser.com
1 content.jwplatform.com www.staradvertiser.com
1 ajax.googleapis.com www.staradvertiser.com
0 insiderdata360online.com Failed www.staradvertiser.com
714 180
Subject Issuer Validity Valid
*.staradvertiser.com
Go Daddy Secure Certificate Authority - G2		 2022-01-29 -
2023-03-02		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-18 -
2023-04-18		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
jwplayer.com
Amazon		 2022-11-27 -
2023-12-25		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-10-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
powerad.ai
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
widget.secure.ownlocal.com
GTS CA 1D4		 2022-12-25 -
2023-03-25		 3 months crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-24 -
2023-09-24		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.analyticssystems.net
E1		 2022-11-28 -
2023-02-26		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.aamsitecertifier.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
*.payvibe.com
Amazon		 2022-10-12 -
2023-11-10		 a year crt.sh
analysis.fi
Amazon		 2022-11-03 -
2023-12-02		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.postrelease.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.cityspark.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-08 -
2023-03-11		 a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.powerad.ai
Go Daddy Secure Certificate Authority - G2		 2022-09-14 -
2023-10-12		 a year crt.sh
hb.brainlyads.com
Go Daddy Secure Certificate Authority - G2		 2022-11-23 -
2023-12-25		 a year crt.sh
snowplow.ownlocal.com
GTS CA 1D4		 2022-12-03 -
2023-03-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-05 -
2023-01-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.i.matheranalytics.com
Amazon		 2022-12-14 -
2024-01-13		 a year crt.sh
*.zprk.io
Amazon		 2022-10-19 -
2023-11-17		 a year crt.sh
*.ad.gt
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-13 -
2023-01-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2022-07-27 -
2023-08-26		 a year crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon		 2022-06-22 -
2023-07-21		 a year crt.sh
*.s-onetag.com
Amazon		 2022-12-04 -
2024-01-02		 a year crt.sh
*.confiant-integrations.net
E1		 2022-11-24 -
2023-02-22		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.escalated.io
Go Daddy Secure Certificate Authority - G2		 2022-01-03 -
2023-02-04		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-17		 a year crt.sh
*.azureedge.net
Microsoft Azure ECC TLS Issuing CA 01		 2022-07-27 -
2023-07-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-12-02 -
2023-03-02		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 02		 2022-11-17 -
2023-11-12		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
misc.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
images.unsplash.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-06-08 -
2023-07-10		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-12-13 -
2023-03-13		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M02		 2022-12-16 -
2024-01-14		 a year crt.sh
*.advertserve.com
Go Daddy Secure Certificate Authority - G2		 2022-03-03 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-05-12 -
2023-06-13		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-07 -
2023-03-12		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-22 -
2023-03-26		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh

This page contains 47 frames:

Primary Page: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Frame ID: 9B96392B361EB85CD7908246F3A6E949
Requests: 347 HTTP requests in this frame

Frame: https://travel.payvibe.com/affiliate/hotdealshawaii
Frame ID: DC76755B50E8F11123EA1DC6A9CED88A
Requests: 16 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: B6445949390C4D311FA503C0FBF224C8
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/prebid.js
Frame ID: BCE62F3F6C47CEF111BBEA1BC40B39CD
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: 5CBB5EB97A86BC4F7A843CD7E66A2156
Requests: 1 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Frame ID: 3C19AEAF62239E31318D3C27DAFA24CE
Requests: 18 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Frame ID: 48666B4D4F095C7E1695CBE9FB1BF9E6
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=36v04u5a7qbf
Frame ID: 9B42196DCA5DF773FB3CCAF2A11CB280
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=40glgfe7wcoz
Frame ID: E727310CF1B6F77E594260A093ED7256
Requests: 7 HTTP requests in this frame

Frame: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 280A055FE94052AF4DC73621A1B7500C
Requests: 1 HTTP requests in this frame

Frame: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EC427BC857FE3C2E9422CB0D0FE401B3
Requests: 13 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 198D8CAAF70E0A4F9DD46737563DAAC0
Requests: 11 HTTP requests in this frame

Frame: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C2EE4BA2EC3A263C823DF0848C7A93AF
Requests: 13 HTTP requests in this frame

Frame: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 276BAA8AE31ED87746BE1A22AA0BC73E
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1139F415D83935020DECC2345DCEC9F5
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gfp0av1xg3tn0c7z952162zeffzcznqzsx46kvjtd3h93ggsy7h7452w6c487nm92341d7cb91q7fzdsbwpvhj3dx3jnmfk0284mjczbs8g384cmh7axkz716fvj0f7pb6mh7acmsrmta5xwegqqmdd2zjay1mf4cfzbm2crhvpkqx5bawk7qeay3amvb898d3j48vk0gbzneqhcrp64g35s35rtb694gc6zn71d9a78xhefasscv1erns6jtk9d5rbat6rr6jsvqh0m2f2ffxe3jrax962ks10751nsdjrz0vmkmndw30718hhrmyf0tn32f568m0cmx55enag4qr21avj2wbj13pw7gtdtbgv4s40n0t0h6rt0xg5f9sj8a10kj9kdymyfwgz09a4jh90ye3bca1436fkqdv9hctw3pc2j6mf4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: 597871EEB3944CA04B0DF2B9E0F89557
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D5E4320E04AB534238EEA4FF064C3EBF
Requests: 9 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 15705E728767E00A8A75790C0EC83C8B
Requests: 12 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 626B9B3BBBDC9F40F02C90E49298CB72
Requests: 8 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 2414FEDA9691CE0F032D2E03F2278772
Requests: 24 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 089A0E47BD990CC02E9BBEF38550AE28
Requests: 11 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 650D8751AAC57B816704AB289927D748
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gg8b1yqqy0v1f6b3fhg9sg0yxxyne5cvep6q2zq7v6s6btdm7fc4z9stxbap1e82sc3njsk8r3t6ytkgv5m63e2yytd1pv7gs4wj5j4b5r4rbgvnm1n7jmmkxs0xcbe44xx5976wmewxc0xf141atc6vp6xwh1d8rgnt4xqsqvydr14dqbryn482at046z9cncs5ctw141ss69ya7910j7rrm9xp92mbve5qn5b3p92p6y1hrpeevkcgxcr7xdn6z3tp6rgyy6hm7xffnamt7g9kcj0t7f2wk3ndq44rn79wkcdxrgcgx9fm3nky5pne6j128n6tcgkw315bm5nds3s0xeq9h5apqtqfgqhh4nwb0yxqyf9jnncsx9jmv6tmzjqwbbr32y3b7g7dqg7sqtwdpz92217c6cq1krnypx7gdfkz7y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: 0B23250056F03F0DB1FAECF478FF2A87
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4FA6CA6790D254B2D64B314F5F1A9CDD
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kxshhgwhj8kn4xn630nn7j1cwwctf8tem3f2ykqgz6nk4ygjhagb8vtq8j4t9kpm99tn712w9gw6ygfs5112bytdmr598tvmb4p9n4ve33w5k6q99pvqgkek895hy1gkn3rhab6vmfvcq6qwjjfcy0aas1vqtjdxjckvmnjc49dr7scegxvjsdk1mtsmpnyf6taj93c5v0gssn2ktpp6bdb5pf5gpzzxjrf5a21ewr82zs3q86p4ctz7xnxtxrwhz2rhpg220ejptpf85k0mzbha86ejramcmckem9xkwwds3q7635e62myf3hyxxj8wxwxyh4fx75hkgfbdabajc21rh7n8hdyx6qfr1r9q0mje5qc2pjqnsn5prg3bnkqwycs0n7q4n8dbq0p15nb6mdqtcvtnqq3tds9r7qvdhrghx58xjpc8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: FFA13FD49EEE7D6DC847C06CDBEABFC1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 568AC9F80EA6024AED0E13FDDC5BFD78
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.staradvertiser.com
Frame ID: E7DCBF768539F1E901D0BF0D8A7579AF
Requests: 2 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: F95DA5688ACBE28A317B5BE12F6665F3
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7kR8CFgNvKRxQw7KuiQRvKRxQw7KuiQUAAAAGBvQHJOUwDjeeycitWMyMa9FitnFLnDOHWzkyziwzi2G5cTiMQFIO43DjmYzcisXMuBYtZhu3xDlzuJUj48wysxiWG4fDCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b6tB0Onyue73u97trTg_Lw2R7WU5Pz8ty1_jdfslgMtkrJnvJai-xvBxep93nlrt8n7_a6bM87KbPW2T5Gw4vk1vucljessNb6LBcnp630O92ufV2t8zy9DlNbo3R8vSc3g7PW2V7-eUAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxcFwrrv1ZTc6XJ-X3R8AAAAAIAAAAAAkAAP7jSUAF6-JJ___________MQP0mTcy_____zcGPQAPPgAPQgAAAB9DdygvTK2_a1ZEBX9FjAAAAABkRaMXjyZ1QmVR9f__328FcAUAEFAIBYmUnaU7KPEWBgAAUDC2QA-L32922DV-t8v-_________83-z_7RhIjMzNKCWAAA1H4BAQDWfgEBANjUDQDgTQAu6AhaMRisTiEWs8FyM1kOlrMDAAAAuPv____XA4GJxzJxbpabhWPj2zhnzslwZdiYlgvLaGKbDEbe4wVp3blzci7uCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwHOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIExPbbLdajtzKiWnhFm1ctrVw5jCtZSaPZbgyeVzOmcUten1MD4dnYVvttigYoLYXydMinegmi8Fy4dssJ77ZbjhbGWcu52AxnBh2q5lhY3FNxBLNySKdyC77wsRjmTg3y83CsfFtnDPnZLgybEzLhWU0sU0GI39jYpvtVsuRWzkxLdyijcu2Fs4cprXM5LEMVyaPyzmzuEWvj-nh8Cxsq92-MdtNBsvNcrHYN2a7yWC5WS4W-w6d4bv6nI3KlzHj0SmL3rNUa3MYFC6DxfuTmBbT7uzg-f2OTpv6pSzqjMLL9-g1KDwHj2o7ei6z5sb12DqNvweDIpYILtKJ3mF0vTWnh-Vhsr0sp6fnZbmIJUrTRTrRSwaTyV4x2UtWe4nl5fA67T633OX7_NVOn-VhN33eIsvfcHiZ3HKXw_KWHd5Ch-Xy9LyFfrfLrbe7ZZanz2lya4yWp-f0dnjeKtvLIpYIThfpRPQyni7qPz7EbjhXzCZzyWA5V2yWqwQAAAAAAAAAsIQ58yYAAAAAp4HMFoPBap0HsVpNJrPVcgEirFh1gUEAAAAAAAB281aoal2FKWCKGz-eeIfR9dacHpaHyfaynJ6el-XKABFWqsybPxPEWq2WNQAAgAA2AABAALdu3gLCrPj_____OAAAABk5egAAAPp9oCgQAAAAAAB-glwsVgM!&cmcv=&pix=undefined&cb=1672093914316&uv=3246&tms=1672093914316&abt=esv_vC!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=ea88c32d-11f8-416c-b9fa-9d8f2fb09caa&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 4D624A5D40D6F1A4593BA9F08C87A06D
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7kR8CFgNvKRxQw7KuiQRvKRxQw7KuiQUAAAAGBvQHJOUwDjeeycitWMyMa9FitnFLnDOHWzkyziwzi2G5cTiMQFIO43DjmYzcisXMuBYtZhu3xDlzuJUj48wysxiWG4fDCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b6tB0Onyue73u97trTg_Lw2R7WU5Pz8ty1_jdfslgMtkrJnvJai-xvBxep93nlrt8n7_a6bM87KbPW2T5Gw4vk1vucljessNb6LBcnp630O92ufV2t8zy9DlNbo3R8vSc3g7PW2V7-eUAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxcFwrrv1ZTc6XJ-X3R8AAAAAIAAAAAAkAAP7jSUAF6-JJ___________MQP0mTcy_____zcGPQAPPgAPQgAAAB9DdygvTK2_a1ZEBX9FjAAAAABkRaMXjyZ1QmVR9f__328FcAUAEFAIBYmUnaU7KPEWBgAAUDC2QA-L32922DV-t8v-_________83-z_7RhIjMzNKCWAAA1H4BAQDWfgEBANjUDQDgTQAu6AhaMRisTiEWs8FyM1kOlrMDAAAAuPv____XA4GJxzJxbpabhWPj2zhnzslwZdiYlgvLaGKbDEbe4wVp3blzci7uCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwHOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIExPbbLdajtzKiWnhFm1ctrVw5jCtZSaPZbgyeVzOmcUten1MD4dnYVvttigYoLYXydMinegmi8Fy4dssJ77ZbjhbGWcu52AxnBh2q5lhY3FNxBLNySKdyC77wsRjmTg3y83CsfFtnDPnZLgybEzLhWU0sU0GI39jYpvtVsuRWzkxLdyijcu2Fs4cprXM5LEMVyaPyzmzuEWvj-nh8Cxsq92-MdtNBsvNcrHYN2a7yWC5WS4W-w6d4bv6nI3KlzHj0SmL3rNUa3MYFC6DxfuTmBbT7uzg-f2OTpv6pSzqjMLL9-g1KDwHj2o7ei6z5sb12DqNvweDIpYILtKJ3mF0vTWnh-Vhsr0sp6fnZbmIJUrTRTrRSwaTyV4x2UtWe4nl5fA67T633OX7_NVOn-VhN33eIsvfcHiZ3HKXw_KWHd5Ch-Xy9LyFfrfLrbe7ZZanz2lya4yWp-f0dnjeKtvLIpYIThfpRPQyni7qPz7EbjhXzCZzyWA5V2yWqwQAAAAAAAAAsIQ58yYAAAAAp4HMFoPBap0HsVpNJrPVcgEirFh1gUEAAAAAAAB281aoal2FKWCKGz-eeIfR9dacHpaHyfaynJ6el-XKABFWqsybPxPEWq2WNQAAgAA2AABAALdu3gLCrPj_____OAAAABk5egAAAPp9oCgQAAAAAAB-glwsVgM!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 209B9AD019B484B5A10F7D12580D42EF
Requests: 4 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4DC83CF2E6F0EE154E229248F3806C76
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FEFD799F4838932F4F198156A37EAEF5
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: BF51CA989706CCB65B47D49D828D9362
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Frame ID: 3BCFF87803FE909087A3847B15ECC113
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Frame ID: 567842C75CB640C2E5D6220A0C9A6255
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Frame ID: 01911940BE1F3D08BE7CB74FC70282FA
Requests: 11 HTTP requests in this frame

Frame: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FADD0F68026588226F5B5010CF368A80
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 71DB5195C21A4A3482250D153D958147
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 93275712BE1F530DCDF9E1183A50B743
Requests: 2 HTTP requests in this frame

Frame: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5B5DD33B19680E36CB620628CBBF1879
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: 400D042B1A9478DB92767BACB4BC626B
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E76A243A30E8B1B6C4F1FEF2B2967288
Requests: 9 HTTP requests in this frame

Frame: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Frame ID: 9FF0EA7C246A477E82D118C4187C4CC0
Requests: 7 HTTP requests in this frame

Frame: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 19C9A1E670B0A1D02F8296BE5C17B6A2
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Frame ID: E0AA6F9B03CCFA4CE8C691760B1142BF
Requests: 17 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5C79DF7793FFDA655A40E8C00D80BF26
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 490F6532180AC640BD09DB152EFC6E34
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Migrants dropped near VP Harris’ home on frigid Christmas EveArrow LeftArrow RightGroup 3Group 3Group 3Group 3

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

714
Requests

92 %
HTTPS

42 %
IPv6

105
Domains

180
Subdomains

139
IPs

8
Countries

26459 kB
Transfer

50630 kB
Size

109
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://js.matheranalytics.com/s/ma15446/988352900/ml.js?cb=1613 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma15446/988352900/2/ml.br.js
Request Chain 86
  • https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7539417397242.767;v=120 HTTP 302
  • https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7539417397242.767;v=120;ip=178.162.209.139;cuidchk=1
Request Chain 176
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 179
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 261
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713&google_gid=CAESEFvzG_uyrC9NM0hnYzl_8Gw&google_cver=1
Request Chain 262
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De203feea-5a0f-48c9-aa6e-91eb1fb96713 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De203feea-5a0f-48c9-aa6e-91eb1fb96713 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B81A9662-136D-42F9-BBF5-8EF5985BA510&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713
Request Chain 264
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12967%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.staradvertiser.com%252F2022%252F12%252F25%252Fbreaking-news%252Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%252F%26hn_ver%3D40%26fid%3De203feea-5a0f-48c9-aa6e-91eb1fb96713%26dsp%3Dpub_common%26dsp_uid%3D8327e681-1cb0-4dde-87c0-4dfaa61a0056 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12967%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.staradvertiser.com%25252F2022%25252F12%25252F25%25252Fbreaking-news%25252Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%25252F%2526hn_ver%253D40%2526fid%253De203feea-5a0f-48c9-aa6e-91eb1fb96713%2526dsp%253Dpub_common%2526dsp_uid%253D8327e681-1cb0-4dde-87c0-4dfaa61a0056 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=4079998900732099964&pid=12967&ref=&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&hn_ver=40&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713&dsp=pub_common&dsp_uid=8327e681-1cb0-4dde-87c0-4dfaa61a0056
Request Chain 402
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=yqkVGnxKK01hSk92cFdad3haVzNPTTk5cERIN3p3QWlyUkhuM0dkaXBEdTgvSzEvc1hZT0lKWG4xZWJZVUhmNmRKSVJEYVpoV2Y5dXF6K3V5NkNrdWkzV3JsUHZhcmphZ25Ra3hyN2ptUXF6UnJPQU9FZloxckx6a3IvMDVydjFYRHFIRm5DajVvZ09OUUlxbnUya2tNcTZzTmttdzk2VTY3V2hIN0tjV1hHWTJnN1o2NWNwS3AyeE96Nmxjc3VkdWVQTVdHaHlkRkpPbTBWa01nNjFzUHEwYlJTR293Y1h5ekZnMHVHZE5SWWRDQlJPMEVNbVFjTnQ5SGs2UWNYdnVkZ2M2fA&cppv=2
Request Chain 469
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEZSJ7d0RIXhtRQuvvx8ZaA&google_cver=1&google_push=AavPq0P8B5MOzgUPfk7JoPYKJGD08VLqTb08AkWd_sq-Jt3OBsxEe4kgpBsIEJtl4Kg9FovhDr6g12rV1bF1gCv9hmx5ZrLQPjo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0P8B5MOzgUPfk7JoPYKJGD08VLqTb08AkWd_sq-Jt3OBsxEe4kgpBsIEJtl4Kg9FovhDr6g12rV1bF1gCv9hmx5ZrLQPjo&google_hm=AqYTITy-QuyRyv2ROx1G1Ys
Request Chain 470
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEI4IQXgXMutxdVQQSYC9x-w&google_cver=1&google_push=AavPq0MeB9H6rP1s3f5QOvqLhMgwg5fBuJniWjphuTpm9LMJaUriSSR1NC2hxxp6jdi3g_slE2Wmh9P_w3-eCRZeq6BeKeBCllo HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mJrunkyNSFmjL60TO3Vkfg2&google_push=AavPq0MeB9H6rP1s3f5QOvqLhMgwg5fBuJniWjphuTpm9LMJaUriSSR1NC2hxxp6jdi3g_slE2Wmh9P_w3-eCRZeq6BeKeBCllo
Request Chain 471
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOwMMqYlvshpcE4oqset-M8&google_cver=1&google_push=AavPq0Mu5uONfubiePI_rxEYm7PMWhgzheUPijJ4MVN4Ly2Xh6pBo21RRNLIXbVdUW5dqt1GH62xdAY3cCddiQuLZwgJUlLTd8E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mu5uONfubiePI_rxEYm7PMWhgzheUPijJ4MVN4Ly2Xh6pBo21RRNLIXbVdUW5dqt1GH62xdAY3cCddiQuLZwgJUlLTd8E&google_hm=eS1aVkhhRGlORTJwR1FsazN3VV9BLl9uTnp4bkRBTlhWZH5B
Request Chain 472
  • https://match.360yield.com/match/ebda?google_gid=CAESELJEbDYQh4l6YEyXgIKtEDY&google_cver=1&google_push=AavPq0M9akYmqZKDkUHTNgUO4HFnPZJ7XmAZl7KLBeku6ZUOKcVvSirpP83HiF96_h_RLsnfobWYjIiCydKqTaRjcay7mIBO5g HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELJEbDYQh4l6YEyXgIKtEDY&google_cver=1&google_push=AavPq0M9akYmqZKDkUHTNgUO4HFnPZJ7XmAZl7KLBeku6ZUOKcVvSirpP83HiF96_h_RLsnfobWYjIiCydKqTaRjcay7mIBO5g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=tneLQvsgTpeeqoUIL9-47w&google_push=AavPq0M9akYmqZKDkUHTNgUO4HFnPZJ7XmAZl7KLBeku6ZUOKcVvSirpP83HiF96_h_RLsnfobWYjIiCydKqTaRjcay7mIBO5g
Request Chain 473
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEATWS3BY-r27nyY3hr9z0JQ&google_cver=1&google_push=AavPq0Ntymozg-zwzTh-yosBJLOk8zVB9GZDNgMWnSvD39Be6D09CywVfhnLnoGyLUNBcH_qpfMqD80tKle7EIjusaIvWnvTzHM HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0Ntymozg-zwzTh-yosBJLOk8zVB9GZDNgMWnSvD39Be6D09CywVfhnLnoGyLUNBcH_qpfMqD80tKle7EIjusaIvWnvTzHM&google_gid=CAESEATWS3BY-r27nyY3hr9z0JQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQzOTUxMTU5NjY2NjM2NTUxODg0MQ%3D%3D&google_push=AavPq0Ntymozg-zwzTh-yosBJLOk8zVB9GZDNgMWnSvD39Be6D09CywVfhnLnoGyLUNBcH_qpfMqD80tKle7EIjusaIvWnvTzHM
Request Chain 474
  • https://cs.media.net/cksync?type=g&google_gid=CAESEIFi9lx3wy3w9HlcOPpl4lY&google_cver=1&google_push=AavPq0N4cTy9h2-CquhIvYOyywwbCmynbySreAVchsOQF18VZWm0IHqfiXsE7_cvetT9CKzN-rSJTDj93EmxWjmssi0TgPGKpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE1MDk1NTEzMTQ5MjM4MzAwMFYxMA%3d%3d&mn_hm=MzE1MDk1NTEzMTQ5MjM4MzAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0N4cTy9h2-CquhIvYOyywwbCmynbySreAVchsOQF18VZWm0IHqfiXsE7_cvetT9CKzN-rSJTDj93EmxWjmssi0TgPGKpw&gdpr=&gdpr_consent=
Request Chain 482
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=staradvertiser.com&sn=ChromeSyncframe&so=0&topUrl=www.staradvertiser.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=hLFQmXxLdFNYOS95TFovd0tXc3YzakVmVk9VdkxENkZ3NSs5NDhjYndpOGRKOW9UVXhjdUtaWVhwMC9nVk5UU00xKzdOa2piZXdLS2JoclVTMmtWaHovcU1yQUp5Y2YzcytVRHRqUG00UHVGRzl2OVVUWU9SbzIxdVBxVm5LdzE5aWtrcThITXAzMUhORWp4RXR5Vy9FQm13SzRJWTRiWnl1UUk3QWwyQXFGa0pFVE1SUXoxQkNSS1RBeGVNSVd2eGF2MzdCVGpteUlWNVZ4a0ptV0hCb0lYcGFnWFdwVDR3aEhLSVVuNVlwQ2lIakQrbkNMNDFnYnlJRk5vZm1RQW5BU3o5cVpmbXFVcENLbTBibEtDN2ZkWS9nL0V1bWFlR0J0Y3QxMlFXR2hHNEREND18&cppv=2
Request Chain 484
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBFif2H37WZzuKn0i9gfIKs&google_cver=1&google_push=AavPq0N1CnGCdM8fAS2VMAHZGFHqHN79Ls7Q6YyhmJP64dSzRPBLmByZ5FrhJVc54KdXEI9fiRb8JC9ZTq73wTFIMjX0ppQUC78W&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0N1CnGCdM8fAS2VMAHZGFHqHN79Ls7Q6YyhmJP64dSzRPBLmByZ5FrhJVc54KdXEI9fiRb8JC9ZTq73wTFIMjX0ppQUC78W%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBFif2H37WZzuKn0i9gfIKs&google_cver=1&google_push=AavPq0N1CnGCdM8fAS2VMAHZGFHqHN79Ls7Q6YyhmJP64dSzRPBLmByZ5FrhJVc54KdXEI9fiRb8JC9ZTq73wTFIMjX0ppQUC78W&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0N1CnGCdM8fAS2VMAHZGFHqHN79Ls7Q6YyhmJP64dSzRPBLmByZ5FrhJVc54KdXEI9fiRb8JC9ZTq73wTFIMjX0ppQUC78W%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 485
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBjsDMpfQjanhpEEvYjYYlA&google_cver=1&google_push=AavPq0Ma0Y7QP5SKu4iGq7Nrb5pyLsDP71ZfwFBkKYMhH47ZFa2yIF1VgzOivJaTYdkO8gvbCEk6wJVETU5WWBTCU77-BAvMXl1P0w HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBjsDMpfQjanhpEEvYjYYlA&google_cver=1&google_push=AavPq0Ma0Y7QP5SKu4iGq7Nrb5pyLsDP71ZfwFBkKYMhH47ZFa2yIF1VgzOivJaTYdkO8gvbCEk6wJVETU5WWBTCU77-BAvMXl1P0w HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3f4f1166-d95b-447f-ad5b-aed4fcc62319&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Ma0Y7QP5SKu4iGq7Nrb5pyLsDP71ZfwFBkKYMhH47ZFa2yIF1VgzOivJaTYdkO8gvbCEk6wJVETU5WWBTCU77-BAvMXl1P0w&google_hm=ll2HefCdS9yWV7lx_h3JDg==
Request Chain 486
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGAMev9kCYErIRr_1Rx1Atc&google_cver=1&google_push=AavPq0Mq1ed_3-509wzHHRZ4dpAdPULTZuBq6QZMeseL5eGAxYTf10_20ZbZZsUSpp49XUob45Tc7J0X0FsfrOgK-8QUgGxgLpNp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mq1ed_3-509wzHHRZ4dpAdPULTZuBq6QZMeseL5eGAxYTf10_20ZbZZsUSpp49XUob45Tc7J0X0FsfrOgK-8QUgGxgLpNp&google_hm=eS1neDJkbnVsRTJwSHlYQ25FWEVra2R3bHZVTDQxVFlGTX5B
Request Chain 487
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHI1GQyOZCv2JcNeGH-BoQM&google_cver=1&google_push=AavPq0NGRqtPPLAG75eTFrTsHRQft00R4el21GUjFB_7RMU0polLXCxMw8BLOpwVi8TCuT07V8DMGcTR3LQcCZhvaWoX_JqzVbhP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uBqWYhNtQvm79Y71mFulEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NGRqtPPLAG75eTFrTsHRQft00R4el21GUjFB_7RMU0polLXCxMw8BLOpwVi8TCuT07V8DMGcTR3LQcCZhvaWoX_JqzVbhP
Request Chain 488
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDTD2kMs3ymvPuuRUEhGp7s&google_cver=1&google_push=AavPq0NU4w3KGdJIK__BvmkfwkFQfdQtzRb6DctQV8RpfhmR8r_pD358TDqzdG8R3e6L-O3TMmNHiRD2jkXp769Nu4psDFizqc2LeQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQzOTUxMTU5NjY2NjM2NTUxODg0MQ%3D%3D&google_push=AavPq0NU4w3KGdJIK__BvmkfwkFQfdQtzRb6DctQV8RpfhmR8r_pD358TDqzdG8R3e6L-O3TMmNHiRD2jkXp769Nu4psDFizqc2LeQ
Request Chain 489
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDzy-Y4iSqsSXkWnFdQQV-w&google_cver=1&google_push=AavPq0NspXop1MszESlQWZ9rjvulFkyNyRbLkpwzRZQ9sXSDeVkbvzBCtfyHTpFV2WDG2QO2aWc3K1PAkP6JvNGpf8rhOpozrdUE2gQ HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDzy-Y4iSqsSXkWnFdQQV-w&google_cver=1&google_push=AavPq0NspXop1MszESlQWZ9rjvulFkyNyRbLkpwzRZQ9sXSDeVkbvzBCtfyHTpFV2WDG2QO2aWc3K1PAkP6JvNGpf8rhOpozrdUE2gQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=965d8779-f09d-4bdc-9657-b971fe1dc90e&%%GOOGLE_PUSH_PAIR%%
Request Chain 491
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGd_58VdnWdLs2QytZHFq_E&google_cver=1&google_push=AavPq0PWycTXJQI50JD0R9OvYZ6BypPGMtv5O0o2KqIp_PLVYQ7jz8QQQfzDYq6OvuuALNZODsv_r9fZZcvrJvkiPQlPs72AkkDn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk5ODM4NzIyNTgyNTQ3NTAyNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP0wYUzuLXqtwG5yB99PTmc&google_cver=1
Request Chain 493
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOO82RvPKO3onfHIj8zT5kM&google_cver=1&google_push=AavPq0OsDw_zf-Giq9DA2xPeARTGfTSysaFD0vnnZiH2D8_qJZZKRe04lmwWxLGoFljyVSoalm2MNoL_SXPdVPvcp0_UNjixyHA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OsDw_zf-Giq9DA2xPeARTGfTSysaFD0vnnZiH2D8_qJZZKRe04lmwWxLGoFljyVSoalm2MNoL_SXPdVPvcp0_UNjixyHA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOO82RvPKO3onfHIj8zT5kM&google_cver=1&google_push=AavPq0OsDw_zf-Giq9DA2xPeARTGfTSysaFD0vnnZiH2D8_qJZZKRe04lmwWxLGoFljyVSoalm2MNoL_SXPdVPvcp0_UNjixyHA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OsDw_zf-Giq9DA2xPeARTGfTSysaFD0vnnZiH2D8_qJZZKRe04lmwWxLGoFljyVSoalm2MNoL_SXPdVPvcp0_UNjixyHA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 494
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAK6Qz4yG2XSdxBldsR_yJw&google_cver=1&google_push=AavPq0OzGtxrQdEn6SABivratXpW35ip2IT1rMZa_gbWnnBMhnmGyXvq9hV-LQO7SBQTD1z7S9twar-IKI_KpIHe8HOQuoN7U5s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OzGtxrQdEn6SABivratXpW35ip2IT1rMZa_gbWnnBMhnmGyXvq9hV-LQO7SBQTD1z7S9twar-IKI_KpIHe8HOQuoN7U5s&google_hm=eS1EY21BMEhaRTJwRU5IbnlLYVFGR1hzWWpVaWY3T0JHM35B
Request Chain 495
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBuBK6Kkwug7TgWhFOsXu2s&google_cver=1&google_push=AavPq0NreOGvf31dkQdKnjvX_QcgEy3z_EnsoSa-b-eRvz0AlICxdDBy0I5g16XVLKk9S4Olc7AmnTyYiNmDLQ4oSjWGzWe-4V6p HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBuBK6Kkwug7TgWhFOsXu2s&google_push=AavPq0NreOGvf31dkQdKnjvX_QcgEy3z_EnsoSa-b-eRvz0AlICxdDBy0I5g16XVLKk9S4Olc7AmnTyYiNmDLQ4oSjWGzWe-4V6p&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBuBK6Kkwug7TgWhFOsXu2s&google_hm=Y6og2dMbjP7YRJJHFJMmiQAABGAAAAAB&google_nid=index&google_push=AavPq0NreOGvf31dkQdKnjvX_QcgEy3z_EnsoSa-b-eRvz0AlICxdDBy0I5g16XVLKk9S4Olc7AmnTyYiNmDLQ4oSjWGzWe-4V6p
Request Chain 496
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPXV_iOZVEDX-bIcvgevZ9s&google_cver=1&google_push=AavPq0OWWAtyTvaioEIbpBT2npJHsLWX874iXECneUQHTtqp4ZdykgtERhdl0RT74MePE5TCzPC12QvegXMXdqoSZ_oEGDX09sgC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OWWAtyTvaioEIbpBT2npJHsLWX874iXECneUQHTtqp4ZdykgtERhdl0RT74MePE5TCzPC12QvegXMXdqoSZ_oEGDX09sgC
Request Chain 497
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDvSFhlv4OlrWL9mPrUwBKM&google_cver=1&google_push=AavPq0Mrf2gKjTSms2DjNDRVOboWfQZ-3nnNtNbUU0ShptrBw1vvw2mG4y2VvZmiiZa0igdpwtkhjmQ3GizMvK11BRlCTdAfXCVu HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0Mrf2gKjTSms2DjNDRVOboWfQZ-3nnNtNbUU0ShptrBw1vvw2mG4y2VvZmiiZa0igdpwtkhjmQ3GizMvK11BRlCTdAfXCVu&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1672093913813 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-09a896e0-5dc5-4eee-ad9f-dd4b5a1e0083-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0Mrf2gKjTSms2DjNDRVOboWfQZ-3nnNtNbUU0ShptrBw1vvw2mG4y2VvZmiiZa0igdpwtkhjmQ3GizMvK11BRlCTdAfXCVu%26google_hm%3DAwmoluBdxU7urZ_dS1oeAIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0Mrf2gKjTSms2DjNDRVOboWfQZ-3nnNtNbUU0ShptrBw1vvw2mG4y2VvZmiiZa0igdpwtkhjmQ3GizMvK11BRlCTdAfXCVu&google_hm=AwmoluBdxU7urZ_dS1oeAIM
Request Chain 545
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160074 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjgxQTk2NjItMTM2RC00MkY5LUJCRjUtOEVGNTk4NUJBNTEw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFP_xreNn25GkSCtlyvPDSY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 556
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=199cd466-856d-11ed-81cb-1ee5b9e10306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=199cd425-856d-11ed-81cb-1ee5b9e10306&orig=video&us_privacy=1---gdpr=1&
Request Chain 559
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=199cd1be-856d-11ed-96a7-19da87bf0206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=199cd425-856d-11ed-81cb-1ee5b9e10306&orig=video&us_privacy=1---gdpr=1&
Request Chain 593
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIfVzp6rmPwCFQDvEQgd-J0Jxw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122623315579855612687X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122623315579855612687X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Request Chain 596
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CM_Szp6rmPwCFWyW_QcdPUkJWg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122623315579855612697X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 599
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1672093914_19c9f9f0-856d-11ed-bb44-226289dc062e&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 603
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMTYzp6rmPwCFajzEQgd3qMHQQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122623315579855612691X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022122623315579855612691X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Request Chain 606
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CJDZzp6rmPwCFRkI4Aod_dgA_Q;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122623315579855612693X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 609
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1672093914_19ca4810-856d-11ed-bfb9-223141246197&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 613
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIHazp6rmPwCFZOIdwodtQkJow;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122623315579855612695X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022122623315579855612695X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Request Chain 616
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CN7Yzp6rmPwCFcT0EQgdnzsKFQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122623315579855612689X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 619
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1672093914_19ca2100-856d-11ed-b703-22303eeb12d1&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 641
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBjsDMpfQjanhpEEvYjYYlA&google_cver=1&google_push=AavPq0NF7tAR_FwQHNsAof0Bzz3KteJ4octJcoCFuUR7Av5vhMccXszt-ZlS55XzpMUImAZ_5nJfx3wVFk-TOiGrNpgwxfM4TxjytQ HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5123196424462168016&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NF7tAR_FwQHNsAof0Bzz3KteJ4octJcoCFuUR7Av5vhMccXszt-ZlS55XzpMUImAZ_5nJfx3wVFk-TOiGrNpgwxfM4TxjytQ&google_hm=ll2HefCdS9yWV7lx_h3JDg==
Request Chain 643
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHI1GQyOZCv2JcNeGH-BoQM&google_cver=1&google_push=AavPq0PgmouQHbclWXiHCGawVxnyKatxaS9OYuP6pb2IRWWKtO8NIuZRNm_jpB5wv1SII3PupoP-ebO82K3bgPTjy4pyPH6LkeTKsA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uBqWYhNtQvm79Y71mFulEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0PgmouQHbclWXiHCGawVxnyKatxaS9OYuP6pb2IRWWKtO8NIuZRNm_jpB5wv1SII3PupoP-ebO82K3bgPTjy4pyPH6LkeTKsA
Request Chain 644
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENfn4Z1TsZYOGfqe1NygFmE&google_cver=1&google_push=AavPq0OUlMPf8ND2YYafxOMmMeXrK2ILtpvnd1WgBoBg8_yAlKp1lKc_o_wmi16UfPyJkNyFjnS1vOkutnIAjb2j5wBMO79G6vFuew HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OUlMPf8ND2YYafxOMmMeXrK2ILtpvnd1WgBoBg8_yAlKp1lKc_o_wmi16UfPyJkNyFjnS1vOkutnIAjb2j5wBMO79G6vFuew
Request Chain 645
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDTD2kMs3ymvPuuRUEhGp7s&google_cver=1&google_push=AavPq0Mt91KolyUnmyc7kROdDQuGYrVVKNfxlcSZL_mzkMZD4LoUKnfHovoYXskKoEkJM3VU5YtzYkeVlZ87dKyl3vf-u7AoG4br HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQzOTUxMTU5NjY2NjM2NTUxODg0MQ%3D%3D&google_push=AavPq0Mt91KolyUnmyc7kROdDQuGYrVVKNfxlcSZL_mzkMZD4LoUKnfHovoYXskKoEkJM3VU5YtzYkeVlZ87dKyl3vf-u7AoG4br
Request Chain 646
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBza0B-N9B1JmdrDd-46xr8&google_cver=1&google_push=AavPq0Pn0G8CjXCS8ykkjb17-O4TQa0YL720bHoBp8-x_mH517NdyVjiJ7oriRaNTo9RdqMQt7YybD8wTrr4Do2gylN-TGTqKdWPbA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00RjYwMDNaRTJ1R0RTa0YyOWJDMnh2N2xZUkowQnR3d35B&google_push=AavPq0Pn0G8CjXCS8ykkjb17-O4TQa0YL720bHoBp8-x_mH517NdyVjiJ7oriRaNTo9RdqMQt7YybD8wTrr4Do2gylN-TGTqKdWPbA

714 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/ 		155 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
abc915313f4377a8dcffc35af12d05c1aba29df8145e9139fb4a18b7fbc1976d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 26 Dec 2022 22:31:49 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.staradvertiser.com/wp-api/>; rel="https://api.w.org/" <https://www.staradvertiser.com/wp-api/wp/v2/posts/1212639>; rel="alternate"; type="application/json" <https://www.staradvertiser.com/?p=1212639>; rel=shortlink
pragma
no-cache
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 9
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ 		233 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:5a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c70ef6d18a5f7d1878bd2015176e33bca2dee90bfa238e40a8e1d22f2d55d0a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
WzBJcSDIjk0rBcA8.lK6l2q3lOaXWunc
content-encoding
br
via
1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 22:02:26 GMT
last-modified
Thu, 03 Nov 2022 13:13:11 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2295
etag
W/"82101e5b6190d4cba86a962193b6a592"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, public
x-amz-cf-id
zeDNP_PUaE-xDr7LF6-vjJxNwWzBfF_hipITP5awDnGLQCm3bFWzpw==
pubcid.min.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Nov 2020 19:41:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
427681
etag
W/"5faee184-e358"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urOdxOWxzlxjnvzQSMI1i8Ls58e2%2FwCa9avgTc64RaOULa2MPjmfYGSYu4VzBiYMZanlfZbkIPRTyMXknwJs%2F8tC2pHu%2B3eoME85nG0S3%2B0mCckvLSH47hRPFawmL4y9UmQ4a9oCgfXlxjhXlPI6ukIbWpA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598c69016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
756
age
10787890
cdn-cachedat
08/11/2021 06:00:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
0e2c5c6d0f923b14a11b987f36221b3c
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
77fd44d5997c9a3b-FRA
cdn-requestpullsuccess
True
sa-style-2018.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/ 		68 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.92
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3888dac327eba45d8835c6729259e4190cb79a303b903330434e000a4f8aa2d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Nov 2022 00:49:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3966085
etag
W/"636d9c09-110c9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycpXx2hzI5R2hQnUNQxYzaxCLvaMZXy4eoYkwCZL7KnVX4T%2BR1nJJbmlRU%2Bwm8SaJFFgZp3cvh08KXl7NzaxgulDSrRMvNblcVRRmqRBZo6VCm0lPLso1wFJTxO4VN36FXHDcTYaY4XpAZvFv%2Biq0Gm8wxM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598b09016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 26 Dec 2022 22:31:49 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
S44SDQQP01H75GC7
age
28999175
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
qy6sIIvb+fmg9+I3QGTa741KnzdpI1PXTyYJYSWNXRuE32zmNSDltCo6gYxFmESpSFoslzzkuDlSxbWdJY02XA==
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFJ1uJPP5LKn8IiHf8Vz29sjO57%2Fkz5B1BXjQNiPW%2B%2FoVpFtSJU0BBlFE%2FHGhbZj1KmyHT6NvjxukaPt5zYgR%2BzuOfRTJfIwTI5ZiGzC3h4ekYOod3R7bAQVZZEfjom%2Fo8YjPE1Hsl3hnGZbx46EqU0T"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
77fd44d5a9f8911f-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 22:19:19 GMT
adblockDetector.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/adblockerdetector/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/adblockerdetector/adblockDetector.js?v=1672093291
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d114053b0734a32984149e572c5886d065dfe4bcc4c0ab76334dcc6d3662ccc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Sep 2022 00:15:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"630ff9a5-3592"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xdw38cj4259xUcfBfH5uUdo4mAmGkk5ekmoqQyRGwgkGZjntF%2FQoZh73rHEDlSbW7RUabQ8S4mf3zfDBlwd4%2BidAtgwUbXvscEevbAgBUw5XQAjIK31zY3wSgy9%2F8ahb%2BOnH1JVUIYGn3SSPd36XEzJ1%2Bjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598c79016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adblockerTrigger.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/adblockerdetector/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/adblockerdetector/adblockerTrigger.js?v=1672093291
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4232418f7cc732582f6471f0e121f91014253ed22617d140b4252977d8c18ddb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Sep 2022 02:07:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63213763-cee"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBT%2FlGITXm5%2BIf27jVwdl%2FpnUeHaSl84X4IWOblFkee4gOTcWzNYPaONMdb8UiyORNWUAPQDJ95LWQ%2FpEpGOqGrK7b4w%2BSy7Xd4r6KAdPjHK8LnPLknyK6wA0109%2BtkiInLGzSjDshISd8Z2QWGGEBFH7hI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598c29016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 00:43:34 GMT
content-encoding
gzip
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
78495
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Ce6KC7Hk_2UIy-D18BcX4JzeX_lTp_fUigrCFK2RVWu0FFh3nObzhg==
expires
Tue, 27 Dec 2022 00:43:34 GMT
ZoPFXSjg.js
content.jwplatform.com/libraries/ 		131 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/ZoPFXSjg.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
71b9740651c7b54d919da98ea572398dc9ef35cea3711c3667b2c747f0c2f582

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:29:03 GMT
content-encoding
gzip
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA53-C1
age
166
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
45946
x-amz-cf-id
tG_WMrEVmXZBY4z2-XTzmacw8kzaVv8pex1UgDguc3FSAvO-CYueZA==
hsa-jwplayer.cmd-hsa-minified.1601588720.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/hsa-jwplayer.cmd-hsa-minified.1601588720.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0159831273549544cb9ff04cb7f31edfa5797d9aa4bf1666636bdca542479b76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Oct 2020 21:45:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6179553
etag
W/"5f764df4-2eb2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7MPzTLjhU%2BnaAMsSE7dtQZ%2Fy6ds8rEbbuj7omMROoX1J%2FEQCnmO1yEybkMC%2BNLkuZ6xau36MJCNStCC6eLT4WH5yNIr52wMCatB84gI51dgoRHqtzFN3hi6PydBWbal2mTJd2x71NPne0PGO1liyZfjT%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598c09016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sa-jwplayer.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/ 		2 KB
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6179554
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4qzx14y2fKrWRJw5gmawatSO%2Bo2ubNq4DttvvZ%2FUuuyUPpRBOdNOQrAmyFLtYJU2TKCMx41I9aUgzWjRbs2hzP%2BIUbk2Q93POQ1jfttfn68LCZuW3JbMkeuaFbVzfBTeNBGYJXugWmVuj4Ccx1vbqEE8aY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598b19016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
load.js
s.ntv.io/serve/ 		536 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.37.49 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
14e707178a0b672b479215bb15ed37912fd2a3cbe020d9f4f71269fb89c245d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:49 GMT
Content-Encoding
gzip
x-amz-request-id
024RJ0834T5680MH
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
TiB2yBJzoUp36g794ZZInBwhOu5qsBLHzu3nTAxO2dfeFO6I6W+VVGePX3xFj9CNlhAvPIfal+c=
Last-Modified
Fri, 16 Dec 2022 21:32:35 GMT
Server
AmazonS3
ETag
"4f9f244a6d1c98dafe98c9b8b18b1fbb"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
optimize.js
www.googleoptimize.com/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-KLPLN2M
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77fa2b3ea7258961a9d400810d13a9e97bf0b8d695b539dc47fbec76a913e2ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44231
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 26 Dec 2022 22:31:49 GMT
usprivacy-string.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/iab_ccpa/src/usprivacy-string.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d3f7cad9534723e28aed704f7f5bcbb7f6a2323b2c29f01aa09bc3a46c930d

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6184358
etag
W/"5e2b4233-4e0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEnTRhhBSEHOCKFzSeMM07u85oEksTTyidtLygAPU%2FXFhRINrysNz8aQ1MQXPifQ1HQfv4Unn9JMkSTgxUUbP3yEY6%2ByAW1EjS3IGBMLGFP7zlTX%2BCuM16XX4fay8pECCi%2BQuo7kjbkPVBqviYMPK0plffI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d59e179bfb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
uspapi.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/iab_ccpa/src/uspapi.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8921a0fcfd2507826836106dcc06e0612c413bf3797cab39402171724b32df0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6183331
etag
W/"5e2b4233-1158"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot%2FGEck8WbgladRXoM3%2FAsAvym2ux0nkGFhnEEQ6anxVxRrfLIzEsjaDaghyNLDscHYVeJ%2BLGk25auQAZKkZ9dNjOJ7kWznerjARRUNBZIJBo67nfBdaIx3uIu%2FyFdf8%2B38iN%2BDbBFrJ0VdHnbpXuBsxS5M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598c39016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
uspapi_call.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/iab_ccpa/src/uspapi_call.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
87228b5246ece9b12bac05b438794791bb67239aab563dafb7e43eb4ddfc8fa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6179553
etag
W/"5e2b4233-899"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBWCglYUywnaTJlajK36XcCgXl47Va7MmW1S5z9UQGwnvPT1U9YawjDPalpO%2BtCTosNJ%2FBskWhePGKruJr1hb65nBOGoy9gvjLMHDP9PRFmoUF8N%2Fgf30Dao%2FhratwGYJW1XJgqzU4YFld%2BYmLwEUzl%2BnUg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598c59016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
script.js
powerad.ai/ 		205 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/script.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.188.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-188-247.compute-1.amazonaws.com
Software
/ Express
Resource Hash
2aca87e9af2fafcb1ed8f7292f451a698e6c352979f2d7632aed05f0db909c78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
last-modified
Mon, 26 Dec 2022 13:07:05 GMT
x-powered-by
Express
etag
W/"332dd-1854e8b3c50"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
polyfill.min.js
polyfill.io/v2/ 		222 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
last-modified
Wed, 16 Nov 2022 09:56:11 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/108.0.0
server-timing
cache-fra-eddf8230084, PASS, fastly;desc="Edge time";dur=11
accept-ranges
bytes
content-length
126
common.cmd-hsa-minified.1569273721.css
staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/css/ 		502 B
768 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.6
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4513016
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6vberLFwqPS0yvqqEQlFWN%2BvpoT8mNIZ6X0LMjrRF6FgS%2FT2GrGC71mAdBY%2BnyOgl2K8nBiX32PTq3VTfWt3gEGWNjXPpLmAMF1nzCJwgoFmOS8mO1lzDEEgW9XfHutyDdLIvOT0A3nCItH%2BK2mdiKcP1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598b29016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
staradvertiser.wpenginepowered.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4513016
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDr5BUOUzAGj8FnjIbvMRJaamXF5UZ3iM%2BQi4bel4jfASxyxaqM4clz9ogWtIf6hZmDiX%2BKH%2BeO3%2B5omspDzV%2Fjeonx6cZffm6hHWLmwANXpJ1Bi2cQUygja4o07x08Mqq11HNrStsSKgbj3x22ddpPs1lY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598b39016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vfb-style.min.css
staradvertiser.wpenginepowered.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6179554
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMPf22dxtESu59KX65cu%2FDTiuj4mc4FH8FoasK1a3XBsAY4zri2g6baA18jgUFWUzM1Vio6Tjv86PZoWbhVEyrv2Jb2TrjtfZcKZd%2By8lioYY6iJy%2F6z7cpoAiwS8UkUWDGO%2FKkZ%2BgQA7AvkjdMr7iu8alk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598b49016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dda1502552738a30410dfa20c72010e98342a5f466f2bee1c27b1e20c0ee83f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 22:21:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Dec 2022 22:31:49 GMT
genericons.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6179554
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ixAIc%2Beq3g6Fs%2BUcuEaAWcD%2BWKZECs1dmVED0Cx8yPAxTdk0zDvDW0U1TcJUvVE5TI1d3hJjooXctfPAbIqqI6WXTMOrdZtqxYEgrsxa5oJsg%2Beu97d7Q39XiV813azmSAIXMXNI6uRiwxbZ4Gvx93QDGA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598b59016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/ 		0
293 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6179554
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf7J2LtCl2139XFdlB0de5WHLer4JNIMhGULzQx3GchrrkuFH19ja6vWoKXqW7qC2SAs%2Bq1WBD%2F4%2BhKq6tDw2Onz0oNncG4onBwzrAkgtWdhPiVFV4dvRLl5oPIVMPuZlKe%2FoVokObuR0%2FVe%2Bd1bbq8p6AA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d598b99016-FRA
facets.min.css
staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
597 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6179554
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9UzMmE%2BQB4JWmpEjI%2F47xYgOLLtzQaPu0cdvcX1D%2F0gmzTm2ufHYpWGb8Q1fusIVk7K1juY1lZEFZTlBfGlZzneMO%2FUQeDuur%2FqGemMrAb1ySL6MlcuA6q7eufkIL5vbbSgdEUp7tbN3NWwO9VdF0tI%2FWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598bb9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
staradvertiser.wpenginepowered.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6179553
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vu8bo8q54OYCz%2BJobD2KCyO9AFDNmAOUekd5bLKbbVQNfqv6XyE7djKdb5%2Bf8p6F8bZ%2B54i5aya5Peg05N15Clfbuo%2Ble2oZy2WxkISiH0cPwCsIyB%2BvbIsXOnx6hm9lF5xXl0gR7VpbY607DB693xRTd4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598bf9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
staradvertiser.wpenginepowered.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2228535
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BrerF3NrZ5pf9xugCKj5HlVieyaavXUND%2BXGKuQ%2BqMJRKHQJ1IT8v0lxw71jkV%2FVD7t7c52eSnFwrkNH8Njb5Pe6GK2LfTJwavAT1CvHAkuWNFrIaQgm2wZmoiTDIX7Cke9dGC2IOJEFeZg42DllY%2BT5mg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598be9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
common.cmd-hsa-minified.1569273721.js
staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/js/common.cmd-hsa-minified.1569273721.js?ver=5.8.6
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4513016
etag
W/"5e39cc5c-100a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7vYMib7FQ4JP6nlNKf5Mhyr61RVXCaFTBi%2BBNois8i3Q4g2W2TV34Q%2FIkKbSFygvrTsgRueAcreMlqN8ey21xgWKNe3Xjlj3P6SrY2%2FnUqJxzFYgX3WkIrLgRWNTq%2B9uAmuJWTX68Y0ptLYq9lrzBut0nE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598c49016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
custom_ad.js
staradvertiser.wpenginepowered.com/wp-content/plugins/cmd-hsa-ad-tags/js/ 		1 KB
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/cmd-hsa-ad-tags/js/custom_ad.js?ver=5.8.6
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c3a51954dc9824b0abed0296f94f280f96a164ad5145d7506bd27540b398eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4513016
etag
W/"5d893779-491"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGQEiDrj6B9%2B%2Bc2YpngY6qpLdRVxvOu2UBVTu8lKdT0PBvnBegZ7sTPkln9gZt1VlkQYvbX4X2m0zqPXCsIaBTueBnk23qWv4dkf7O9j8Coir8mUt%2BeCPKnz9Wkf43n0MvJXiKhC1swtcYrlqsFNP%2Bbcims%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d598bc9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sa-logo-white-small.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/sa-logo-white-small.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0bc9a339b66ab78582f3d4e03c0de404fcfdb87d899a850fcf0ffeedc65d7e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303807
cf-polished
origFmt=png, origSize=6620
content-disposition
inline; filename="sa-logo-white-small.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3506
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-19dc"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNpc2krg4ZYw2iyQDAoQKM1dsoS2vK91hH5C%2B%2Bfw%2FYdnc4ggIiriRWxbJDpGaVN9Bh%2FjIbWKE17KH%2Fk4XA4OmfvNFvYOoNfPXr40KFRbYHGyTubKGKtan7fbHJcfMvpELb0qwGGWhbbT%2BWO82UaeX97MaZk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d8dd4c2bba-FRA
longs-drugs-logo-v2.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		546 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/longs-drugs-logo-v2.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0cf1fcf3f8e456902035d1649158993c3b0dc41a11dd33b05fec0efc675d4c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303807
cf-polished
origFmt=png, origSize=2324
content-disposition
inline; filename="longs-drugs-logo-v2.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
546
cf-bgj
imgq:100,h2pri
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
cloudflare
etag
"60c805fa-914"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3XE7nWaLmQyUi2MEJmSUaqPioCPg4C%2FMsMJP6UE674NN90QP%2FOV5Ht5gsN6vhKoQPRudbHq1L3wLTb0UKqQGRYDut%2BqFUHpL4is6rtMTUYY4i6yW%2BQEB%2BdDYv41cov7km7vA4YDM3zRuAARsRKLCb%2BaZSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d8dd4d2bba-FRA
sa-logo-large.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/sa-logo-large.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc8b4c79caae0787ac82aa05fd7bd0510206b2c1fb08aa16079292057741a5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303807
cf-polished
origFmt=png, origSize=16470
content-disposition
inline; filename="sa-logo-large.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9142
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-4056"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3KMBr%2FkwKc%2BSFD7%2F3w5uSE1bzjSHBTLvqadUGm4Xyyxn0HSlcqVqDTiIHrYVuyzJKTi4FovzTMlxz9t3FXw1gsY6t80YwYYZgaXMgwJ3I12algLHxD34cfq78Q24XQ9G3vLa%2B%2BOXRvwMhLbqRbfT%2Bosn4g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d8dd4f2bba-FRA
partly_cloudy.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/small-icons/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/small-icons/partly_cloudy.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f4e5c665010f7b040421bad17db2591e96b9c8a3998b0ef81ff7cfc0f609916

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303807
cf-polished
origFmt=png, origSize=1323
content-disposition
inline; filename="partly_cloudy.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
836
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-52b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olQaWrtrplEp%2FSinzZEvc07AI4VVks%2BM8w7VkxN%2FuLQbIoXD2t%2F9RJPUq7S82DL3gzSBHnM9yPTOcTMcjmnnnUg8vr4iVZ7XRnkaM%2FqOzBLgJf%2F8ft9rtx2IL840%2FIOvzxqkPYI%2BXmftBIxqyrxioZXkPgU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d8dd502bba-FRA
sa-appicon-round.png
sa-media.s3.us-east-1.amazonaws.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.us-east-1.amazonaws.com/images/sa-appicon-round.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.130.90 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cf3c71fbd3d13cd3d485e6bca01d03807c314bf44cb5732e80796bfcdb20961b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:51 GMT
x-amz-version-id
6uTAjl8ThuA4shqzAqw2tN9NfIbxRbV6
Last-Modified
Fri, 04 Nov 2022 02:02:05 GMT
Server
AmazonS3
x-amz-request-id
T36RZX325TYSJS95
ETag
"1a1789256390ce194d038e3c1fadf2f9"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
6839
x-amz-id-2
wyUe78q2Q06dRndIENYGAP3fJjGDnoZS7n5yR87p5LrudegXjYiwslLa1G+RDJ8r+urz0j6Jx4E=
web-push-bell.gif
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/web-push-bell.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1fc237470c723b46265bc0ed2f222b6f9d239f2dd7c6a89e5f1c4fadc04c91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
284841
cf-polished
origFmt=gif, origSize=2681
content-disposition
inline; filename="web-push-bell.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1202
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 Jul 2020 20:14:11 GMT
server
cloudflare
etag
"5f120693-a79"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjAKip%2FJSqH%2BMNJsEj%2Fe%2FdXW2HMIWJshedvDdEgGaXZB4ctCzCg8rUwETkjunlnEc06X5MoHUBS0jVAycsmkEtlTWrfCjM3Cmav%2FPiUS0eKqa8uiSgNHz653TwntEjyN2WfRs9icqZbQAtOK4VNdc7zxKEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d8dd512bba-FRA
origami-widget.js
origami.secure.ownlocal.com/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami-widget.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:49:05 GMT
age
2564
x-guploader-uploadid
ADPycdvUaNvIiXGyfXxBEBLZazJqLgO3YoVM3cn31HfQ_lG_lddreqbQPfXw9hQIR0NS16dhSQ2uHOGS_Dt5aziZt7aGOErGMCak
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13289
last-modified
Mon, 19 Oct 2020 18:40:43 GMT
server
UploadServer
etag
"f5183a07384a657e61aaaeba0fc72448"
x-goog-generation
1603132843078573
x-goog-hash
crc32c=FHVKdg==, md5=9Rg6BzhKZX5hqq66D8ckSA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
13289
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 27 Dec 2022 21:49:05 GMT
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB9) /
Resource Hash
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
content-md5
DgH26NwpVpUJ7mY3mCxUbA==
age
426011
x-cache
HIT
content-length
919
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 14:25:32 GMT
server
ECAcc (frc/4CB9)
etag
"0x8D7F2927FD84964+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
92350331-c01e-009f-3699-15b40f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
20221221_WEB_HSB-A1-12-26-2002.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/20221221_WEB_HSB-A1-12-26-2002.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3a8a66ab56498a94c09bf46e63542f0ddf05e116b22c02ab7d54903ce711120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
284841
cf-polished
origFmt=jpeg, origSize=175488
content-disposition
inline; filename="20221221_WEB_HSB-A1-12-26-2002.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
126356
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Dec 2022 21:25:29 GMT
server
cloudflare
etag
"63a379c9-2ad80"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOCcQVncgmjkfbFxkvZ97qwFJmSYoz9%2Bnny4PXGHqpUenHcg19r1jjjLG%2F6FFWbZaW8rnjy3ZJiLuTXbQSLwqAyg%2F2Z2wmH1Pvnl4qEM0L3IyIIGY%2FtNZXk1sR65gtjyR%2F5To1alpazpqbvk8zyddzaqU1g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d8dd522bba-FRA
SA-LocalBusinessGuide-RightRail.gif
sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/SA-LocalBusinessGuide-RightRail.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.12.236 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b9992e87acdce0b56ae06a416a40ba5b4771a9cd7701d97e9487044dbf1b65e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:51 GMT
x-amz-version-id
6IbaSWxCO7LzRPA4INzeWwcVLvh1Iht9
Last-Modified
Fri, 17 Jul 2020 01:10:19 GMT
Server
AmazonS3
x-amz-request-id
T36HXKTHF2CQD0CE
ETag
"4de67d2a7b83c7aa57c53c16e04f45fe"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
33694
x-amz-id-2
Ke6SsWyAFMOVsgOH6vVGSErNSGOBJyJK9ETHhFrewL2B+Xw8INK/hVBEEarl01X8ldLoh9FVHfU=
frontend.js
staradvertiser.wpenginepowered.com/wp-content/plugins/ad-refresh-control/dist/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/ad-refresh-control/dist/js/frontend.js?ver=1.0.5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 07:01:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6179552
etag
W/"60fa6939-3583"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdMD8k7lH7W%2F20QMD5%2BJ62LAeGKEUmTmEm5mZeLdvO8gZOY9tFta1qkNfMzaP9S3vPQoSfeOjXrAKySKAe3tGnOzUY8UdF9%2FC7Hi48KIToB1zJI0v1YaZHUsEoSQUQgV8mJPrTa1O6w17ijE5lEG3SZBPv4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d87bd59016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
comment-reply.min.js
staradvertiser.wpenginepowered.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/js/comment-reply.min.js?ver=5.8.6
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
406054
etag
W/"60539267-ba8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkhCm4UxGopXKZ2f9tqKy1jSEzVXZhyJzjN7V4dE8FQjd7%2BMnQjpChxj2qJoXayzc8qz%2ByuhzWCY9zMlF1X8HVioLG%2Bq2%2FwdEejWX1Jj%2FvKkl5zLIqHOzFylfE2BBSbFdYjrCcDCxe9ABqPvwXEOCMNVfhU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d87bd79016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
functions.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/functions.js?ver=20200320
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Mar 2020 19:28:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
303807
etag
W/"5e7a5f5a-10af"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmJIF3F0y3gLLgpv3fV5aUUMTMAUl7eh%2BUXThF9PU%2BWHCGYF%2B5bTwMii35AcX7pqF40pkX5KONyp38SGgGfUJnYKdQ2PPH3pn9m%2FQC013TtObOWhE2VBLgnyB49VGJJ533SNQ%2FVV00MJClpy2ePU34rIKrw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d8dd3b2bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
underscore.min.js
staradvertiser.wpenginepowered.com/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 May 2021 19:33:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
303807
etag
W/"60aff3ff-4a84"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITscD%2B96Z4RkQt%2Fn%2BxkrO6gFMJGWQERE5r%2F0tRkFXAZWyeZPo4KlHeoMkkGZutjqSYTIAAS4bikhMdlzzD0I6BNgcaqLnmvWB7CG6YxHUpOawIcARUjvxt%2BPt9bfav7segM8fslfiBrC8bufQWdnPdfMx1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d8dd3f2bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
facets.min.js
staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/js/ 		399 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/js/facets.min.js?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
303807
etag
W/"5d893779-18f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16fZFP16ZSkKgEjC%2BdV6%2BRSsKm0snebsB0mQokZRzP3F%2FF%2FoJRauwsoKwfd9Fdu0MWLNI0c9tD5lP%2FZA%2Fou43GymHnqRk%2FQ5wptIr7h324F7R909GnJqLJDCDzjUwi1iZIa%2BTXwxFhYdXbGJIzNiKbWZymk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d8dd432bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-embed.min.js
staradvertiser.wpenginepowered.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
303807
etag
W/"5ff5d754-592"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXm1CT7FoVF1pt3NZH1HQwMNmUP8R2zD%2Bq6gkXmrOr%2BPfizmszpJeHc00DciMukZSguRH%2FOYrSOlAOga3npw1G8j2lVe2WXnGDAgAlWOM8tJ9UToAuR%2FWdDlmnFEDtZ%2BV5stu2QTslVLk8WgxwIwtGpb7FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d8dd442bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.bxslider.min.v4.2.12.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/bxslider/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/bxslider/jquery.bxslider.min.v4.2.12.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
303807
etag
W/"5d893779-5bf7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9R4Wur2wNI%2Bhvbbaaw3EIWO5KvdN27V%2BvGd7%2FK6IOM9VZkSlQmvYNZYMDO99hfc%2BF6mUFCCAUhI2VKa%2FZj%2Fic7wrRLftG1pVuV6UK0FzhobCpYxPtpD5iLYMZ%2F66ma84MMBauZEBzCiaDY4yrL39nyXJNsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d8dd452bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.fitvids.v1.1.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/bxslider/plugins/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/bxslider/plugins/jquery.fitvids.v1.1.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
303807
etag
W/"5d893779-d16"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gdqpHs620caIMnwYS%2B6%2BfvoxNMpzSgztZCwTL%2ByFLJCI8IZ2bSdQ3MCjXkP325WKWFWe8XEpGLi3BVy71%2FBFSf15ZHSlWQCju%2BaPR%2BKrtTghqpS0sLjFThI%2BBLE5jGKdBPomOCVlN%2FlDXw1hbfSXtL3bGA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d8dd462bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
popper.min.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/popper.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
303807
etag
W/"5d893779-4af4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8uNwDDYqrEWT7px%2FrU4mULYQREYW5ODPXwMtO7xott7328Zng%2BtybD%2B54S3YYiPHNTD9fn%2FXbNsQB%2FqxECQ11QtiCKn4eq09O8QFBcau9E4d2XfgRZWOGQkMpybsa4z35DdFbdO0WFGg2AjNQqWpRYG0U0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d8dd472bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
435112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11522
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-bf30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qidoe0vZi%2BhU6Yx6VPnO4I1CtkEQyYNuFJ4ZYQRAriEz%2BiBQKp%2FhG3tdGvNuqQgl6HqzxMKZxwoybqDYwZGEshCnOSVjrIt4XPJBwjHClcXV0Iq1CqGihxPmJrwbfAqiPp1bhg9nE4xo4hANpyZx9UOH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77fd44d8fa989951-FRA
expires
Sat, 16 Dec 2023 22:31:49 GMT
prefixfree.min.js
cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8900806
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2135
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-16f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3evrWESY8KvZ2mDMb9bTCVtZEoh%2BtR7GugeNZ4nqiNo%2FhpSDMwTNXPANBqyjIBo0daZFdhd40yr%2BZsu1QKI2DTL5GxnamrFMOoBBjvSGePVhH5hdteulK78cvYPAGuEIvLTCaXTAvZ5CFcAt3Y880NEd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77fd44d8fa9a9951-FRA
expires
Sat, 16 Dec 2023 22:31:49 GMT
hawaiian-text.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		915 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/hawaiian-text.js?v3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
27a248eda1fdeed115a09b6721edd068770883206d013e5b493a12aab50a7c41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
303807
etag
W/"5d893779-393"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEEHsfV0NNAApUCEZhPQt%2B4FzZgtX17Temp7ackp%2FIrFiMiE%2BCpF2MJiKeTINK8hbMQukKkxZNhl2VSgEd3QD58M9srG6VMJRX9GQhkr3Cug2SgTn33ktjYR1o1byP4hr949jSkJ8Co0PWPg8wtu3nA45CQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d8dd4a2bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
custom-author.cmd-hsa-minified.1671736322.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/custom-author.cmd-hsa-minified.1671736322.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ce08b2710d3f935b9710fb6753c21f628755489a0bd87b3ff9ad293dceec33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Dec 2022 19:12:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
303807
etag
W/"63a4ac07-2a92"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuwNeI2HZ7rn3nEgxDXFiBMGA1FF%2FFxtLe3%2B18ZYfuLCfqySkIEAoS%2Fsguf1e2Dn%2FdQaArwRoLWjNv9iAEdpu484Vnj%2ByV7W3O23Lp3ZDj%2F%2B7iyOAjnbMzpWKmMLEb2NJNY2cIwUQBAKZhXyNc8%2By0CHNhE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d8dd4b2bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tag
a.teads.tv/page/57606/ 		793 B
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/57606/tag?v=1.1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
57acb0c4ea5a8ea31215572f4a0c492173c207252c3547447c9e833838df8460

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
490
expires
Mon, 26 Dec 2022 23:31:50 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
CBPRAJ7T0JSPRA6Z
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
HXC/qEq/6Y8E9VFAR9IDt9+y8k3iOvxTM8x87I6MmIhNfFuVfnQDX155843rEIYaFjHCagx+9Pg=
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/client/impression/ 		0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/client/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=693349&referer=https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ub0YVfZy6gaflFqqm1jkv%2FtI5ANWStHzbSd3BhckT6gJR59j%2FkdTyrucrJVnLKm5JTguCN0GuaqgzIKlvfTRh5%2BUbYX9jg9dS3P4sRDgSEGD9xKnjCTJKDiJsUVTGEKPIv%2Fg5PoyUcFc%2FFQaXLa4KY3cSg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
77fd44d9587b9b5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FzR4jVLjYwbpU3wBnbPh
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160074/3146// 		204 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160074/3146//pwt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.68.199 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-68-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86348de1e791583b0024b286f9fd55f1e9538f9ab142e0068282985fc70e3cdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 01:07:08 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=149329
accept-ranges
bytes
content-length
63764
expires
Wed, 28 Dec 2022 16:00:39 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:19:25 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 18:13:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
746
x-amz-server-side-encryption
AES256
etag
W/"01691be6486b0003601b7299d35deebf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
rJUL3qQcehbdRvh-9O0CO9eqARhK_TTDBxdIdZUwLhN3g5SrqhARVw==
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wsl8gsu&ht=tk&f=139.140.175.176.28494.28496.28497.28498&a=84346937&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
last-modified
Sun, 01 May 2022 15:58:42 GMT
server
nginx
etag
"626eae32-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1433 / 828 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Dec 2022 22:31:50 GMT
prebid4.15.0.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		196 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/prebid4.15.0.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2be56cea1a4dcdfe58a21865c56188678e70e0cb288a965f649829ad71d467d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Feb 2021 02:08:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
299409
etag
W/"602b2900-3117a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bjxjtzg2LFZHIfcVwMB5QVlBfWvrRa7MGCx9nhhqMzZvI3FZNXilVTifFm%2BjhjuhfQ22ZrLLpfzi%2BpEq%2Bn6U2yLhfDLWPDPb%2B8PMIloWWnVic5CQOZIMECcsJw96v6x9YYTc9ewC%2BgLPyqEUUm78M%2Fimv5U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44d8dd542bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 26 Dec 2022 22:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
270
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 27 Dec 2022 00:27:20 GMT
aam.js
aamcftag.aamsitecertifier.com/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aamcftag.aamsitecertifier.com/aam.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7200:14:c3e7:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ef65f1d4b3ddf07c3960a578d532f8aecd6b9d551631b2611596fb652480a9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 20:40:16 GMT
content-encoding
gzip
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 12:12:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
21274
etag
"866e5e2d2bbc029b03dd3a94440e09f2"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
27410
x-amz-cf-id
ZZSoxAYQgaZE9AbAYGNEngfYw17rLmVmZBMD3CyINwGspxB8X4AKyg==
x-amz-meta-s3b-last-modified
20221117T120833Z
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d2na2p72vtqyok.cloudfront.net/client-embed/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
137610315b762c596611768205a6ac7d1be7994ebde09d2ee5ffbc7df0c6b463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
H_DBjLyHtSQKpl8EC9hwkYjUbJRxxFIz
Content-Encoding
br
Via
1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
Date
Mon, 26 Dec 2022 22:31:50 GMT
X-Amz-Cf-Pop
FRA53-C1
Age
23
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 21 Dec 2022 22:16:47 GMT
Server
AmazonS3
ETag
W/"d186d1e9b103777616918d39bb9a00c4"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Vary
Accept-Encoding
X-Amz-Cf-Id
Fc1BusrbjNJsS4IxE8HN_iy02sFO3AL4UZcCgOuu0sYqYZ6D3hq9Bg==
loader.js
cdn.taboola.com/libtrc/oahu-staradvertiser/ 		383 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3f3f89541ce0ff35328d06acb9a4f637e8d8742e0409f71f0659481833f9380

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
2ehgQtKWKkjLop9FuzRrSxI2pCX3SS9U
content-encoding
gzip
via
1.1 varnish
date
Mon, 26 Dec 2022 22:31:50 GMT
x-amz-request-id
XCXKGM2EHZNFG1G0
age
0
x-cache
HIT
content-length
32728
x-amz-id-2
qtaHQUazhlqx2xplqxqb0pUIDe+uJtayNdWl04R3XYjnU0wiy3b3FxpdV0Qy/ndgKQp3C734670=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Mon, 26 Dec 2022 13:59:53 GMT
server
AmazonS3
x-timer
S1672093910.100809,VS0,VE189
etag
"bb7fa10d9ffda7b97aff40174446c33a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
70
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-74.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 07:42:28 GMT
content-encoding
gzip
via
1.1 4224c492a5822573d353a8fd476a5122.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P3
age
55542
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
R83FMyTh9ZPaicVmg2iwxRcW6M8lJVzoCH5QVNgx3OAdXPuHr5SyaQ==
gtm.js
www.googletagmanager.com/ 		139 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTV5NMZ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b67d675c7cd445c96844206a46b591e848c7b733d2f665b69c67c3ad4dbb3c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54711
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Dec 2022 22:31:50 GMT
c13p8ejhds
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/c13p8ejhds
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c8eeec1705de9d76b7f456543f65e771d4bfed0edf04c9d3df09dc8463240852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
application/x-javascript
date
Mon, 26 Dec 2022 22:31:50 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
01iCqYwAAAAAPtfqUvGWKTb1US/7+XzVYRFVTMzBFREdFMDUwNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
wp-emoji-release.min.js
www.staradvertiser.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
nginx
etag
W/"60bfebf0-4705"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bg-ad-black.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		60 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/bg-ad-black.png
Requested by
Host: staradvertiser.wpenginepowered.com
URL: https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.92
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
52bb57fd18280102ff97c27797d2fd0d36dfcbb0ce9560c3d9b3a092045cc143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
297048
cf-polished
origFmt=png, origSize=1035
content-disposition
inline; filename="bg-ad-black.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-40b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heOxLU69IYP0xhQvhOMd73VLtVin9Ht7mDf9XQ5Ro2dRoFpQn3FzyB2ZP8jOcFzl2QfrTAF7wGforMsMStZ1WTGHI7m7qaK%2BAl8zIWZrX9D9cDUkDb4GdNrFcjHdeBOFBJthCnmnfWJ%2BpqyFReX%2BrOliAOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d90d9b2bba-FRA
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WFWWH931VNGVPKV3
age
312304
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44068
x-amz-id-2
NYGN2deybKwHqcTP9sjNZi5+zLjokX5/xrJ2GzDxlgyA7lXPBK8z9/37GtNas95CY2ky8Cuw8g/G+435ZupioA==
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"84f351b3972185aed620f78489e48b2d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyrJa2NH%2BAIOtBz%2B4rqE6PI7rVDB1B%2FmyDXFDPbJmSN%2BxWEnsj13RhzGmkEco%2BHUqJR3YgzzC8HAGykNTNjbYiRmOyF%2FwIq1Bv1TLZ99s%2BmH0wXgl0nDq4C8h3vqjco7UxLQ1zWjz1qbpr84fAC2K6YR"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
77fd44d91f362bb5-FRA
bg-ad.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		56 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/bg-ad.png
Requested by
Host: staradvertiser.wpenginepowered.com
URL: https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.92
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5004c313c6c0e1e0b4c52d9f3bdd40243c6bd8e5fffc697a45320adc9c7a8a30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
297048
cf-polished
origFmt=png, origSize=15045
content-disposition
inline; filename="bg-ad.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-3ac5"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCZpk91GVJmPXtjRS0VyHjiJ9pOwiNjAxPNfKU9O9QpQoV4dlLur0gA6f%2FzDL2ZBHC4OsY8QJiBpWj%2B68PpYbGcNjVPmmC4IyK0un0qsk31UoO0V3MO%2FSrrNJDTl23twBWYwJLO7mOhVWtFzmoms8qAzcfY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d95dfa2bba-FRA
l
use.typekit.net/af/65a133/00000000000000003b9adc1a/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/65a133/00000000000000003b9adc1a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
acc3c4b04f19bc9067921dc3e4ce4f734521bb13b9d0c9943e8fa9585797114f

Request headers

Referer
https://use.typekit.net/wsl8gsu.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
server
nginx
etag
"d1273710b7f550512dbb2ff62d904ba6dde81f28"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34860
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
83641Y2HT3X8TGKF
age
312315
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55144
x-amz-id-2
sdf4fKSP5RUz11xdCQ794d6S9jXmgBWJKI70481m09oSJlIq2eJijKT05SXoC5CiH9hIcRdLsy9NEb7RFR2SBQ==
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"2ac01f7650b5ab76bfebbc708928929e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUA6JyjHojKP7FZtU3J3DFcXGBcw7r5vE6GED45JtoJSa4iu2IFWcIbPEFgtDmW3AO%2BuaVlTJpTixvOzVLhNxHEWcO%2FmWUl086WgbrfCF5C9uyC1zadEU1XMR%2BOSgIRgRzKwP%2F8%2BfSuDOA8ILQyH59G%2B"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
77fd44d95f8d2bb5-FRA
fa-regular-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8363A225V62R0F1V
age
312315
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12216
x-amz-id-2
Wkk6G9PEP89lqrYelVwskXnttNhZzoux+Ksji3NtmNpvKlF2Lrjpo1KfK2UdLZfvAwj7loizZVw=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"12717b4a013de862452c4ffcf4e1c264"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxk0LJx1weQwXyTKtVh9jvqR7lLA2uoNPMT%2FvDPwwAHwKO1fcO0php8Q6nrHrCoPYN61SDyXz9Nu238gNsoP1Adh%2FTmoxpN3BYIE%2FsPKQY9yr9J5gr6q%2FzUz0LC3kLR3sVGOAqbT3%2BUQxfu9xp61GW%2BX"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
77fd44d95f8f2bb5-FRA
email-signup-bg2.gif
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/email-signup-bg2.gif
Requested by
Host: staradvertiser.wpenginepowered.com
URL: https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.92
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa8ca82f682cc889fb3ef3e552efd4c0fbc3a09e44149463d4b1935417d8dcd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
284841
cf-polished
origFmt=gif, origSize=16728
content-disposition
inline; filename="email-signup-bg2.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14396
cf-bgj
imgq:100,h2pri
last-modified
Sat, 12 Oct 2019 02:20:59 GMT
server
cloudflare
etag
"5da1388b-4158"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKSid89bvnRXc9CRf9qlufiYABkZ9pmb%2Bo1OFlMkKbd9SJlArJETRQfsCeeEPHGPD1hY7lDtl2mfkSWKIfGkRhBcR0bwWyInQTrbFGEiduNNRd1isBuV7lFQFdf9SlMHEC9vlPRUJsz1cVSbQ8vudAwLsjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d9be9e2bba-FRA
web1_13304828-b2d19c7a2f344c5985561cb0e9f47ca1.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/web1_13304828-b2d19c7a2f344c5985561cb0e9f47ca1.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4facead78c5cfb9180834a9168ff231c489eb8ddde9857bf5f0018c91414f166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Dec 2022 21:21:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a8bee6-af4d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJQ8LOS%2FZPcbJI5kAhqQXYUdq1gQx%2F%2FFwM8qKNP9cw1v%2BeGzaw4HKoeD2itklyt3eMqhgMz%2Br69NG0h9w0dudaxjDiVmPXy%2BiunVZWkuhwX5QZIL5PIXs1bOrE%2BX597TyLBlQV%2BY6dhTMGjstFs6Oi6mRP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d9ded62bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44877
web1_13304828-9fb204e945c24a4db12404cb2052028e.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/web1_13304828-9fb204e945c24a4db12404cb2052028e.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90e0c1aacb9af071577d54eb0c7302d09fce198129f93d855766c7b937e8264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78018
cf-polished
origSize=120513, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
114703
cf-bgj
imgq:100,h2pri
last-modified
Sun, 25 Dec 2022 21:21:41 GMT
server
cloudflare
etag
"63a8bee5-1d6c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG%2FI2tgjhWjoEwW6NaVkSfsL8fXX9cd39yrXDP4xXgbU1uF59GUbjoU6jd3xEVgEKfheK7oUErt6uRSwkTrIkNg7jzJLDDcf1KNneZI8PapoNiK9tg4PC2xcAmI72lGurvFSokIZKXDCC0reJlH36%2B77FpE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d9dedb2bba-FRA
loader-sa.jpg
staradvertiser.wpenginepowered.com/wp-content/plugins/cmd-hsa-lazy-load/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/cmd-hsa-lazy-load/assets/img/loader-sa.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3442afe46e287931c137d51ca0843eca3aced172c68306492264af70341af38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
299410
cf-polished
origFmt=jpeg, origSize=27832
content-disposition
inline; filename="loader-sa.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1138
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-6cb8"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2F72MXpfruIRHXIlVhmeaJZX%2F2sQ72pS3YJQuJEPFa1bLEqTiOeM%2F4AgWjMc4DqGgo8Y%2FtMfkCxoaDbQ2oEe%2B35Z3hLB%2F3fiELQkQtbIEWTPOwNradd5V7CPW06r19%2BSu19Ce4SgSTRCiVMlsny1WeXRKRI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44d9dede2bba-FRA
hotdealshawaii
travel.payvibe.com/affiliate/ Frame DC76 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/affiliate/hotdealshawaii
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.6.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-6-121.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9ae211f099b1c4245b119e9fe65140d30eb2e2fda0c08c41aa4bb1216f77dd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
no-cache, no-store
content-length
2543
content-type
text/html; charset=UTF-8
date
Mon, 26 Dec 2022 22:31:50 GMT
server
Apache
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1657520
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17086
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-f4a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwexRq6OFOHM39s8J6sTjlyLNIzVZA7%2FWkU3Q3XkKFzpJz8Xnm3G27nWzFMHH3prIvxScdhZRv2ZBIFHHX%2Bod1e6gUnV30K0k2Mrno8Jyj8Kr8Y1WgIByNLvPfYfIVT3XyeBVmFEfoQ9ER0IxAC2j7ev"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77fd44d9fdde9bb6-FRA
expires
Sat, 16 Dec 2023 22:31:50 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma15446/988352900/2/
Redirect Chain
  • https://js.matheranalytics.com/s/ma15446/988352900/ml.js?cb=1613
  • https://js.matheranalytics.com/static/ltm/ma15446/988352900/2/ml.br.js
144 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma15446/988352900/2/ml.br.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b88007a74c504349058e7426f51eab20681dc27d871d34401cd08570e04df58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 16:11:13 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 20 May 2022 17:46:28 GMT
server
nginx
age
22837
etag
"22446afe5b2e160c4085229787c1a44a"
vary
Accept-Encoding
x-cache
HIT Sun, 18 Dec 2022 06:09:26 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42777

Redirect headers

date
Mon, 26 Dec 2022 22:31:50 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma15446/988352900/2/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
9-gc-euwest1-xgfw0940
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:01:25 GMT
content-encoding
gzip
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
77425
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
oUbjdwOo8UE3_N_6W0JNR0wce3tAUEZ3wMcXGE0QUoO2vmTKUgV_lQ==
expires
Tue, 27 Dec 2022 01:01:25 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-49.vie50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:22:33 GMT
content-encoding
gzip
via
1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
x-amz-cf-pop
VIE50-P1
age
559
etag
W/"61b8b8ab-1090"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
xnRorXypEQVHy-w1m4cdy8UZXyHlK4oAB9plykrAAp2W0ltADz3kPA==
expires
Mon, 26 Dec 2022 23:22:31 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
04334803bf65d7d6636dc942d07f4a494ac42ce42e04f575a28284550f5a88ab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:22:32 GMT
content-encoding
br
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
last-modified
Mon, 26 Dec 2022 22:22:32 UTC
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P2
age
558
x-powered-by
PHP/8.0.14
etag
W/"2f14e99b009a7fdc1f3942acdcb9c914"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
0C1268uukpO_cxTZGwh1JwGdoRYAO5GhEwZu_DlZH5Rh74ueZiG3Pg==
x-xss-protection
0
ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7539417397242.767;v=120;ip=178.162.209.139;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7539417397242.767;v=120
  • https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7539417397242.767;v=120;ip=178.162.209.139;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7539417397242.767;v=120;ip=178.162.209.139;cuidchk=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Server
34.204.208.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-208-160.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Dec 2022 22:31:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
Content-Type
image/gif
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Mon, 26 Dec 2022 22:31:50 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/html; charset=UTF-8
Location
/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7539417397242.767;v=120;ip=178.162.209.139;cuidchk=1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
ats.js
ats.rlcdn.com/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 10:04:26 GMT
x-amz-cf-pop
FRA6-C1
age
44845
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
BP3pAQiouSQbzPFytefADEh6X7oZ4LNWsXcn2hQ8RGBt0Sxzi3LgcQ==
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
941
age
308350
cdn-cachedat
08/03/2022 13:22:01
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"450fc463b8b1a349df717056fbb3e078"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
de6283eed7ad9c38028e8c51816026d1
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
77fd44da4d2e2c03-FRA
cdn-requestpullsuccess
True
sa-style-2018.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/ 		68 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.92
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3888dac327eba45d8835c6729259e4190cb79a303b903330434e000a4f8aa2d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Nov 2022 00:49:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3965773
etag
W/"636d9c09-110c9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pJT%2ByG9NBmp%2Ben2CZ8GhZaFUEJaJu3ICuI5gvaQC4QXux1uPnySZkzkDlgdM%2BFzOHV0LXwE6wBrxZy%2B%2FYqfMeLXNG2H23qwl8XcUdKG%2Bs9t69n0u0ea%2FHVAJ%2Fw8Y7SELxDor%2FS8SItjy%2FFuvWV8AqUy6p0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fc39bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 26 Dec 2022 22:31:50 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6QQ6QHH4M4K3X4DN
age
312317
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
FhYFD/tT4ZZLsz1xewRCalEbCUpRNHvPiLuyo66O7lqXY3V1TVSkjg0sfohejx3XNDk4Wa0Vao0=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXJCL5uuIgZV%2FlcT9xUyAZbzTLdHg8uKSf5rSLulKlCD20ozgUdI%2BXdkoP3aY0bei62p%2B06IoO%2FkPq28ZsahGJOgXnJEDUonF1clWwgLFEc5ITDiQx1g0cokgCoBaU6uYkfhbYXmWfLh35USeTHu6Iq3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
77fd44da28e62bb5-FRA
sa-jwplayer.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6179176
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5O80geKy%2BFVkzVLjn1KP8%2FcgfODxMlPYR6zeAM7TzOMq7%2BgF5GkDJGIKW8l2wW4HMN%2FNF9V%2Fk8jspcX8nwWaQfYNU0rW6WLtDCzo8%2BMzVkLe4dNtQaF7rajW7fk022V8MgnmRQIKEXD9cBfri6wMeRZM4Ow%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fbf9bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
common.cmd-hsa-minified.1569273721.css
staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/css/ 		502 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.6
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4500907
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGiKumQ7hvYpYtDqCe62%2Fa45Yx1dXDQW3x0%2FyXiv%2BqznMom8VrFi3wy3zw2ZC9ko74QGlJG4%2BlP07dLKF70tRY3MkY0yrA9l2b8J1QXOfXe5iPNuVRyRFR7svyV5LN9eFlVsb7DWEgqrvNoDvQldmamTf5M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fb69bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
staradvertiser.wpenginepowered.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4502661
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2J%2BRknNbjA024pJsZmxzZuY8U48OeZ8AyZSaT0IUZmyMdlWb5XrnOLx1OCBbDOxrXZKfjPhIpPU7M62%2F36xJUCfD9BMp55JN%2FPKCpTMVqAwF5PpGawiJrz45RzX8Mq76BnlTjbDKIpp4wt8LBBCqCZfmnn8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fbe9bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vfb-style.min.css
staradvertiser.wpenginepowered.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6183330
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmjUAkMoqsgx3PGjaDF41%2Fo4i5yFmdT27wyDc0b4kiIvWdRLfb2g%2FqPyocTQGqNi73X57TXVms9w%2FjW%2FKAokDH%2B7Z9PN8s6UdSCz6x3lIsXsD0x4%2FCYpaCUDvmlU3jnqBYfUHdWCZeTBctfREnBxCS2UQko%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fbb9bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		16 KB
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dda1502552738a30410dfa20c72010e98342a5f466f2bee1c27b1e20c0ee83f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 22:22:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Dec 2022 22:31:50 GMT
genericons.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
424405
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cr1cWlRkkiGSUjoCsUO6VMKFaFOwwZ5DYeW2CYLr1MSHdgueEetMIidx0htSRVRkLVat%2Frc2zzK3HDoSK5Ax4vCyiqP1xAGq6dC14YtGZJJF%2BtxTDV0IirIOcoi7XE3qEPYhoY53sp8bBvIJbAORW7tGruQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fbc9bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/ 		0
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6148767
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5lAZoVRKIA8%2BrrY8I0da5YSc%2BReYmuIzvs27ZbLI8VPxjQw6yHqe%2F6HePdveC6lEAuAvkNVzVDH39V2M1QB6UlxXb%2FykZ4q7WK%2B41ZGrSSmzbs30UGRaxEtAgBwo8%2BrB%2BS6EZnPndIsREh5VZ%2FNzV%2Ft%2Fr0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44da4fc09bb3-FRA
facets.min.css
staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6178119
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSm0sPeMie5N4vuoGUexfBPbm1DI%2FWj6dBTjoUWiSt%2Fh4xJhzsEgn3LuVw4Nhsmb5GfxnWfo5mwF3N6AVgeICajMdcF3fcXtO%2F3s61J7uxxm34At%2BN%2FPggNE5yPyB7hTyltHZGOOBcFvJYdZdP0AeMbQt%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fb99bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
active_orders
origami.secure.ownlocal.com/api/ 		473 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=11d8bf01-4a0d-42f1-9c82-39f1b7726234
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
17490e610ac37320b382a5ef50440fdeafe1529832f2d832c039bb7ad0cf5469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
date
Mon, 26 Dec 2022 22:29:12 GMT
x-permitted-cross-domain-policies
none
age
158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
473
x-xss-protection
1; mode=block
x-request-id
18129406-f1c1-41c4-bd36-0732a4710f49
x-runtime
0.030736
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
etag
W/"17490e610ac37320b382a5ef50440fde"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
vary
Origin
cache-control
max-age=3600, public
content-type
application/json; charset=utf-8
active_orders
origami.secure.ownlocal.com/api/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=c46cf15d-1622-4157-8f3f-18b9a61946de
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
c8cc7233b0b8fec82cc44cc6745adfbe15ab94c63debabbe6b7ef299a3bde052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
date
Mon, 26 Dec 2022 22:28:51 GMT
x-permitted-cross-domain-policies
none
age
179
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
1; mode=block
x-request-id
d81cd1b5-70b9-4545-929a-c07108b0f8c2
x-runtime
0.032125
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
etag
W/"c8cc7233b0b8fec82cc44cc6745adfbe"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
vary
Origin
cache-control
max-age=3600, public
content-type
application/json; charset=utf-8
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		258 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=staradvertiser.com&domain=staradvertiser.com&path=%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bd42e541ea810eed8c5e6401da8b36f64fb060e3e1dc8819c7c8cd5453d598af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
190
x-served-by
cache-fra-eddf8230028-FRA
x-timer
S1672093910.187241,VS0,VE97
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:31:50 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
941
age
308350
cdn-cachedat
08/03/2022 13:22:01
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"450fc463b8b1a349df717056fbb3e078"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
de6283eed7ad9c38028e8c51816026d1
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
77fd44da4d312c03-FRA
cdn-requestpullsuccess
True
sa-style-2018.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/ 		68 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.92
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3888dac327eba45d8835c6729259e4190cb79a303b903330434e000a4f8aa2d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Nov 2022 00:49:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3965773
etag
W/"636d9c09-110c9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8km0Ep1Apf5zp3D556lI50qsXiheJ4YN5tWQ%2BdsY0EXVZdLrY%2BYS7Wx%2Bs5onvwQKvHHgZcFcjMaYQu8dpca7jfNhfN1sppqif%2Bqm%2BBo%2Fn%2B0U62Wms3tAoooEzcNMlevwC%2FibHYgx1p5UgrpPf%2F04vIC1ho%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fc59bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 26 Dec 2022 22:31:50 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6QQ6QHH4M4K3X4DN
age
312317
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
FhYFD/tT4ZZLsz1xewRCalEbCUpRNHvPiLuyo66O7lqXY3V1TVSkjg0sfohejx3XNDk4Wa0Vao0=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FkX7zKduCyHPM64AE6vIyBnEXh%2Bl0dWIc9TpoQ9Lgk0nrj1HXZzY2DYJ0kjKzw%2FHdhJ1mpNlDTHeI1J5JZErZ3CB6xbbpNKyHmeW7Qp0G6XpQKdvm87d2JTH0pbvqO3ldT9OixuNHUmRibMWuLCuRCO"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
77fd44da490a2bb5-FRA
sa-jwplayer.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6179176
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dM312W3Fr1kCfsgjy0w%2B5tAypQUjSrmnSqHvWXiLwfQT3OU7wre0pIPWyiOsPZPiZeCmkvWepNUGI4xpTudaRxSbfMs6WCuQnYdybdMlukru0GmAGYZuNix%2FFAdE9nrznLF3C8JcaFg7rjXg0XqvcAqrkrw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fc79bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
common.cmd-hsa-minified.1569273721.css
staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/css/ 		502 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.6
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4500907
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRyMPnO0kVt9UVpBWV6tOu8CtwXPW%2BSJ9kSQTlyQUmioDtjThgjLZgH17PHcRbr91A6TxWCpzJ%2BFJPOLI0F4y%2BUWG9%2BcqJ%2B%2FUmZVMc7Wj4i3kKWcGX7ONnDi33GFyIIQjAwGNkDf35BVNAj5T1PghyJSDpk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fc49bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
staradvertiser.wpenginepowered.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4502661
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSI8ZTACty%2BYPGiyqbb4qHdt%2BpwDyB%2BQ7u3D26MNTN6i7UjYe31SKyzBiydYMFwHPp%2Bm5WdtLW4zLQrHrM%2BbQERTsnbTlouVDk14d44eyGOPj36BzJjhZ%2BPQ0k3p48Mz6bNazjHQLnoqGqv83FKnMzSaOas%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fc89bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vfb-style.min.css
staradvertiser.wpenginepowered.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6183330
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZkuCOgP0s4jO%2BKYhxx9LOEDgphaMgfo3VIz%2BMqFw64KGxCxz0iY1C3%2B17MqqCVIBEvdambgRV8BvPQNle3Yi1ChibgujiqkIidjFxm0%2BRexLns2hNsupdEg1e0ID%2FWNpEhzYLVBvE2YiMM8V1b%2FwXUBrkI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fca9bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		16 KB
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dda1502552738a30410dfa20c72010e98342a5f466f2bee1c27b1e20c0ee83f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 22:16:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Dec 2022 22:31:50 GMT
genericons.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
424405
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YHGJv9EAoS4YiAGDh09Ge%2BSREZ2f%2FbRt1K0ofmjihoTeky2JqXAl0dR%2BIubMn9%2FO4quosAZTOhD0lhUmh4vRRcXS2clYjQexh83hDjygGsj285REPeFxKzYeQF4vugEpuNUYmeeqzrwfXCGrA0DZNrMgUk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fcc9bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/ 		0
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6148767
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMMGjkC5BYbXaGYkjlgT3qxtdcSoQSt54BYJLApTQi6qxdYc0dWx5iny8zoa7LhEWVrvMy%2FGW2wK%2BlFM6YJYIlRnA6DXC2QW8pqQKUCXlfoa6x4QWbUfnj3b0tuPB59oqT5waDy1obZ6SVEDz1RWO0ZFDks%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44da4fcf9bb3-FRA
facets.min.css
staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6178119
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHKhvSRLNODlE9uLHUUa49KNzj338mU2bSYE2oD5SXHtc7Tgk0AHj54rFZ1cMr9BnXOWSegsnFk1Jrou22ULJuPL8I5JPFifTYTxlcISzr0GNSlcdF5cAM5P8zKzQXa7yoRvValySwlrZgrtl1PryCuMMsc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44da4fd19bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
web1_20221224-web-kari-lake.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/web1_20221224-web-kari-lake.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a93d78e07c572b14f868f6c712065e90abd942c6a894a7ee128ac6775c43f932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
143392
cf-polished
origSize=51724, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51134
cf-bgj
imgq:100,h2pri
last-modified
Sat, 24 Dec 2022 19:41:52 GMT
server
cloudflare
etag
"63a75600-ca0c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYp5l5%2BrpoWKSzbyULqLTVaPsUyBLq5u1vjo12BBsHYGtu1XYIEw0SKA1JTLjdpzvtgVc0m7ReQqSXS6jMLBUtazQil7cJng1eKJCNfd5KchJ%2Fw9YdzTPl%2BTZv%2BDl8D%2FfWh8SeGtQhCJg8yelUhjPfkOdDY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44da4f8d2bba-FRA
web1_20221223-web-jan-6.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/web1_20221223-web-jan-6.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6eb566e083229b91d0967a1790b398d4cdfb4a27725ee2979213ac0665c6729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
242183
cf-polished
origSize=99528, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
96044
cf-bgj
imgq:100,h2pri
last-modified
Sat, 24 Dec 2022 02:06:25 GMT
server
cloudflare
etag
"63a65ea1-184c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kj1iGO%2FE5qimzRUWvVLwZJLPSLic5HlQmzku2d89S6wMhHEF3Wn6XXv60FTS419c3GXdLvf6DL0dYZPySvPuuBu6QSntjDShGCFGFJIencSTY4W9GX5ceR%2B5Y4AMKOTqNUX4Jihr%2FsQmiqoXILv609TXdZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44da4f922bba-FRA
web1_13299322-508ef0851a424354b83eb4e89f5902f7.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/web1_13299322-508ef0851a424354b83eb4e89f5902f7.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b71235c342c170e0d0b65ef65fe1e6d36a892f2c1dfff4c401ee15d0764af9b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257504
cf-polished
origSize=55774, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54684
cf-bgj
imgq:100,h2pri
last-modified
Fri, 23 Dec 2022 21:17:06 GMT
server
cloudflare
etag
"63a61ad2-d9de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVfYjpfAZTLz5UrAY4iuRpM602E3C17DnUdvruM7oOtcyvXfJdbT1QAlDXVzBPWnMmyVA1sN9VSCKKtuLVIbDCnjQkoyJ3ZZ79kK%2FaBePzxM8BJ7Kromh5ZShwSYSRwVjMXb4AkZWOh02hOpjNcTRD1lHpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44da4f952bba-FRA
web1_13299257-9718366204c64afcb7a0a5010ff1cdd9.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/web1_13299257-9718366204c64afcb7a0a5010ff1cdd9.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
031e7d075d2fe43c93b3063addd2a481caebdc3abbfcc7bf0b5f5a832ebeaedd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257503
cf-polished
origSize=60843, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60687
cf-bgj
imgq:100,h2pri
last-modified
Fri, 23 Dec 2022 20:56:19 GMT
server
cloudflare
etag
"63a615f3-edab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DTF6UKWodISRLO3ItaziWMh4N7z5TDRStreWtpAHaNEftiis%2FdMS%2BCZPxqyrb%2BopW%2Bql7TJAjNBDsKi4RpChAymFGticXTdxCPBmjLapXAnUL0PfGF9icd7D2Nt9273RXNNXRRsCqYKt1b3ksqjDEdfhYw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44da4f962bba-FRA
web1_13298985-ac49941e24ea4bb3bd498d3c8c3c1653.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2022/12/web1_13298985-ac49941e24ea4bb3bd498d3c8c3c1653.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6825c4238e7a12b3fb6584ca2ca23d32bf129bf287dc92b0aafa7f79213cdb5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
cf-cache-status
MISS
last-modified
Fri, 23 Dec 2022 19:18:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a5fee9-d6e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn1mcFq9o5g9YF9Y7J8ErlRzHgPZmF%2F8CSKHYY4%2BWVdA%2FJNuxAtp4ityhcx69%2F64Zr6rP75UDsZcqtCTZqoLd%2FI68%2Fgt4HbB92f8k%2FiqDHsBw%2Fx3PMt%2BbuZyg%2B3fwUWelyD0z5rX2vQiJ4JAs17UrppQ%2Bt0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77fd44da4f9c2bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55012
t
jadserve.postrelease.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&ntv_mvi
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.114.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-114-227.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
319526b58010176ca296554be6189fd8ddd79301ff9942682ae390bf54e240f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
855
expires
Mon, 1 Jan 1990 12:00:00 GMT
api.js
www.google.com/recaptcha/ 		884 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8041d92740953e5f3a16adfede92767d9e450f41b443027370629b33b2d6729f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Mon, 26 Dec 2022 22:31:50 GMT
newsletter-signup.js
www.staradvertiser.com/resources/newsletter/ 		2 KB
965 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/resources/newsletter/newsletter-signup.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
last-modified
Sat, 12 Oct 2019 01:57:07 GMT
server
nginx
etag
W/"5da132f3-7ed"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
newsletter-signup.js
www.staradvertiser.com/resources/newsletter/ 		2 KB
965 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/resources/newsletter/newsletter-signup.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
last-modified
Sat, 12 Oct 2019 01:57:07 GMT
server
nginx
etag
W/"5da132f3-7ed"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
SA-newsletter-icon.png
sa-media.s3.us-east-1.amazonaws.com/images/redesign/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.us-east-1.amazonaws.com/images/redesign/SA-newsletter-icon.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.130.90 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c851e58c318492d4f404559ad6cb21dd7e93595cf9273ec1bec1f85a0baa7ccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:51 GMT
x-amz-version-id
ZFEHAtdHgcu2tx3Ki4ODLeeyKgBHff3S
Last-Modified
Tue, 29 Nov 2022 20:10:24 GMT
Server
AmazonS3
x-amz-request-id
T36K7RQZ834AQSXC
ETag
"5687ebfe865ae4f18cf0af43f5482e89"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
6420
x-amz-id-2
i0v4DooHszfnZClr27LloyZP3x1YXFucj/ynylUrv3tSUV8AgUXMAIDNeaS3Z7vTnKGr3HbbtyA=
widgetinfo
p.cityspark.com/api/widgets/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=9865&callback=jsonp1672093996485
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5c8e7d76aa656c008cfa7b9fa30856bd4606592cdd380265189807929ad2193e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:50 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
fpc
at.teads.tv/ 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_12522&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Dec 2022 22:31:50 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Mon, 26 Dec 2022 22:31:50 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 17:27:30 GMT
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
18260
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
BJrYRDacUyOd-9gI2wyLg2tKEXSibyPXBRfybAlYC2MQjZRiCwiMqA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 01:09:39 GMT
x-amz-cf-pop
FRA56-C2
age
76932
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
DuMd4lKlCuvj4Cxj2dB3AT_I7d7NfLnezbJ8N7PPhxPInnQINIRZYw==
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5270155ff4a7e8b5f899599bed68fd18e6bc5a609ca7a451371f3ae24e2380a1

Request headers

Accept
text/html
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:43:14 GMT
age
2916
x-guploader-uploadid
ADPycdsqGv6EhJAvXJS47SauB-URj_HIuvdqMmvFWLW4kAWNzo2Fv-YQSXGmxTnwKn4vMwkCOSlBD45Ez2DuSBOh1foIBA
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13741
last-modified
Thu, 19 May 2022 15:08:55 GMT
server
UploadServer
etag
"934d8a06422590627aef7e7ceaab66b9"
x-goog-generation
1652972935532544
x-goog-hash
crc32c=v7vAnw==, md5=k02KBkIlkGJ673586qtmuQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
13741
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
text/html
expires
Tue, 27 Dec 2022 21:43:14 GMT
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5270155ff4a7e8b5f899599bed68fd18e6bc5a609ca7a451371f3ae24e2380a1

Request headers

Accept
text/html
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:43:14 GMT
age
2916
x-guploader-uploadid
ADPycdsqGv6EhJAvXJS47SauB-URj_HIuvdqMmvFWLW4kAWNzo2Fv-YQSXGmxTnwKn4vMwkCOSlBD45Ez2DuSBOh1foIBA
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13741
last-modified
Thu, 19 May 2022 15:08:55 GMT
server
UploadServer
etag
"934d8a06422590627aef7e7ceaab66b9"
x-goog-generation
1652972935532544
x-goog-hash
crc32c=v7vAnw==, md5=k02KBkIlkGJ673586qtmuQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
13741
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
text/html
expires
Tue, 27 Dec 2022 21:43:14 GMT
chevron-left-solid.svg
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		464 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/chevron-left-solid.svg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c326ccc1689a51d7804d727ca92782455b9fd94f67eaca14cabbb71b7c8eb51e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
291606
etag
W/"5d893779-1d0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEBUajVn5ab3u%2FFI%2BcFiYrZ2eDXLo88nhlkXeHZWAH0ewna81Pf8xTiZLC%2BPiREGA5O%2BXdlf1Ltl7bqD6oqVcG%2B%2FmoHKje62x9r54HDFJUqPQq63aa6qfZ22hidAz4G8WFYJD5f928bTrVpKp7bLcoTEOzg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44dd0bcc2bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chevron-right-solid.svg
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		509 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/chevron-right-solid.svg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
98223037c7bfbf8695cafbfd041165f5d043feb38caa2b6f355d5a5523aa4eea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
291606
etag
W/"5d893779-1fd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEtBLgANMeVRDqiI6aFhvjLCZQhyJ%2FJPrn1%2BKCm0UB89IgSstVVveMcYa%2Fmim%2F279cDccORh7k8NLTSQQO85vjTuDTjEvbb67rPkGKQoQCz5wtyiCl1xQufMJX0aGKoyJ50t%2Bbgqw7MmLKQeVSaJkAb1y10%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44dd0bd02bba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1070775458&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&ul=en-us&de=UTF-8&dt=Migrants%20dropped%20near%20VP%20Harris%E2%80%99%20home%20on%20frigid%20Christmas%20Eve&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=145517332&gjid=971514909&cid=1495739541.1672093911&tid=UA-16272709-1&_gid=937555741.1672093911&_r=1&_slc=1&cd4=Associated%20Press&z=1277165612
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
8ce3969a-e6ad-461b-b5de-f29b520093bb.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ 		219 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/8ce3969a-e6ad-461b-b5de-f29b520093bb.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:8400:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc25b8e7820b55f33a1c2ffa97b4c7c6feecb81861849bb5a9b00eace1f4ee0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
TQn8PnjGSmq1Rxj_rTgMvwtA5fW88igd
content-encoding
gzip
via
1.1 9a736972b021a4b2382c29923f73ce8a.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 22:31:50 GMT
last-modified
Wed, 21 Dec 2022 22:16:35 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
age
16
etag
W/"c615bc376e4d073343e470ac7f12d584"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
EZCLzeNmkOX05VusTd6n66Jqd0x1yyM9QkTAIBQIUsJtl5joIkmxiw==
/
geoip.instiengage.com/json/ 		245 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.121.131 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-121-131.compute-1.amazonaws.com
Software
/
Resource Hash
6e79391c115046bbbaf82e7f9aa527597fb4e1bfd9f6ce4f1fcdc8b4f6fdb5dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:50 GMT
access-control-allow-credentials
true
x-database-date
Mon, 26 Dec 2022 13:37:06 GMT
content-length
245
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame B644 		75 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:4200:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
121
cache-control
max-age=300
content-length
75
content-type
text/html
date
Mon, 26 Dec 2022 22:29:49 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Thu, 15 Dec 2022 19:04:38 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
x-amz-cf-id
Yn-ptI8DnzjyFJVPkLY9Fvwm-Q6yWDeZ2-EiD5QxoTFtjtns5fgArA==
x-amz-cf-pop
VIE50-C1
x-amz-version-id
0B8BOtRm3TjXkbLwwelDKjJGGmWGWjpp
x-cache
Hit from cloudfront
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=staradvertiser.com&p=%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&u=CpepY0Dzblr_BPgUkJ&d=staradvertiser.com&g=48334&g0=Top%20News&g1=Associated%20Press&n=1&f=00001&c=0&x=0&m=0&y=4195&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&b=1978&t=hmH_hDh95veCTl2MSDgkVHEC5q3RH&V=139&i=Migrants%20dropped%20near%20VP%20Harris%E2%80%99%20home%20on%20frigid%20Christmas%20Eve&tz=0&_acct=anon&sn=1&sv=C59rgPBaTTQlCZgCFoDqa5PwDUZbzn&sd=1&im=067b2fff&_
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.183.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-186.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:50 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
i
aamcf.aamsitecertifier.com/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aamcf.aamsitecertifier.com/i?stm=1672093910672&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&page=Migrants%20dropped%20near%20VP%20Harris%E2%80%99%20home%20on%20frigid%20Christmas%20Eve&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=206&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=8979f765-5602-4502-85a3-afd494c4b7b6&dtm=1672093910671&vp=1600x1200&ds=1600x4195&vid=1&sid=676c26d6-4982-4067-8860-db590f397f17&duid=d6c03779-5c04-4535-b856-7f7df3bfc830&fp=2816119557&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4yLjE0OTU3Mzk1NDEuMTY3MjA5MzkxMSJ9fV19
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.111.28 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-111-28.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:51 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035032&cs_it=b3&cv=3.8.0.210223&ns__t=1672093910674&ns_c=UTF-8&c7=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&c8=Migrants%20dropped%20near%20VP%20Harris%E2%80%99%20home%20on%20frigid%20Christmas%20Eve&c9=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-74.mxp63.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
via
1.1 4224c492a5822573d353a8fd476a5122.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
x-amz-cf-id
AnPo55hVrhPlx4qBrLw5mqCpY9mBnprvA2318mqD5MTf7ZWSKFcgHg==
x-cache
Miss from cloudfront
teads-format.min.js
a.teads.tv/media/format/v3/ 		594 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5fcd41ae31209fd89836356458c60916d252e4f463b54ddbbce3faac9f901cea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
last-modified
Thu, 15 Dec 2022 14:13:39 GMT
x-amz-request-id
6Y408TMBVDCGDZ06
etag
"15339442ae8f3f9c972f9ce6eef80959"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
f
accept-ranges
bytes
content-length
132771
x-amz-id-2
SKUaeexVijh7mk6F4Nk0u8x80bo0nCw/DuDaUe/zCREst4BsSElQmAO9nb69kGWXUYhjfi8tM+Q=
expires
Mon, 26 Dec 2022 23:01:50 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Dec 2022 16:41:06 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.74 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Wed, 25 Jan 2023 22:31:50 GMT
clarity.js
www.clarity.ms/eus/s/0.7.1/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus/s/0.7.1/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/c13p8ejhds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0zhCqYwAAAADeYhB8Db1dTqS5yP+7DiNWQU1TMDRFREdFMTkxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
etag
"1d913c18f6c839e"
x-azure-ref
01iCqYwAAAABBHoXVIA/0R6U3XwcxnRvbRFVTMzBFREdFMDUwNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
/
geo.privacymanager.io/ 		30 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
/
Resource Hash
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 01:05:19 GMT
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA53-C1
age
77191
x-amzn-requestid
ba0f645a-8efc-4f9c-866b-d82a960c3dea
x-amzn-trace-id
Root=1-63a8f34f-71fdb3b141c798bc1e7d772c;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
dur0dFT6DoEFp_A=
content-length
30
x-amz-cf-id
7M5v77PY_PBRs1VO_IvwZfKC_g8PgiImtJLRCqQX5NEu6W0-q1zuiA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Dec 2023 21:12:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		554 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d628b27ccfd384db645a68130bf7e4ca23383a73e6c309e1ed1b5298134d818e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
expires
Mon, 26 Dec 2022 22:31:50 GMT
/
reporting.powerad.ai/ 		2 B
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/ 		2 B
223 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/detect-aau?ch=2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.188.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-188-247.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by
Express
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/ 		2 B
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/detect-aau?ch=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.188.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-188-247.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by
Express
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
prebid.js
hb.brainlyads.com/ Frame BCE6 		583 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3701842ac0a947553a0a1a6698b94c362693c57c231e0e45ae5768cc0bb48b62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 17:27:37 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"638f7b89-91d51"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Mon, 02 Jan 2023 22:31:51 GMT
pbjs_wrapper.v2.0.js
hb.brainlyads.com/ Frame 5CBB 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7ac2548bd9a548fd2160dc94e6561af60ed276e0fda385d4ac62ec657cd4a83f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 09 Dec 2022 10:08:51 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63930933-c45e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Mon, 02 Jan 2023 22:31:51 GMT
/
powerad.ai/pubPls/ 		43 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.188.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-188-247.compute-1.amazonaws.com
Software
/ Express
Resource Hash
d7780c6c5f23dee63329b1fa81d5a04141d48e69179d40e12d0f4838d77a14f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"abdb-Oy+Q/pIdF0iD+TniEIwSwyCA9AM"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
access-control-allow-headers
*
impl.20221226-6-RELEASE.js
cdn.taboola.com/libtrc/ 		699 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221226-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
fdb86507ce0ca5a143dd9cbf5b40d9b36460ccb16c94d36beb4ab8bf1d06e591

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Kghn7gfFnw506OsSaJUl9LiikEnB9j10
content-encoding
br
via
1.1 varnish
date
Mon, 26 Dec 2022 22:31:50 GMT
x-amz-request-id
WA8FT9CVM1X8YE8C
age
3329
x-cache
HIT
content-length
148456
x-amz-id-2
RIk5XLyrN7HZvLgggfpPlT7sBDEhkcVx00rpKIvCaTEo7VXoprbVmj/h+sSaSgF5DM3934bAVIc=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Mon, 26 Dec 2022 13:36:14 GMT
server
AmazonS3-br
x-timer
S1672093911.747262,VS0,VE0
etag
"22206e040bdd76773af86600cd0a7c75"
vary
Accept-Encoding
content-type
application/javascript
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
7502
ares-unit.css.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame 3C19 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:11:43 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1652972837
age
1207
x-guploader-uploadid
ADPycduqEhFxxEyNKttMmWCyHI2MTDjpbEehwpYWzrqrzPVEVAtyjMm0qbwGWbGUkGYVshzId5boGhMg-EPBLkkEc0rUigHb5Hfh
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7832
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"237a4ebe61241032e24155753e2473f0"
vary
Accept-Encoding
x-goog-generation
1652972937602469
x-goog-hash
crc32c=3+hD/Q==, md5=I3pOvmEkEDLiQVV1PiRz8A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
7832
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
text/css
expires
Tue, 27 Dec 2022 22:11:43 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame 3C19 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4682292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zE9Pt5f8DzFzd7jKhIOt80TWZobA6daMH9KB8gK8un5Xx4WYNl0KapUlVras7zqPhI1CetGRWEfhPxuJOFr%2BpdHLUqN77y51%2FKoBOBK0wD3BUArujS2dNCAIdzTGcPGg2t0L2M0lssY4V73230bLnz0l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77fd44de5c699bb6-FRA
expires
Sat, 16 Dec 2023 22:31:50 GMT
sp.js.gz
snowplow.ownlocal.com/ Frame 3C19 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:02:56 GMT
content-encoding
gzip
age
1734
x-guploader-uploadid
ADPycduzts2J2zhoED5_CcWc6jNmDfz0ONamFuphoRKvDYF37vs6fuV_keB3TYZW2oNSgu24m7O5-S9Hn3BPuWNp6yWsrQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29912
last-modified
Mon, 09 May 2022 19:34:21 GMT
server
UploadServer
etag
"e523a607826b707d5b388f1157cf0db7"
vary
Accept-Encoding
x-goog-generation
1652124861687069
x-goog-hash
crc32c=yl0zPw==, md5=5SOmB4JrcH1bOI8RV88Ntw==
content-type
application/x-javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
29912
accept-ranges
bytes
expires
Mon, 26 Dec 2022 23:02:56 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame 3C19 		222 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
last-modified
Wed, 23 Nov 2022 13:29:04 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/108.0.0
server-timing
cache-fra-eddf8230072, PASS, fastly;desc="Edge time";dur=9
accept-ranges
bytes
content-length
126
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame 3C19 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
6329041
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GFBN5H2TG5YBNDTRHYC7957E-fra
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44de9c58915e-FRA
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame 3C19 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
26034340
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FX0CSMZFEA4Q7X2CB4Y50HH6-fra
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44de9c5a915e-FRA
ares-unit.css.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame 4866 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:11:43 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1652972837
age
1207
x-guploader-uploadid
ADPycduqEhFxxEyNKttMmWCyHI2MTDjpbEehwpYWzrqrzPVEVAtyjMm0qbwGWbGUkGYVshzId5boGhMg-EPBLkkEc0rUigHb5Hfh
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7832
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"237a4ebe61241032e24155753e2473f0"
vary
Accept-Encoding
x-goog-generation
1652972937602469
x-goog-hash
crc32c=3+hD/Q==, md5=I3pOvmEkEDLiQVV1PiRz8A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
7832
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
text/css
expires
Tue, 27 Dec 2022 22:11:43 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame 4866 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4682292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rI42Dfss2uRvdwPKs3OALu5hftmzClQjKQHkDw5KmlkD5nkYVYyNAefFiSzAOHBiDE4DNQL4VEQ1%2Ft7%2FAzr87sEt9pSmr4dUcH8pdXgpdlEsg0Ddi9tLv9BnLPbf7Dg%2Fn47I9Z544i48gjsQo0XaA1qX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77fd44de6c979bb6-FRA
expires
Sat, 16 Dec 2023 22:31:50 GMT
sp.js.gz
snowplow.ownlocal.com/ Frame 4866 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:02:56 GMT
content-encoding
gzip
age
1734
x-guploader-uploadid
ADPycduzts2J2zhoED5_CcWc6jNmDfz0ONamFuphoRKvDYF37vs6fuV_keB3TYZW2oNSgu24m7O5-S9Hn3BPuWNp6yWsrQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29912
last-modified
Mon, 09 May 2022 19:34:21 GMT
server
UploadServer
etag
"e523a607826b707d5b388f1157cf0db7"
vary
Accept-Encoding
x-goog-generation
1652124861687069
x-goog-hash
crc32c=yl0zPw==, md5=5SOmB4JrcH1bOI8RV88Ntw==
content-type
application/x-javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
29912
accept-ranges
bytes
expires
Mon, 26 Dec 2022 23:02:56 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame 4866 		222 B
193 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
last-modified
Wed, 23 Nov 2022 13:29:04 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/108.0.0
server-timing
cache-fra-eddf8230072, PASS, fastly;desc="Edge time";dur=10
accept-ranges
bytes
content-length
126
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame 4866 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
6329041
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GFBN5H2TG5YBNDTRHYC7957E-fra
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44de9c5b915e-FRA
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame 4866 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
26034340
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FX0CSMZFEA4Q7X2CB4Y50HH6-fra
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77fd44de9c5d915e-FRA
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16272709-1&cid=1495739541.1672093911&jid=145517332&gjid=971514909&_gid=937555741.1672093911&_u=YEBAAEAAAAAAACAAI~&z=1933796739
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 26 Dec 2022 22:31:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/?random=1672093910812&cv=11&fst=1672093910812&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=hqBoCLnO39gBEI7O2NMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&tiba=Migrants%20dropped%20near%20VP%20Harris%E2%80%99%20home%20on%20frigid%20Christmas%20Eve&us_privacy=error&uaw=0&rfmt=3&fmt=4
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9ede13c9b09a65c03b8aa60eb04a9e77bbf5ba3f82ffcc8200c8b2468a564be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1012
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 26 Dec 2022 22:31:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
KaEoC+kvS/D0tr6uSBzomV264spLsfetmEWwYbB6ieGewCcD/v4/XLE1D24q/siVe7DXdICjb7bSl804raU81A==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
platform.js
insiderdata360online.com/service/ 		0
0
authIframe.js
auth.instiengage.com/auth/ Frame B644 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/authIframe.js?v=1
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:4200:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
5t0c70ij2yH4_3abcxf5deINM.AIH7.i
content-encoding
br
via
1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 22:29:47 GMT
last-modified
Thu, 15 Dec 2022 19:04:33 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
age
124
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300
x-amz-cf-id
lHEyI8WKqoHSTMnNzLDFAIY1FzV5ZEjCdDai9hFuBEKvihnaywoqAg==
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=2901561&ntv_pl=1071098
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.114.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-114-227.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:50 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=b52977c7-43b4-4000-ab9d-da02aef77821&ntv_fl=W6Y2CVR50ABR51L5Wc0JfkQkUPWv6Fn2wPbH9oXuqhNDka-oEotCHtpcqoKO79bSf3HVeE3ky9VExywhAuPaeQqUc1ltrZhsEGvl3EPlxJD-QUhy4Irz-9w5-CsDsDlzZnEDLJzoTJ_SVf3KQ9roJAZHIHnajDawJ-IdGVGwnwB7N76h8265l_yyO7xlv17SyB2d-RLtIAn9Hm615wC-tMWkEhibgVxeHm-kic6vZa1v0Mb-_-_AxEP5mXqUH8J61NTk0KYKMMv467U3OwFvDQbQs8u63EImKru8ZJyV7TFbmOQZkdQlPnTEjHkau8zSiauKraSTJZje2Sk_RcQzow==&ntv_ht=1iCqYwA&ntv_at=303,302&ntv_a=AAAAAAAAAA-lcQA&ord=1672093910838&ntv_it
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.114.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-114-227.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:50 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1071098&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.114.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-114-227.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:50 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 00:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Dec 2023 00:11:08 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Migrants%20dropped%20near%20VP%20Harris%E2%80%99%20home%20on%20frigid%20Christmas%20Eve&artid=1212639&artpubt=1672003080&artupt=1672003080&auth=Associated%20Press&hier=Top%20News&ptype=Article&sec=Top%20News&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=2&tid=7620ce27-2cbf-48bf-b834-1b68d849c324&pid=2473dd71-f055-459b-8be8-da7975026c1d&dtm=1672093910865&qnm=_matherq&visible=1&tabid=6139f779-c1fa-405e-9ce2-8e0a8fc52872&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&vp=1600x1200&ds=1600x4839&tofa=1672093911&vid=1&lvidt=1672093911&duid=c5781a352b63e704&fp=983239506&cid=ma15446&mrk=988352900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3MjA5MzkwODY2NiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMi43bWIiLCJoZWFwVCI6IjE3LjFtYiIsImZzdFBhaW50IjoiMTMwMSIsImZldGNoUyI6IjEiLCJkb21haW5TIjoiMiIsImRvbWFpbkUiOiIxMSIsImNvbm5TIjoiMTEiLCJjb25uRSI6IjM5NiIsInNzbFMiOiIxMzkiLCJyZXF1UyI6IjM5NiIsInJlc3BTIjoiNTgyIiwicmVzcEUiOiI2OTIiLCJkb21Mb2FkIjoiNjY1IiwiZG9tSW50ZXIiOiIxNDM3IiwiZG9tTG9hZFMiOiIxNDM4IiwiZG9tTG9hZEUiOiIxNDQ4In0sImtleXdvcmRzIjpbIlBvbGl0aWNzIl0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTQ5NTczOTU0MSIsInJlZlRpbWUiOiIxNjcyMDkzOTEwODY1In1dfQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.131.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-131-223.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Mon, 26 Dec 2022 22:31:51 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame 4866
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H3
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Dec 2022 22:31:51 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
2235653
x-jsd-version
4.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34466
x-served-by
cache-fra-eddf8230085-FRA
x-jsd-version-type
version
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Dec 2022 22:31:51 GMT
x-content-type-options
nosniff
age
4228328
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
111
x-served-by
cache-fra-eddf8230090-FRA
vary
Accept-Encoding, Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
inter.css
rsms.me/inter/ Frame 4866 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dfc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
c045732f0e17636580911f03ccab68a8ed721be4
date
Mon, 26 Dec 2022 22:31:50 GMT
via
1.1 varnish
content-encoding
br
expires
Fri, 23 Dec 2022 01:32:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52
x-cache
HIT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19139-FRA
last-modified
Tue, 04 Oct 2022 15:53:21 GMT
server
cloudflare
x-github-request-id
08C7:6031:B7BD69:BD1673:633C571F
x-timer
S1664899049.831625,VS0,VE2
etag
W/"633c56f1-1490"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xHLn%2FI8%2FOqK%2F%2FkefiAeBURv9%2BPIi6EQx4X0J%2FAmJx7mBs8LGTPsNV%2FMkJtI%2FeTsaXnYUU%2Ftm9kQNdcOhIz%2FQ4qS5nLNUa8mcEjcGTg4uO0BhQSCZMFfQEpkBQ9Fg%2FjqFHR2OHGf"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-origin-cache
HIT
cf-ray
77fd44df3d709018-FRA
x-cache-hits
1
css2
fonts.googleapis.com/ Frame 4866 		1 KB
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
74efbff0c27e045056f906f4d7a37360ea2ea1e311feaf8dade53a0f9c46d228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 22:31:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Dec 2022 22:31:50 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame 3C19
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H3
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Dec 2022 22:31:51 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
2235653
x-jsd-version
4.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34466
x-served-by
cache-fra-eddf8230085-FRA
x-jsd-version-type
version
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Dec 2022 22:31:51 GMT
x-content-type-options
nosniff
age
4228328
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
111
x-served-by
cache-fra-eddf8230090-FRA
vary
Accept-Encoding, Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
inter.css
rsms.me/inter/ Frame 3C19 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dfc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
c045732f0e17636580911f03ccab68a8ed721be4
date
Mon, 26 Dec 2022 22:31:50 GMT
via
1.1 varnish
content-encoding
br
expires
Fri, 23 Dec 2022 01:32:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52
x-cache
HIT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19139-FRA
last-modified
Tue, 04 Oct 2022 15:53:21 GMT
server
cloudflare
x-github-request-id
08C7:6031:B7BD69:BD1673:633C571F
x-timer
S1664899049.831625,VS0,VE2
etag
W/"633c56f1-1490"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2Bk25sPdcERu18jg1ybRul8yb%2FHaokCXV1vvTBuT%2B05MXmo3JjZ8W02zf1b1SSLHBnBEmFuh0YT5Gxy5%2FK4YENLcYesebFlvuzde22VOTshltRpflDDUe%2BG54bUjONCmeTopMNc5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-origin-cache
HIT
cf-ray
77fd44df3d719018-FRA
x-cache-hits
1
css2
fonts.googleapis.com/ Frame 3C19 		1 KB
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
74efbff0c27e045056f906f4d7a37360ea2ea1e311feaf8dade53a0f9c46d228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 22:31:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Dec 2022 22:31:50 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		38 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7470&url=%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&charset=UTF-8&ch=22&ref=www.staradvertiser.com&viewerId=null&referer=&_firid=11275672
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
8e6df5b20cef8551e838121c53389ab182118024b88d5c3375b2a1efabc354ac

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
gzip
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
nodCEJl5jb5Pogs4pbZCulorKPN-yFyFN7Pn1WNEoaElMxdMBr_6-w==
expires
0
Hc6PdfQeAi.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.217.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-217-104.compute-1.amazonaws.com
Software
/
Resource Hash
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2753
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137034616-28
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3246cd52b60cfdac1fe2553ab75476a97b2e924f608ce011f854d01436baae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43573
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Dec 2022 22:31:50 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137034616-28&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-KLPLN2M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77d3456fedbfda5bee75985a2999c2d7bc708588cd1480649e624ebd134ee686
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43581
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Dec 2022 22:31:50 GMT
251
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&ref=
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.218.13.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-218-13-139.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
30e6c5d3a46a937c4eb84f8d48b4478c0dda0bc4b9ee37bb8e54c96ebdc4c134

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.20.0
content-type
application/javascript
px.js
p.cpx.to/p/12967/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12967/px.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.159.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-159-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f266acb707c5b2704c3b6e18e0888d7995bad0ba0ffec4a125146f7e3d058583

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:50 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1990
Content-Type
application/javascript; charset=UTF-8
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-16272709-1&cid=1495739541.1672093911&jid=145517332&_u=YEBAAEAAAAAAACAAI~&z=1769383495
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-16272709-1&cid=1495739541.1672093911&jid=145517332&_u=YEBAAEAAAAAAACAAI~&z=1769383495
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.insticator.com/json/ 		245 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash
6e79391c115046bbbaf82e7f9aa527597fb4e1bfd9f6ce4f1fcdc8b4f6fdb5dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:51 GMT
access-control-allow-credentials
true
x-database-date
Mon, 26 Dec 2022 20:52:16 GMT
content-length
245
vary
Origin
content-type
application/json
8327e681-1cb0-4dde-87c0-4dfaa61a0056
h99w9l39sa.execute-api.us-east-1.amazonaws.com/prod/commonid/ 		2 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h99w9l39sa.execute-api.us-east-1.amazonaws.com/prod/commonid/8327e681-1cb0-4dde-87c0-4dfaa61a0056
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.55.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-55-30.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Dec 2022 22:31:51 GMT
x-amzn-trace-id
Root=1-63aa20d7-220e35b93c69c85d1f33f68b;Sampled=0
x-amzn-requestid
cc9c4fbc-67ac-4a90-8973-1cd1b44ea2d6
content-length
2
x-amz-apigw-id
dxoRqFdvIAMFb0g=
content-type
application/json
8ce3969a-e6ad-461b-b5de-f29b520093bb.js
df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ 		343 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/8ce3969a-e6ad-461b-b5de-f29b520093bb.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/8ce3969a-e6ad-461b-b5de-f29b520093bb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6c00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6fe20fcfdeb7726174fea4ce33c8e564964342ad5a16aea491725781eb98fd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 23:30:54 GMT
x-amz-version-id
3P4I19eba9JlRoTQ5_jVlzCmmTeQl6OS
content-encoding
br
last-modified
Wed, 21 Dec 2022 22:16:07 GMT
server
AmazonS3
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
etag
W/"697001459900d054992c480403c47ec4"
age
82858
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
4HA55SV6KTe1HjBZQKlhOefxhv3zxmMfMVDPfTlUt2QhmS0orS9gAA==
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 02:17:36 GMT
content-encoding
gzip
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
x-amz-version-id
MzFJp_hCplumN12v7na.JL4ToSqQ7M.M
last-modified
Mon, 30 May 2022 15:16:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
72856
etag
W/"32357f1c0de69779f4fedf3aeb29d83e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
HVoB10DiP-Aza7isklNe17H3kCP3A3V9RjQHJEd934iPcMYvTppkYA==
config.js
cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		127 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/8ce3969a-e6ad-461b-b5de-f29b520093bb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1870bed6fa3e0be6fe2ebfa6b43c0ea8645aa57af0ab31bc2a50dd2ebaa838ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Dec 2022 22:00:24 GMT
server
cloudflare
x-amz-request-id
F4HE3T2XN6WAEXXS
age
368
etag
W/"2efdd070378b508f8573efc3032bec7b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
77fd44e13d94bbf1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MNtoXpScvBAUdzyEh3DSElo/B7qUM3DtQtRZU7ptBlqRNoqgB3J3aDm/6zcHz0meSa8rgMQ0KkA=
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:51 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Mon, 26 Dec 2022 22:31:51 GMT
vary
Origin
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame 3C19 		168 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:35:57 GMT
x-goog-meta-goog-reserved-file-mtime
1652972837
age
3353
x-guploader-uploadid
ADPycds52aY8QH0zE1uP7ZgEZQGVF5lyU83pQ-FRvwb9vb96OZj9RD351w9kTJlgiwy5SD2UruvbDz6in2OYDVOzImXiOMRGguzJ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-generation
1652972937647965
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
application/json
expires
Tue, 27 Dec 2022 21:35:57 GMT
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame 4866 		168 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:35:57 GMT
x-goog-meta-goog-reserved-file-mtime
1652972837
age
3353
x-guploader-uploadid
ADPycds52aY8QH0zE1uP7ZgEZQGVF5lyU83pQ-FRvwb9vb96OZj9RD351w9kTJlgiwy5SD2UruvbDz6in2OYDVOzImXiOMRGguzJ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-generation
1652972937647965
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
application/json
expires
Tue, 27 Dec 2022 21:35:57 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&pid=BGjM3JGeazZOy&cb=0&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1443757323385-10%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Tile1_TopNews%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228327e681-1cb0-4dde-87c0-4dfaa61a0056%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1449255182659-9%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Tile2_TopNews%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228327e681-1cb0-4dde-87c0-4dfaa61a0056%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1509425861841-8%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_300x100-1_TopNews%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228327e681-1cb0-4dde-87c0-4dfaa61a0056%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-24%22%2C%22s%22%3A%5B%22982x30%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_x15_TopNews%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228327e681-1cb0-4dde-87c0-4dfaa61a0056%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-39%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Top_TopNews%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228327e681-1cb0-4dde-87c0-4dfaa61a0056%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-56%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Box1_TopNews%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228327e681-1cb0-4dde-87c0-4dfaa61a0056%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-70%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Box2_TopNews%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228327e681-1cb0-4dde-87c0-4dfaa61a0056%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1509158663350-7%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Box3_TopNews%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228327e681-1cb0-4dde-87c0-4dfaa61a0056%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-85%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Bottom_TopNews%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228327e681-1cb0-4dde-87c0-4dfaa61a0056%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444965704525-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_MenuBox%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228327e681-1cb0-4dde-87c0-4dfaa61a0056%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1445920181141-0%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_MenuTile%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228327e681-1cb0-4dde-87c0-4dfaa61a0056%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1465867295375-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-events_TGIF%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228327e681-1cb0-4dde-87c0-4dfaa61a0056%22%5D%7D%7D%5D&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.173.232 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-173-232.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:50 GMT
via
1.1 a3fb887b85bc3a75e90f5fb430dac290.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
_gf6TlmyY6mpwa-gwCl2tOHxFqj_AdVB2bl8iRR1qxyadP_Xn-ab8A==
translator
hbopenbid.pubmatic.com/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=eeab6d58-1d9e-4a50-852c-c47a2260e1ce&pageId=57606&pid=62653&debug_metadata=IqwFJLRZ3N&fv=1110&ts=1672093911072&f=1&referer=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=eeab6d58-1d9e-4a50-852c-c47a2260e1ce&pageId=57606&pid=62653&slot=polymorph&fv=1110&ts=1672093911081&f=1&referer=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 26 Dec 2022 22:31:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
ad
a.teads.tv/page/57606/ 		537 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/57606/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&page=%7B%22id%22%3A57606%2C%22placements%22%3A%5B%7B%22id%22%3A62653%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A760%2C%22height%22%3A428%7D%2C%22slotType%22%3A%22polymorph%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3A%5B%5D%7D%7D&auctid=eeab6d58-1d9e-4a50-852c-c47a2260e1ce&formatVersion=1110&env=js-web&netBw=9.9&ttfb=186
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
174b8a4581838bf6728436a947b4834141c5ad2f75246f262c9f0fd5ed51b8b5

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
362
expires
Mon, 26 Dec 2022 22:31:51 GMT
json
trc.taboola.com/oahu-staradvertiser/trc/3/ 		101 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/oahu-staradvertiser/trc/3/json?tim=22%3A31%3A51.136&lti=deflated&data=%7B%22id%22%3A427%2C%22ii%22%3A%22%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1672063180996%2C%22vi%22%3A1672093911133%2C%22cv%22%3A%2220221226-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F%22%2C%22vpi%22%3A%22%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4839%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A3278%2C%22mw%22%3A760%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A3803.1875%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d3506480fa60c69b5632eacc8a4d0f74200f60e9e199f8676dc734c84b18b09c

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
1028
date
Mon, 26 Dec 2022 22:31:52 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230023-FRA
server
nginx
x-timer
S1672093911.143737,VS0,VE1028
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.staradvertiser.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
css
fonts.googleapis.com/ Frame DC76 		664 B
356 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.payvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 21:18:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Dec 2022 22:31:51 GMT
app.styles.css
travel.payvibe.com/public/assets/ Frame DC76 		485 KB
151 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/public/assets/app.styles.css
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.6.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-6-121.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2b44f4d765e7643bcefe03dde63dbda744b26b1f68a05533ad59cbf8469d01bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.payvibe.com/affiliate/hotdealshawaii
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Dec 2022 07:56:03 GMT
server
Apache
etag
"79417-5ef2422b1d4ca-gzip"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-max-age
1000
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
x-xss-protection
1; mode=block
polyfill.min.js
cdn.polyfill.io/v2/ Frame DC76 		222 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=default,Array.prototype.includes
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.payvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
br
last-modified
Wed, 16 Nov 2022 09:56:10 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/108.0.0
server-timing
cache-fra-eddf8230084, PASS, fastly;desc="Edge time";dur=10
accept-ranges
bytes
content-length
126
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DC76 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90f892f389371a0a530e62f11f1341a6a448f02e93c024d8514c28abc0d2b5f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.payvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27536
x-xss-protection
0
server
sffe
etag
"1433 / 27 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Dec 2022 22:31:52 GMT
app.vendor.bundle.js
travel.payvibe.com/public/assets/ Frame DC76 		2 MB
616 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/public/assets/app.vendor.bundle.js
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.6.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-6-121.compute-1.amazonaws.com
Software
Apache /
Resource Hash
1fe0b690882bce36903da7b121b6ec75f6a030ce72fd620aee8054af04599c47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.payvibe.com/affiliate/hotdealshawaii
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Dec 2022 07:56:02 GMT
server
Apache
etag
"20daf3-5ef2422a0312a-gzip"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-max-age
1000
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
x-xss-protection
1; mode=block
app.bundle.js
travel.payvibe.com/public/assets/ Frame DC76 		3 MB
772 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/public/assets/app.bundle.js
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.6.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-6-121.compute-1.amazonaws.com
Software
Apache /
Resource Hash
41abf7a215264e21e0d6558488be5b7160ffa63b4dd7c393ddb0bdf14d8a1030
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.payvibe.com/affiliate/hotdealshawaii
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Dec 2022 07:56:01 GMT
server
Apache
etag
"3259f4-5ef24228ecc0a-gzip"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-max-age
1000
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
x-xss-protection
1; mode=block
0.chunk.js
travel.payvibe.com/public/assets/ Frame DC76 		3 MB
504 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/public/assets/0.chunk.js
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.6.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-6-121.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6ccd4f8b010a4f0deb1024863635a1fc2843c6bbdbc6c812b084c674f8a8d0f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.payvibe.com/affiliate/hotdealshawaii
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Dec 2022 07:55:50 GMT
server
Apache
etag
"2dce91-5ef2421e6764c-gzip"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-max-age
1000
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
x-xss-protection
1; mode=block
1.chunk.js
travel.payvibe.com/public/assets/ Frame DC76 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/public/assets/1.chunk.js
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.6.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-6-121.compute-1.amazonaws.com
Software
Apache /
Resource Hash
577259a6dadca32c7b759cd1c22b0a0bc6388c1745ca488cbf87d79b2e881906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.payvibe.com/affiliate/hotdealshawaii
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-length
3750
x-xss-protection
1; mode=block
last-modified
Tue, 06 Dec 2022 07:55:55 GMT
server
Apache
etag
"2dd5-5ef2422361ceb-gzip"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-max-age
1000
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
2.chunk.js
travel.payvibe.com/public/assets/ Frame DC76 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/public/assets/2.chunk.js
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.6.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-6-121.compute-1.amazonaws.com
Software
Apache /
Resource Hash
314bb10ccfc168b8e022b617ba569c7aaa615b95d247c5271998e791205f22cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.payvibe.com/affiliate/hotdealshawaii
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-length
1313
x-xss-protection
1; mode=block
last-modified
Tue, 06 Dec 2022 07:55:50 GMT
server
Apache
etag
"b0b-5ef2421f00b6c-gzip"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-max-age
1000
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
api.js
www.google.com/recaptcha/ Frame DC76 		909 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c9b1a7370bb6f8396dc3f3acbd7065f02e473fcba1754ab42fddba74753bf8dd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.payvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
577
x-xss-protection
1; mode=block
expires
Mon, 26 Dec 2022 22:31:52 GMT
/
tag.escalated.io/ 		77 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.staradvertiser.com&type=display&cust=7470&sid=direct&c=&cust2=direct
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
796e14f00b37b26aae8694dc5abe10dca7e6b3e2c1f302f9704503f0629b5e84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 21 Dec 2022 14:31:50 GMT
Server
Apache
ETag
"134a3-5f05769b76180"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
30401
X-XSS-Protection
1; mode=block
1401480206566122
connect.facebook.net/signals/config/ 		298 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1401480206566122?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ebe311bc510107b902125df35f6fb4da19997a01d0f47ef87d4ad4ed639333ce
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 26 Dec 2022 22:31:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87930
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
UhOQZs3xeRdLAloIAV7zb1bTvu+SwdKe2OMnhUmqarGjNCzhYOhije0kbPV8NDTPro3bkblDFCMLdoGbpq9wHQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
debug
trc-events.taboola.com/oahu-staradvertiser/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/oahu-staradvertiser/log/2/debug?tim=22%3A31%3A51.130&type=usage&msg=rtus&llvl=2&id=1959&cv=20221226-6-RELEASE&lt=deflated&uuid=76b1eb20eb18dfde26c63a9e22284914367aa1cb6e2a690e96e034d062f702bf&dcc=1&file=rtus.js&method=injectRtus&position=ccpaApiFail&extraData=%7B%7D
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12292
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1070775458&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&ul=en-us&de=UTF-8&dt=Migrants%20dropped%20near%20VP%20Harris%E2%80%99%20home%20on%20frigid%20Christmas%20Eve&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=378511101&gjid=1350228155&cid=1495739541.1672093911&tid=UA-137034616-28&_gid=937555741.1672093911&_r=1&gtm=2oubu0&z=2079621086
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137034616-28&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 26 Dec 2022 22:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
271
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 27 Dec 2022 00:27:20 GMT
/
www.google.com/pagead/1p-user-list/712386318/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/712386318/?random=1672093910812&cv=11&fst=1672092000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=hqBoCLnO39gBEI7O2NMC&frm=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&tiba=Migrants%20dropped%20near%20VP%20Harris%E2%80%99%20home%20on%20frigid%20Christmas%20Eve&fmt=3&is_vtc=1&random=193690864&rmt_tld=0&ipr=y
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/712386318/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/712386318/?random=1672093910812&cv=11&fst=1672092000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=hqBoCLnO39gBEI7O2NMC&frm=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&tiba=Migrants%20dropped%20near%20VP%20Harris%E2%80%99%20home%20on%20frigid%20Christmas%20Eve&fmt=3&is_vtc=1&random=193690864&rmt_tld=1&ipr=y
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ares-unit.js.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame 3C19 		115 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a15d10ee6ae48395020b55338c0384cc95c1baa147d27f4d0fe05520beb75ff1

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:36:01 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1652972837
age
3350
x-guploader-uploadid
ADPycdsb_55Sza0lvME8qTgccTY-FQ6sdLB3MKN12ofJzjKEKbE0UlM4GtfTo1LQ8cQZJMhOAWBMz9X2w9WD-KCtfeN8np4yypr3
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32473
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"0447f5ed525529565dc5e920e8d77e31"
vary
Accept-Encoding
x-goog-generation
1652972937548329
x-goog-hash
crc32c=HUbaKQ==, md5=BEf17VJVKVZdxekg6Nd+MQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
32473
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 27 Dec 2022 21:36:01 GMT
ares-unit.js.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame 4866 		115 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a15d10ee6ae48395020b55338c0384cc95c1baa147d27f4d0fe05520beb75ff1

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:36:01 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1652972837
age
3350
x-guploader-uploadid
ADPycdsb_55Sza0lvME8qTgccTY-FQ6sdLB3MKN12ofJzjKEKbE0UlM4GtfTo1LQ8cQZJMhOAWBMz9X2w9WD-KCtfeN8np4yypr3
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32473
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"0447f5ed525529565dc5e920e8d77e31"
vary
Accept-Encoding
x-goog-generation
1652972937548329
x-goog-hash
crc32c=HUbaKQ==, md5=BEf17VJVKVZdxekg6Nd+MQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
32473
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 27 Dec 2022 21:36:01 GMT
anchor
www.google.com/recaptcha/api2/ Frame 9B42 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=36v04u5a7qbf
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
607afa7be91b1d5e9c10ddd97e3729db1d6a355f27df777b95bf1fb6d4c7b510
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_W3DfxC4_ryqjEsUhPCFTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22151
content-security-policy
script-src 'report-sample' 'nonce-_W3DfxC4_ryqjEsUhPCFTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame E727 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=40glgfe7wcoz
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1c307e659f9415d5f1ae54b40485d7672a313d1b7dac22a2172f428fd610d394
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WSdKTT5A_yNgsanDMOI4vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22098
content-security-policy
script-src 'report-sample' 'nonce-WSdKTT5A_yNgsanDMOI4vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-137034616-28&cid=1495739541.1672093911&jid=378511101&gjid=1350228155&_gid=937555741.1672093911&_u=aEDAAUABAAAAACAAI~&z=124835203
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 26 Dec 2022 22:31:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
d.clarity.ms/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:50 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
fire.js
s.cpx.to/ 		832 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12967&ref=&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&hn_ver=40&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713&dsp=pub_common&dsp_uid=8327e681-1cb0-4dde-87c0-4dfaa61a0056
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.110.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-110-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8a3f600455321c84a575b6ad092eaf3ba924126c8ef7a5e546743ba30d926a1b
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Date
Mon, 26 Dec 2022 22:31:51 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
832
Expires
Thu, 01 Dec 2022 16:20:19 UTC
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Mon, 26 Dec 2022 22:31:51 GMT
vary
Origin
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&pid=BGjM3JGeazZOy&cb=1&ws=1600x1200&v=22.1213.2134&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_1%22%2C%22kv%22%3A%7B%22gpid%22%3A%22staradvertiser.com-div-insticator-ad-1%22%7D%7D%2C%7B%22sd%22%3A%22div-insticator-ad-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_2%22%2C%22kv%22%3A%7B%22gpid%22%3A%22staradvertiser.com-div-insticator-ad-2%22%7D%7D%2C%7B%22sd%22%3A%22div-insticator-ad-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_3%22%2C%22kv%22%3A%7B%22gpid%22%3A%22staradvertiser.com-div-insticator-ad-3%22%7D%7D%2C%7B%22sd%22%3A%22div-insticator-ad-4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_728x90_1%22%2C%22kv%22%3A%7B%22gpid%22%3A%22staradvertiser.com-div-insticator-ad-4%22%7D%7D%5D&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.173.232 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-173-232.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
via
1.1 a3fb887b85bc3a75e90f5fb430dac290.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
DQemV-l8-U_6uCZFgzGLNkMAs5V2Im4qcIjqvLghnu3Ps-ELIvnZxA==
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:51 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		52 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3230147019992116&correlator=162625252238268&eid=31070873%2C31071093%2C31071151&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1231134253&didk=570410235&sfv=1-0-40&prev_scp=h%3D22%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0%26amznbid%3D1%26amznp%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1672093911376&lmt=1672093911&dlt=1672093909331&idt=1663&adxs=1024&adys=2319&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&frm=20&vis=1&psz=300x560&msz=300x-1&fws=0&ohw=0&ga_vid=1495739541.1672093911&ga_sid=1672093911&ga_hid=1070775458&ga_fc=true
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a79e6140f98d1a05f5fde9318d255561809578607d15ba449c9984043c21494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20946
x-xss-protection
0
google-lineitem-id
5747548770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138407353383
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3230147019992116&correlator=2224584904906985&eid=31070873%2C31071093%2C31071151&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=2233527209&didk=570410234&sfv=1-0-40&prev_scp=h%3D22%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0%26amznbid%3D1%26amznp%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1672093911382&lmt=1672093911&dlt=1672093909331&idt=1663&adxs=1024&adys=2599&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&frm=20&vis=1&psz=300x560&msz=300x-1&fws=0&ohw=0&ga_vid=1495739541.1672093911&ga_sid=1672093911&ga_hid=1070775458&ga_fc=true
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe143d0d94b59105d42f7bddd9dcbbea11172382c5058cb423cf5ec1092350f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11863
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3230147019992116&correlator=4483309953531855&eid=31070873%2C31071093%2C31071151&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=221817293&didk=570410213&sfv=1-0-40&prev_scp=h%3D22%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0%26amznbid%3D1%26amznp%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1672093911386&lmt=1672093911&dlt=1672093909331&idt=1663&adxs=1024&adys=3927&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&frm=20&vis=1&psz=300x342&msz=300x-1&fws=512&ohw=0&ga_vid=1495739541.1672093911&ga_sid=1672093911&ga_hid=1070775458&ga_fc=true
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11c95139a144d8cc9665f49560d9a2f46be22a48ef25b0eace51fd0a72210738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12430
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3230147019992116&correlator=848518941119121&eid=31070873%2C31071093%2C31071151&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=613459873&didk=570410212&sfv=1-0-40&prev_scp=h%3D22%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0%26amznbid%3D1%26amznp%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1672093911389&lmt=1672093911&dlt=1672093909331&idt=1663&adxs=436&adys=4657&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&frm=20&vis=1&psz=1350x142&msz=1320x-1&fws=0&ohw=0&ga_vid=1495739541.1672093911&ga_sid=1672093911&ga_hid=1070775458&ga_fc=true
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c22cadcff55ecdb2e35992dd88e4f70223147187a8d08db59385d39486d86d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12218
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 280A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:51 GMT
expires
Tue, 26 Dec 2023 22:31:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame E727 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=40glgfe7wcoz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Dec 2023 16:18:42 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame E727 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=40glgfe7wcoz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 00:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Dec 2023 00:11:08 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 9B42 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=36v04u5a7qbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Dec 2023 16:18:42 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 9B42 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=36v04u5a7qbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 00:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Dec 2023 00:11:08 GMT
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4682921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
573
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-882"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Beqf5A%2Bz0ZVYAyCgAvSvX1M0FYKWmeCq6lY989FIY5dPigQssa3y3DF527A%2FJNGZfe8ZTAnkIniVFGb2lCMim2X6IyJL5kft7PtivjvTIk86725j4XLjPtBWPpahcqhZ%2B0Pd%2Bki0u0sHct1NfqxohvN4"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77fd44e26ce4900d-FRA
expires
Sat, 16 Dec 2023 22:31:51 GMT
one.js
csp.azureedge.net/cdn/OneCol/ 		138 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:521 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 22:43:11 GMT
server
Microsoft-IIS/10.0
etag
"1d8a39c948c0162"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
61870
/
onetag-geo.s-onetag.com/ 		555 B
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-25.vie50.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 20:23:38 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 0b1a7654de85c273e4c8f54e3e012e2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, VIE50-C1
age
7693
x-amzn-requestid
4fa43ea8-0c96-418e-bd49-59e5946c29c1
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
dxVftEAsCYcFgpw=
content-length
555
x-amz-cf-id
R-ScMAAod_O-YeASf2Yq7fTPga8szEPK3RYz9LtGy6HjfMSFPwjNyQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-41.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
SQDb2i9Q5YZSPn9JZMj9axyuCi9GAOZD
content-encoding
gzip
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 01:01:59 GMT
last-modified
Wed, 10 Aug 2022 09:56:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
77392
x-amz-server-side-encryption
AES256
etag
W/"588a5c88fba4ca02dace48040384e257"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
HZt4KSvBt5_5fgvxwRFnwLdteLFdzK_iXrKRHd6x_Tc74BtOpE8cQg==
%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F
signal-segments.s-onetag.com/desktop/www.staradvertiser.com/ 		724 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.staradvertiser.com/%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-70.fra56.r.cloudfront.net
Software
/
Resource Hash
7f3e9042644de7927aba8840723a2dcd9739a922cd7d2f0f114b75f0fcb04dbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
724
apigw-requestid
dxoRthdHCYcEPMg=
x-amz-cf-id
5RZZTl_PA2mo7sXjSxwAhcDhEWQSuECADleZ4W5Kx6UAIA73NfaZBw==
www.staradvertiser.com
signal-segments.s-onetag.com/desktop/ 		24 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-70.fra56.r.cloudfront.net
Software
/
Resource Hash
bb65d5129b58fa5e0213ff8fd034dda13a5815f1b1191eb97856aadb23a305e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 02:14:16 GMT
content-encoding
gzip
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
73055
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
M-0vndvEZUSAqvc2gFRAVUHKBzxocOKZn5i3bOSBw0EVHVHGrNHOdg==
apigw-requestid
du163jL2CYcEa5A=
latest.json
origami.secure.ownlocal.com/origami_configs/ca847b68-1298-4703-9a3e-8820483a43e4/ Frame 3C19 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/ca847b68-1298-4703-9a3e-8820483a43e4/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4747c70c3d82f36d872237275278f73f798a304356080654a6e45f7065059c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
x-guploader-uploadid
ADPycdtQiC8oon2qq6m_snCxr8psyh-tKfS6m-RE6ypsbM253M1DlvGEp4TCPd31rzfppzD4fyOmA8xSuE7clTYagPQt7bx17SPs
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ca847b68-1298-4703-9a3e-8820483a43e4
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2217
last-modified
Mon, 26 Dec 2022 07:32:29 GMT
server
UploadServer
etag
"83e2b5e02ce3c4b7a159f55144b35124"
x-goog-generation
1672039948957003
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=PYrolQ==, md5=g+K14CzjxLehWfVRRLNRJA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2217
accept-ranges
bytes
expires
Mon, 26 Dec 2022 23:31:51 GMT
latest.json
origami.secure.ownlocal.com/origami_configs/b117c9a7-c438-41bc-a897-2f918985122a/ Frame 4866 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/b117c9a7-c438-41bc-a897-2f918985122a/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4504a05d2bb638330e8bc5282421961c1822f95d6ecacf564824c0e63805456c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
x-guploader-uploadid
ADPycduKF_P6ttBoclqanxuR4MF2cEBrsMgp2DqNqmLBlO7zyFKt_E7JgKha30VI-xVQRTZmpNyoPgTKYRyvTqlMaZJHCjvO2wPE
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
b117c9a7-c438-41bc-a897-2f918985122a
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2301
last-modified
Mon, 26 Dec 2022 07:32:26 GMT
server
UploadServer
etag
"b6687d5533fbbdf37e2b19401c95e797"
x-goog-generation
1672039946097807
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=v1mJ7g==, md5=tmh9VTP7vfN+KxlAHJXnlw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2301
accept-ranges
bytes
expires
Mon, 26 Dec 2022 23:31:51 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212211045/ 		216 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 15:47:15 GMT
server
cloudflare
x-amz-request-id
5D8WAN8G73GBZH45
age
447902
etag
W/"fa407ba001f2ac06196124f41d523471"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77fd44e29d37bb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
go5Qfjv3RzTg49IVkJ9mGyUrz31FeO9RxHJ2RQW0ZBjHDNInM0sWq5zm8+ZpzU3/xjlyKPDnHcY=
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1401480206566122&ev=PageView&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&rl=&if=false&ts=1672093911456&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672093911454.828766883&it=1672093911213&coo=false&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 26 Dec 2022 22:31:51 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E727 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 19:40:09 GMT
x-content-type-options
nosniff
age
355902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 29 Dec 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E727 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=40glgfe7wcoz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 09:20:58 GMT
x-content-type-options
nosniff
age
306653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 09:20:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E727 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=40glgfe7wcoz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 22:15:01 GMT
x-content-type-options
nosniff
age
346610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 22:15:01 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9B42 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 19:40:09 GMT
x-content-type-options
nosniff
age
355902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 29 Dec 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B42 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=36v04u5a7qbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 09:20:58 GMT
x-content-type-options
nosniff
age
306653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 09:20:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B42 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=36v04u5a7qbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 22:15:01 GMT
x-content-type-options
nosniff
age
346610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 22:15:01 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame E727 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=40glgfe7wcoz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=40glgfe7wcoz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 26 Dec 2022 22:31:51 GMT
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713
  • https://s.cpx.to/ca.png?dsp=dbm&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713&google_gid=CAESEFvzG_uyrC9NM0hnYzl_8Gw&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713&google_gid=CAESEFvzG_uyrC9NM0hnYzl_8Gw&google_cver=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Server
34.252.110.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-110-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Date
Mon, 26 Dec 2022 22:31:51 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/ca.png?dsp=dbm&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713&google_gid=CAESEFvzG_uyrC9NM0hnYzl_8Gw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De203feea-5a0f-48c9-aa6e-91eb1fb96713
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De203feea-5a0f-48c9-aa6e-91eb1fb96713
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B81A9662-136D-42F9-BBF5-8EF5985BA510&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B81A9662-136D-42F9-BBF5-8EF5985BA510&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Server
34.252.110.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-110-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Date
Mon, 26 Dec 2022 22:31:52 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95
Expires
Mon, 26 Dec 2022 22:31:52 UTC

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B81A9662-136D-42F9-BBF5-8EF5985BA510&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713
date
Mon, 26 Dec 2022 22:31:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12967%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.staradvertiser.com%252F2022%252F12%252F25%252Fbreaki...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12967%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.staradve...
  • https://s.cpx.to/an_fire?app_nexus_uid=4079998900732099964&pid=12967&ref=&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-...
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=4079998900732099964&pid=12967&ref=&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&hn_ver=40&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713&dsp=pub_common&dsp_uid=8327e681-1cb0-4dde-87c0-4dfaa61a0056
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Server
34.252.110.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-110-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Date
Mon, 26 Dec 2022 22:31:52 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95
Expires
Mon, 26 Dec 2022 22:31:52 UTC

Redirect headers

Date
Mon, 26 Dec 2022 22:31:51 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.162.209.139; 178.162.209.139; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a5070a08-c00a-4aa2-b212-723c52b33133
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://s.cpx.to/an_fire?app_nexus_uid=4079998900732099964&pid=12967&ref=&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&hn_ver=40&fid=e203feea-5a0f-48c9-aa6e-91eb1fb96713&dsp=pub_common&dsp_uid=8327e681-1cb0-4dde-87c0-4dfaa61a0056
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
967 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-25.vie50.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 20:23:38 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 0b1a7654de85c273e4c8f54e3e012e2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, VIE50-C1
age
7693
x-amzn-requestid
4fa43ea8-0c96-418e-bd49-59e5946c29c1
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
dxVftEAsCYcFgpw=
content-length
555
x-amz-cf-id
8xGNG6NrjgiB4-3rp8ZJKAvos4UIWhH2xSSnKtRLlmTLrLger3vHQg==
post
tag.escalated.io/ 		31 B
464 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/post
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4b23cd1848a8d29e9668a512596f71c68c367b3916040f76a13d4a4ae7198ca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 26 Dec 2022 22:31:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
close
Access-Control-Allow-Headers
content-type
Content-Length
51
X-XSS-Protection
1; mode=block
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 20:54:40 GMT
content-encoding
gzip
age
1561031
x-guploader-uploadid
ADPycdt6iN4_QwReAjSC_LRG7vKFAXTDxCKMV2GXbUWI2CZkbUxvp16CdJB4GM5IU0zxTYK5GU9096eqDzRaDtbKrSxd5sgqSB-S
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 08 Dec 2023 20:54:40 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
BBBA0A3QDQ1HWH2T
age
3558
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77fd44e46e32bb91-FRA
x-amz-id-2
ifirG6OKyiUb0CDm3Pp6NFXSRsipT+RfZA795jySpk4Hznc40wDcE3MyvtCBhb4h+QHIekyQ8Ho=
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 27 Dec 2022 22:31:51 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 06:30:00 GMT
content-encoding
gzip
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:55:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
57712
x-amz-server-side-encryption
AES256
etag
W/"2c5f4a319c3d99310927955777b5abe3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
_9IMjCBNQC1mMLswGXI_UCFBDbhWnoLWqwUc9D7i1Kbztx_hKuUplg==
container.html
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC42 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:51 GMT
expires
Tue, 26 Dec 2023 22:31:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1070775458&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&ul=en-us&de=UTF-8&dt=Migrants%20dropped%20near%20VP%20Harris%E2%80%99%20home%20on%20frigid%20Christmas%20Eve&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1969r3n&_u=aHDAAUABAAAAACAAI~&jid=&gjid=&cid=1495739541.1672093911&tid=UA-16272709-1&_gid=937555741.1672093911&cd4=Associated%20Press&cd2=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fc13p8ejhds%2Fxuxt46%2F1969r3n&z=735467019
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71360
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 198D 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:5a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
787e3396f1ff0f54337135bcaec8e8c75dd0b2a1687c3b0ab4948e872d316b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
xJUdICquM4oKT449krCHztTk_4l_Xs3L
content-encoding
br
via
1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 21:51:49 GMT
last-modified
Thu, 03 Nov 2022 13:13:11 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2403
etag
W/"3ce6a7637e3e0b41a7cc4d619da1f7f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
t0R7BC-z61Teq_0C2J8R36l4ijV89daJZHdQp4XQDSE11sGJtloYyA==
view
securepubads.g.doubleclick.net/pcs/ Frame 198D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjwnksSZhB6VPCH8xgs6sF1Z9Ahs0r3bUU0n5OBKH_vEd6_o77CC48lRfdqmnBrC9teEpo90HXS25Jzrdb2YfTOXNUULn1ZBWiW0XetBTLXdTwVQ6Faj8VWe2g0i7smBEaqUXWBAVwKkhLo2zpZ1_1yN8CYEHYus6UEwdqd8knTFsUlXAb5ImYuVTVdJPHZKsJbDTYNViYw-nbwbJRE7Rh4kyBMl0Iyys7SqVhgz_sIvJoR-Ue_8UcdfFzVQkTjEkO2FtH1D4CUNMdbQWNp78rzGzVBLYtOmv_gM2PYaQFn9KKk6QxzDEVptj30L0OFMP_jmhVIvf6yNJrcaJDg9CcLB3PSJ7ZGp1z6A&sai=AMfl-YQInu4LWcl0hRejsgBG2RTtdVZNg5JA4igANyTWWTRaOx1FBj1iOJr1N8ncu922pmmaND4ForMuh8k-q2uRObGd-sHBqV41ERekOd7DWlDeyo0xhJUPQhy3oqoxm2Bj&sig=Cg0ArKJSzPKBbZL4_IdFEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 198D 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
35922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 198D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
24010
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 15:51:42 GMT
l
www.google.com/ads/measurement/ Frame 198D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQK-em40L3WuCgQqmtxtNWk6NMYsxcdzdvRFGgGJFBde81z-EPJyTrKNnaqOtlWpeH6gLQoPBEXw8GlMjohABakGEbcQQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 198D 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 22:31:51 GMT
7205033373431131786
tpc.googlesyndication.com/simgad/ Frame 198D 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7205033373431131786
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9047516bbaae555f81da45031d25c49218cca7cd25080455c21e3fb6b8d2bd0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 22:29:11 GMT
x-content-type-options
nosniff
age
259361
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32440
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 19:50:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 22:29:11 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 9B42 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=36v04u5a7qbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=36v04u5a7qbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 26 Dec 2022 22:31:51 GMT
container.html
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C2EE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:51 GMT
expires
Tue, 26 Dec 2023 22:31:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 276B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:51 GMT
expires
Tue, 26 Dec 2023 22:31:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3230147019992116&correlator=3163458127405956&eid=31070873%2C31071093%2C31071151&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=5136785%2CSA_Footer_ROS%2CSA_INT_TopNews%2CSA_InContentAd_Archives%2CSA_InContentAd_Archives2%2CSA_INT_Gateway-Sponsor&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=5&adks=3405204822%2C4050823432%2C2308155245%2C1442998568%2C1052146423&didk=2795815272~3238883343~3641204005~2802823851~3135847618&sfv=1-0-40&ists=25&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie=ID%3Df331695c6dc12b2c%3AT%3D1672093911%3AS%3DALNI_Ma5hPQ3nVcqHDgnu9hrZKfj0rOxag&gpic=UID%3D00000b99026d4273%3AT%3D1672093911%3ART%3D1672093911%3AS%3DALNI_Mab9hpat4azlL26VvvV-EP84Z-jLw&abxe=1&dt=1672093912001&lmt=1672093912&dlt=1672093909331&idt=1663&adxs=-9%2C0%2C215%2C-9%2C0&adys=-9%2C0%2C2458%2C-9%2C40&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C5%7C-1%7C0&ucis=5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C760x1572%7C0x-1%7C1600x4998&msz=0x-1%7C0x-1%7C760x0%7C0x-1%7C1600x0&fws=2%2C512%2C0%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1495739541.1672093911&ga_sid=1672093911&ga_hid=1070775458&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpZXBhNUwSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKWVwYTVMEgAUgIIZBIUCgVvcGVueBillcGE1TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKWVwYTVMEgAUgIIZA..
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c2accee746a239bd9ecda96c3cf60b376718a6a7b603bf7df97197748320349
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		196 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3230147019992116&correlator=1337811290208820&eid=31070873%2C31071093%2C31071151&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=5136785%2CSA_Tile1_TopNews%2CSA_Tile2_TopNews%2CSA_300x100-1_TopNews%2CSA_x15_TopNews%2CSA_Top_TopNews%2CSA_Box1_TopNews%2CSA_Box2_TopNews%2CSA_Box3_TopNews%2CSA_Bottom_TopNews%2CSA_MenuBox%2CSA_MenuTile%2CSA_Box-events_TGIF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=300x100%2C300x100%2C300x100%2C982x30%2C728x90%7C970x90%7C970x250%2C300x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C300x250%2C300x100%2C300x250&ifi=10&adks=475713261%2C3145813748%2C2829085417%2C633424822%2C3802804222%2C1665226289%2C2303525361%2C801128149%2C4236930861%2C3123340506%2C1463211416%2C3217711606&didk=2648660~1681246200~2780311623~3506187507~3506187352~3506187413~3506187742~1813085483~3506187700~677057241~724029500~1345779972&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie=ID%3Df331695c6dc12b2c%3AT%3D1672093911%3AS%3DALNI_Ma5hPQ3nVcqHDgnu9hrZKfj0rOxag&gpic=UID%3D00000b99026d4273%3AT%3D1672093911%3ART%3D1672093911%3AS%3DALNI_Mab9hpat4azlL26VvvV-EP84Z-jLw&abxe=1&dt=1672093912005&lmt=1672093912&dlt=1672093909331&idt=1663&adxs=1159%2C140%2C1024%2C309%2C436%2C215%2C1024%2C1024%2C436%2C-975%2C-975%2C-9&adys=102%2C102%2C2881%2C59%2C247%2C1258%2C290%2C3805%2C4468%2C2542%2C93%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C6%7C0%7C0%7C7%7C0%7C8%7C9%7C10%7C0%7C-1&ucis=a%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&frm=20&vis=1&psz=337x100%7C337x100%7C330x14%7C1600x4998%7C1350x64%7C300x27%7C330x14%7C300x562%7C1350x72%7C350x-1%7C350x-1%7C0x-1&msz=300x-1%7C300x-1%7C300x14%7C1600x24%7C1318x24%7C300x27%7C300x14%7C300x264%7C1318x24%7C300x-1%7C300x-1%7C0x-1&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C512%2C0%2C516%2C516%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C350%2C350%2C0&ga_vid=1495739541.1672093911&ga_sid=1672093911&ga_hid=1070775458&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpZXBhNUwSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKWVwYTVMEgAUgIIZBIUCgVvcGVueBillcGE1TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKWVwYTVMEgAUgIIZA..
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0e9c85a3ca4e2c0bdc63caa3eb10f5ba675924cd40ef54284ae14e5aa11d54a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32058
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,6134321741,4901051034,4837391996,5452073407,94601305,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,138408479821,138258016293,138307415909,138324202571,138226966836,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		5 KB
667 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Dec 2022 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 21:14:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Dec 2022 22:31:52 GMT
O-Y8B-Sg4k2ciJNjP_aCeA.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		348 KB
349 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/O-Y8B-Sg4k2ciJNjP_aCeA.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b6ce3a8ba9b2b8e453f4f0b22f9a7b6e9150a9f6a3a23f48a64db5bc7d0cd2b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:52 GMT
Last-Modified
Thu, 08 Dec 2022 00:51:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
OQbO66SzE7Io1qS0tKyPeg==
ETag
0x8DAD8B666242C38
Content-Type
application/octet-stream
x-ms-request-id
e73cf3a6-e01e-0023-2d79-19a772000000
x-ms-version
2009-09-19
Content-Length
356489
dwoUTuBwR0iRZARq7gQufw.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		286 KB
286 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/dwoUTuBwR0iRZARq7gQufw.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1b51cda29b67de66c6e1f4162f1658593331aa5969277734b302718847590049

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:52 GMT
Last-Modified
Sun, 20 Nov 2022 01:43:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
/b4ytS7/ItKpaMDyOMLtoQ==
ETag
0x8DACA98A0A126ED
Content-Type
application/octet-stream
x-ms-request-id
3a445398-d01e-0007-2e79-1951d2000000
x-ms-version
2009-09-19
Content-Length
292455
_JLzkfGW8kyiGBq6UHEckQ.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		256 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/_JLzkfGW8kyiGBq6UHEckQ.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a0a9980a169c8d00f1d15cf550a0042f66830dc82087fbbd1c072e9aef393d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:52 GMT
Last-Modified
Sun, 20 Nov 2022 01:43:29 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
IFt5inC/Tdpy8q6Aeu6atw==
ETag
0x8DACA98A0010835
Content-Type
application/octet-stream
x-ms-request-id
eaf9984f-d01e-004a-4579-199e3e000000
x-ms-version
2009-09-19
Content-Length
262114
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
TRv5Rq3VL0C41hYUg1Lasg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/TRv5Rq3VL0C41hYUg1Lasg.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8a67d8b1be1469e2cb3009f299cffc29ab1aca247cfa9d4ecb57402c82091175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:52 GMT
Last-Modified
Thu, 09 Dec 2021 06:08:07 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
QbV1gLoAweIxgsfAlpqW4Q==
ETag
0x8D9BADA456B906B
Content-Type
application/octet-stream
x-ms-request-id
cb1ad232-701e-007c-0e79-19134e000000
x-ms-version
2009-09-19
Content-Length
44012
4L0D9zf1-0a1Yp0ZY5GSVQ.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/4L0D9zf1-0a1Yp0ZY5GSVQ.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3a24d835e837f850eaf35472bf6fb2d43f7ab7532ab10fc652f583588391f8c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:52 GMT
Last-Modified
Fri, 29 Jul 2022 10:49:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
HrzunSsqGFJDczNEv6U69Q==
ETag
0x8DA7150043A7DD3
Content-Type
application/octet-stream
x-ms-request-id
7a04868c-b01e-0073-4c79-196522000000
x-ms-version
2009-09-19
Content-Length
24127
d8f77fdd-b2d4-4d84-80e8-8ff36eca0696.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/d8f77fdd-b2d4-4d84-80e8-8ff36eca0696.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
72974943012965be283095b6d26136f4a0f9c2cf9a89f4378ba72fecca61fe1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:52 GMT
Last-Modified
Wed, 08 Aug 2018 05:16:16 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
5JszBxiBdQdvOLMCGawp9w==
ETag
0x8D5FCEE111CE41B
Content-Type
image/png
x-ms-request-id
84eef2b7-601e-005f-0379-19898d000000
x-ms-version
2009-09-19
Content-Length
150876
5b1f1632-1a8b-4263-a681-6913b4782ae3.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/5b1f1632-1a8b-4263-a681-6913b4782ae3.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
76680f0b92772b6ba927017c9f33634a545bac31dd25c6557a0458009d07f504

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:52 GMT
Last-Modified
Thu, 01 May 2014 11:20:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
H5ZdybRyUkmj1T0uphVosQ==
ETag
0x8D133467778FFE4
Content-Type
image/png
x-ms-request-id
cb1ad2fa-701e-007c-3e79-19134e000000
x-ms-version
2009-09-19
Content-Length
125097
567zFuO09k-e5TX9RfMIdQ.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/567zFuO09k-e5TX9RfMIdQ.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
577c42b9cf57672a5b63ef537021a77ce5bd9947e73f3f7c32f7904469159c30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:52 GMT
Last-Modified
Wed, 07 Dec 2022 06:06:38 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ltyQtO9oPdmsx+tC3ZrbSQ==
ETag
0x8DAD819342B3ABE
Content-Type
application/octet-stream
x-ms-request-id
7a04871b-b01e-0073-4c79-196522000000
x-ms-version
2009-09-19
Content-Length
283661
8367e33f-35e5-4ad1-962d-167521b8540f.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/8367e33f-35e5-4ad1-962d-167521b8540f.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
171da8585ed56e45c58b3352d0a6b7daee0995299d226b4415420a47b74ead3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Fri, 18 Oct 2013 01:41:32 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
nXmAcrv/OQCXUk6kmRxzsQ==
ETag
0x8D099BA4EF1A777
Content-Type
image/png
x-ms-request-id
cb1ad3a1-701e-007c-4e79-19134e000000
x-ms-version
2009-09-19
Content-Length
109167
eogre3iPTUGLUQV5Z7XBgg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/eogre3iPTUGLUQV5Z7XBgg.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
020fe979bbadb36d56f295cacdf65936c1f35efd5e2083b0b5953aeb2e94846e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Wed, 01 Jun 2022 02:29:50 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
18nvIabpvWej/SvyNl1HTA==
ETag
0x8DA43769A979493
Content-Type
application/octet-stream
x-ms-request-id
84eef38f-601e-005f-3c79-19898d000000
x-ms-version
2009-09-19
Content-Length
16818
PZyl5SNSv0yIJKDXheSPMA.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/PZyl5SNSv0yIJKDXheSPMA.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
353c2a4b0abb2be087b0bb41990e46061e4a55b50f8136a1da162e12d473eb28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Mon, 30 Aug 2021 20:22:06 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
clqv5H9Xr3MLbOs33Q9Hug==
ETag
0x8D96BF3D65444BA
Content-Type
application/octet-stream
x-ms-request-id
e73cf492-e01e-0023-7879-19a772000000
x-ms-version
2009-09-19
Content-Length
30727
LZjq0Dbu20eTj2VLymlfAQ.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/LZjq0Dbu20eTj2VLymlfAQ.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
78cc62a5ba08f398278d85662720a32715d53de23199800bd144a7e21ccae26c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Thu, 14 Jul 2022 22:09:21 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
VefT856PdFP0hVe/Os6cag==
ETag
0x8DA65E580F737C2
Content-Type
application/octet-stream
x-ms-request-id
84eef3ce-601e-005f-7779-19898d000000
x-ms-version
2009-09-19
Content-Length
36042
ZWHCYR2pUU6Xy-kW1qFfZA.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ZWHCYR2pUU6Xy-kW1qFfZA.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3c1a451285bec39b90b556b7ca61a3a04a93b78770b3224621cb33e32165e039

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Tue, 13 Sep 2022 05:20:54 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
sC4OiiKl/iFYuliUsPXo1w==
ETag
0x8DA9547BB3397DC
Content-Type
application/octet-stream
x-ms-request-id
eaf99a11-d01e-004a-5979-199e3e000000
x-ms-version
2009-09-19
Content-Length
283185
YmOyTJEMUUiW02Z--9Tgzg.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		224 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/YmOyTJEMUUiW02Z--9Tgzg.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fd252697b4b8561c35169f5159fdbb76fcf8aee53451450cc5fb7f3c1f8a9f5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Thu, 06 Oct 2022 10:00:02 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
sx56h2mXkYSG0ehkKSr5Ww==
ETag
0x8DAA78189565BC9
Content-Type
application/octet-stream
x-ms-request-id
3a4454cf-d01e-0007-4079-1951d2000000
x-ms-version
2009-09-19
Content-Length
229186
0f90fe97-26d8-4cb9-8021-16227ba3a74e.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/0f90fe97-26d8-4cb9-8021-16227ba3a74e.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4a3bdbacf98cc07f43a1e733baa9436d8c9d05d27c0eeac1727888b47b7ac06f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Fri, 18 Oct 2013 00:59:00 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
cgTBTMm7WKR8/XDK01n91w==
ETag
0x8D099B45D7C8400
Content-Type
image/png
x-ms-request-id
e73cf4be-e01e-0023-2079-19a772000000
x-ms-version
2009-09-19
Content-Length
114540
ec2b8e27-3c7d-48c1-b608-a91bd8a17d42.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ec2b8e27-3c7d-48c1-b608-a91bd8a17d42.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b04720aac07470e1a44ded35800ff8158b7e1b61d26ae7fdcc09273d160f0a33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Sat, 09 Jul 2022 03:43:44 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
K+DvcUHuemOiOx0nA39laA==
ETag
0x8DA615D38F64FD2
Content-Type
image/jpeg
x-ms-request-id
84eef405-601e-005f-2779-19898d000000
x-ms-version
2009-09-19
Content-Length
11043
l1hdX3CJfkumZ_8APnHnKg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/l1hdX3CJfkumZ_8APnHnKg.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6590aefc2ae6bed859660661708fa5e37f92d194a2108ab19822fb8b6bd77f0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Mon, 30 Aug 2021 20:22:08 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9U5hb0IyMbcvjFPMMiP9Kg==
ETag
0x8D96BF3D74E6107
Content-Type
application/octet-stream
x-ms-request-id
3a445503-d01e-0007-6d79-1951d2000000
x-ms-version
2009-09-19
Content-Length
54592
0d0bca5a-de54-4049-8d15-d7f2593502a7.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/0d0bca5a-de54-4049-8d15-d7f2593502a7.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8f7453113a409f8b2d5ba423053482d152d3a5d9bf948feb6b5ab802c1f38c92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Sun, 11 May 2014 21:27:35 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
WROWnO7Cc1WVZ9/vO7aKYA==
ETag
0x8D13B76F5C2CB92
Content-Type
image/png
x-ms-request-id
e73cf4ec-e01e-0023-4a79-19a772000000
x-ms-version
2009-09-19
Content-Length
117406
Ds7NXxqkgUigJyyGYNl38A.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		198 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/Ds7NXxqkgUigJyyGYNl38A.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9a96179f39170127a558214400fed5b9a6c8c559dfebbb530138b0becd981227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Thu, 08 Sep 2022 17:54:37 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
jj1Y4sqeszKUTqoezaOoKg==
ETag
0x8DA91C332649BD3
Content-Type
application/octet-stream
x-ms-request-id
eaf99a9e-d01e-004a-5e79-199e3e000000
x-ms-version
2009-09-19
Content-Length
202901
vy789natT0af-dkbJjaSgA.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/vy789natT0af-dkbJjaSgA.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7be4fa548c59ae1afa6f4e013a719befc807fbc2b1202434edb66bacaa9b3879

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Tue, 13 Dec 2022 10:13:52 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
1BBQfxoBOunOqazMM4d19g==
ETag
0x8DADCF2BC85DB81
Content-Type
application/octet-stream
x-ms-request-id
84eef448-601e-005f-6479-19898d000000
x-ms-version
2009-09-19
Content-Length
24098
bd91038e-13e8-4bfe-83b2-2a72c5cfd762.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/bd91038e-13e8-4bfe-83b2-2a72c5cfd762.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1903552d8b003c1f1c0a4ec3e42e7ffc0bb4d8e68eee68a818bf01e6c685f934

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Dec 2022 22:31:53 GMT
Last-Modified
Fri, 18 Oct 2013 07:44:04 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
OyBoVcbkZHt90eBHa43GLQ==
ETag
0x8D099ECF40A8AB4
Content-Type
image/png
x-ms-request-id
3a445535-d01e-0007-1a79-1951d2000000
x-ms-version
2009-09-19
Content-Length
77191
hotdealshawaii
api.payvibe.com/v1/site-url/status/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.payvibe.com/v1/site-url/status/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.107.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-107-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,authorization,content-type,secretkey
Access-Control-Request-Method
GET
Origin
https://travel.payvibe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
ACCESS-CONTROL-ALLOW-ORIGIN,AUTHORIZATION,CONTENT-TYPE,SECRETKEY
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, private
date
Mon, 26 Dec 2022 22:31:52 GMT
server
Apache
x-frame-options
sameorigin
hotdealshawaii
api.payvibe.com/v1/site-url/status/ Frame DC76 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.payvibe.com/v1/site-url/status/hotdealshawaii
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/public/assets/app.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.107.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-107-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
87ab7b6d75a429268b4061ee1aecd19f5103185c80f3ca89a7dce1c12179542f
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Access-Control-Allow-Origin
*
secretkey
Referer
https://travel.payvibe.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
gzip
server
Apache
x-frame-options
sameorigin
vary
Authorization,Origin,Accept-Encoding
content-type
application/json
x-ratelimit-remaining
1976
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
2000
content-length
3083
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 18:50:55 GMT
x-content-type-options
nosniff
age
13257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 18:50:55 GMT
/
www.facebook.com/tr/ Frame 1139 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.staradvertiser.com
Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.staradvertiser.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:52 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
3eb9d388-68bc-4b3a-b2ec-e813b0d7ace0.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/ Frame 3C19 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/3eb9d388-68bc-4b3a-b2ec-e813b0d7ace0.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6358a8758526eebf0dc4b1f4df5e13622de5775d87a02c4e79f093bf00a4ef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
x-guploader-uploadid
ADPycdt3UX7bvXs6wMSduLTAZ6Q9D8_tbf97J0mYDVZZwbLe_4WXaRJQXHUQvgVMBp6z21dqEzr7WOhnte_yQpB9KErrtIl5fHRL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16224
last-modified
Thu, 27 Feb 2020 02:34:12 GMT
server
UploadServer
etag
"bdcf78c2c9afbb4e82da4775667a5a07"
x-goog-generation
1582770852326792
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=AFst4w==, md5=vc94wsmvu06C2kd1ZnpaBw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
16224
accept-ranges
bytes
expires
Mon, 26 Dec 2022 23:31:52 GMT
Inter-roman.var.woff2
rsms.me/inter/font-files/ Frame 3C19 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
09d88ef9bf831e459b0b719bf7237c8cf83db14b
date
Mon, 26 Dec 2022 22:31:52 GMT
via
1.1 varnish
expires
Mon, 26 Dec 2022 00:01:41 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache
HIT
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
227180
x-served-by
cache-hhn4031-HHN
last-modified
Tue, 04 Oct 2022 15:53:17 GMT
server
cloudflare
x-github-request-id
70A4:10DCB:15A3E0A:1646713:636ED164
x-timer
S1668210353.577542,VS0,VE1
etag
"633c56ed-3776c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZKk8mlS6E1Db8BIsnTbfMa5whvQIRMNRjtlwXdbjZwhCHKCqhVYw7YpICOmINSHC%2FA3FuO1Cc3JkT1j21K7pHSm8B8IAPnDNGC7jb8w2YqyUqBQAoljVDG2UCpRECdUpac%2B9pMw"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
x-origin-cache
HIT
cf-ray
77fd44e92d259b9b-FRA
x-cache-hits
2
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame 3C19 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Dec 2022 22:31:52 GMT
x-content-type-options
nosniff
age
1784039
x-jsd-version
4.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
262440
x-served-by
cache-fra-eddf8230082-FRA
x-jsd-version-type
version
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 3C19 		26 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1672093912472&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&page=AdForge%20Ad%20Unit&refr=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=44ba6d6a-5d5c-4013-8f21-7f9aa591a887&dtm=1672093912469&vp=300x250&ds=300x250&vid=1&sid=e5a10bc5-920c-4f41-a0dc-71643c8c79c3&duid=51094852-2df2-4d3b-997f-e31d5172dca0&fp=983239506&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiY2E4NDdiNjgtMTI5OC00NzAzLTlhM2UtODgyMDQ4M2E0M2U0IiwiYmlkIjoiMzg5ZWJlNGYtNDU0ZC00MGUwLWEyYzctMTAwNGUyODI3NDU4IiwicGlkIjoiYzQ2Y2YxNWQtMTYyMi00MTU3LThmM2YtMThiOWE2MTk0NmRlIn19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
server
Google Frontend
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
x-powered-by
Express
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
d0bf5aadc763b018da71a66e5e1fd816
function-execution-id
iobvifwps38q
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
photo-1519076976365-9c64dbd98317
images.unsplash.com/ Frame 3C19 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1519076976365-9c64dbd98317?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDEwfHxjaGlsZCUyMHBsYXlpbmclMjBwaWFub3xlbnwwfHx8fDE2NTQ2NjgyMTA&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::720 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a9c4b27ce87b2ada6e74a94e31cf34c2f3e14add900dcf2f93c2ef5de020d73f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
x-content-type-options
nosniff
age
5402289
x-cache
HIT, HIT
x-imgix-id
9fbe1e1ea2ebe9d08766ffe383ce5070665b7bdf
cross-origin-resource-policy
cross-origin
content-length
30633
x-served-by
cache-sjc10034-SJC, cache-vie6380-VIE
x-imgix-render-farm
01.1104
last-modified
Tue, 25 Oct 2022 09:53:42 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
x-imgix-original-status
200
cta-component.20221226-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20221226-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d8966d33abc88466757b8949292aa2a29b2e1419082d9408f26c1bd3c69e7ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
7imUaCAtRwMVkDTMv3huor7gy90vxd0a
content-encoding
gzip
via
1.1 varnish
date
Mon, 26 Dec 2022 22:31:52 GMT
x-amz-request-id
YFCCYH99ZPMQTYTJ
age
31247
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5108
x-amz-id-2
NUEdPR2FKkS0CvGmi5tpeicEtNVV91zMaAnyrLVNapAMR4DHntC6xSGA9tJBslsWDPcTr+GG9K4=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Mon, 26 Dec 2022 13:50:04 GMT
server
AmazonS3
x-timer
S1672093913.595005,VS0,VE0
etag
"f75ab5ad0fa64d66dc0987053c3b7b41"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
cache-control
private,max-age=86400
accept-ranges
bytes
x-cache-hits
52691
userx.20221226-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20221226-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac565fe89855b42ce5b058d7f7abf2355e820def27e51e1970a2d5848a69d6e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
ACfU9ir_3BaeqVE4WWqkh6KbbuBzPOiM
content-encoding
gzip
via
1.1 varnish
date
Mon, 26 Dec 2022 22:31:52 GMT
x-amz-request-id
D57JJ0A1V077570B
age
31097
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
5c8wuf5UEoNVHkIO4kRoNSTMSPsZOS4h9tfGq+/MMLopeTFChr/ATw+ZCrIj1AA32BsdNK0J7wk=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Mon, 26 Dec 2022 13:53:29 GMT
server
AmazonS3
x-timer
S1672093913.595790,VS0,VE0
etag
"262d10a0de957a75593f844f5beaded8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
cache-control
private,max-age=86400
accept-ranges
bytes
x-cache-hits
10060
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.8/ 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81f956a5201477197f85f87f7a3faf16c4c87d3cac75160959ab5fdfb25a0da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
462820
x-cache
Miss from cloudfront, HIT
content-length
30422
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Tue, 22 Nov 2022 07:02:09 GMT
server
AmazonS3
x-timer
S1672093913.598703,VS0,VE0
etag
"7fcf5cdb23e918c79141cd7bbdf0b9cc"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
i3FeZVuxT5rzQjQigQERwLYntDmgtn8zUeXQ9Xc5dohS1oCcqcw28Q==
x-cache-hits
35467
feed-card-placeholder.20221226-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20221226-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5afe4451aaf3d440b6209cafb4aa89697dd263a888c61d297e7112e847976cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
k44LgLWbZJSMdaM9cUHdKwp5pcMQU8xB
content-encoding
gzip
via
1.1 varnish
date
Mon, 26 Dec 2022 22:31:52 GMT
x-amz-request-id
831J7P85XMJZANT0
age
31160
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
4pD25kDAUVgpdLo5ZQ+kpDgpI5iljEwX4qsH6YFHhML1KOCxzcPdRgW71ExJXpFFI1jDUYBbmxs=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Mon, 26 Dec 2022 13:50:33 GMT
server
AmazonS3
x-timer
S1672093913.600193,VS0,VE0
etag
"bbb1ca2bdd8c82298d79b8cc50a1ef52"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
cache-control
private,max-age=86400
accept-ranges
bytes
x-cache-hits
66851
feed-footer-overlay.20221226-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-footer-overlay.20221226-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8899835dccc19246c0d1e638b31e783ef194e46c832cd70e9d478ff32e22d61f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
ajBqDfQNixTJzGU6FcFUwhRr0jYZ0iln
content-encoding
gzip
via
1.1 varnish
date
Mon, 26 Dec 2022 22:31:52 GMT
x-amz-request-id
MS5WQ9Q9ZAT6YDJT
age
31086
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2499
x-amz-id-2
Kky8FMv8zjNjazurOqbguLkyahFBDiOr9tBye52ANjRF6H8xykUICRZoubGeSPe611j5spctQlI=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Mon, 26 Dec 2022 13:50:40 GMT
server
AmazonS3
x-timer
S1672093913.601471,VS0,VE0
etag
"4b972d1c9a2cff665f285a2a80d6308c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
cache-control
private,max-age=86400
accept-ranges
bytes
x-cache-hits
1774
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Mon, 26 Dec 2022 22:31:52 GMT
x-amz-request-id
P5R59Q816A0M149N
age
80
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
WEbDtuEW9aPhjYqb/1XpN75OZG5627okPogaahiOLCmZjx8PJ3qhQ1cEsdaWdQtUDRYMuPNDwqA=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1672093913.621447,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
82
explore-more.20221226-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20221226-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9161c3443a72d415ee2563ded44b7d05fac6427d00f58560da1dad0e43f00352

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
vncBVSUffQG5S4s933.HeAbD66_S2df3
content-encoding
gzip
via
1.1 varnish
date
Mon, 26 Dec 2022 22:31:52 GMT
x-amz-request-id
BBF75FXH9FE6FW96
age
31197
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6613
x-amz-id-2
Qp8Ss/QAwfVhH7Utoai32Q/tagIZ6Q89QUfsvrZsxM2q0RCGZe+jU80vS1HQwUefkcDsVv1a3Tk=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Mon, 26 Dec 2022 13:50:25 GMT
server
AmazonS3
x-timer
S1672093913.687480,VS0,VE0
etag
"e4277dc5b5a87c2c48597198cb70a479"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
cache-control
private,max-age=86400
accept-ranges
bytes
x-cache-hits
38602
supply-feature
am-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/oahu-staradvertiser/log/3/supply-feature?route=AM:AM:V&tvi2=4948&lti=deflated&ri=e56bdf9eb4dc7fc5099c4782bb9b8163&sd=v2_0bc2b9393a1c7c9f928e0c49a24b620d_1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657_1672093911_1672093911_CNawjgYQrK1FGN2QwYTVMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGjvhs2V9cu1kixwAA&ui=1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657&pi=/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve&wi=8731165441885606960&pt=text&vi=1672093911133&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A31%3A52.686&id=1271&llvl=2&cv=20221226-6-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
2c18a412-c420-4567-974c-ecf233063fdc.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/ Frame 4866 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/2c18a412-c420-4567-974c-ecf233063fdc.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8e5b1138e65266721c74d542dbc50647a77d5586ff88a097b2c31c268968aecc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
age
0
x-guploader-uploadid
ADPycdtn78AaVliA_SibDBQwduEMkSAeEeuE8y9MVhj34wloXBUx7hP9msqiO-XJx9G1Z0FS-hcQBtwldFYe2teIrRq6_w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42463
last-modified
Fri, 27 Mar 2020 06:07:46 GMT
server
UploadServer
etag
"a79986210cea57ede4241fec6b357d89"
x-goog-generation
1585289266714301
x-goog-hash
crc32c=Y3WUMQ==, md5=p5mGIQzqV+3kJB/sazV9iQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
42463
accept-ranges
bytes
content-type
image/jpeg
expires
Mon, 26 Dec 2022 23:31:52 GMT
Inter-roman.var.woff2
rsms.me/inter/font-files/ Frame 4866 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
09d88ef9bf831e459b0b719bf7237c8cf83db14b
date
Mon, 26 Dec 2022 22:31:52 GMT
via
1.1 varnish
expires
Mon, 26 Dec 2022 00:01:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-cache
HIT
x-proxy-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
227180
x-served-by
cache-hhn4031-HHN
last-modified
Tue, 04 Oct 2022 15:53:17 GMT
server
cloudflare
x-github-request-id
70A4:10DCB:15A3E0A:1646713:636ED164
x-timer
S1668210353.577542,VS0,VE1
etag
"633c56ed-3776c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7%2BzYuKSXET0lM3l1QFxhIrHYp4AqAQAlXXq9MbPVu9NtDUZ9Uz%2F0jSoflEa9J9mEkshahQlhCI84rW1cVVMJH2SfEC6tAn%2FgTHNKtBCaISpa9Zfcvzk8n0EumTSXX2KsC79lsgH"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
x-origin-cache
HIT
cf-ray
77fd44eb181d9b9b-FRA
x-cache-hits
2
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame 4866 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Dec 2022 22:31:52 GMT
x-content-type-options
nosniff
age
1784039
x-jsd-version
4.5.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
262440
x-served-by
cache-fra-eddf8230082-FRA
x-jsd-version-type
version
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 4866 		26 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1672093912804&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&page=AdForge%20Ad%20Unit&refr=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=44ba6d6a-5d5c-4013-8f21-7f9aa591a887&dtm=1672093912469&vp=300x250&ds=300x250&vid=1&sid=e5a10bc5-920c-4f41-a0dc-71643c8c79c3&duid=51094852-2df2-4d3b-997f-e31d5172dca0&fp=983239506&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiY2E4NDdiNjgtMTI5OC00NzAzLTlhM2UtODgyMDQ4M2E0M2U0IiwiYmlkIjoiMzg5ZWJlNGYtNDU0ZC00MGUwLWEyYzctMTAwNGUyODI3NDU4IiwicGlkIjoiYzQ2Y2YxNWQtMTYyMi00MTU3LThmM2YtMThiOWE2MTk0NmRlIn19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
server
Google Frontend
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
x-powered-by
Express
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
0c3d493e1248a3db158cac7168c3b7f8
function-execution-id
qwxbvtu4axkm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
photo-1604908176997-125f25cc6f3d
images.unsplash.com/ Frame 4866 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1604908176997-125f25cc6f3d?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDI2fHxjaGluZXNlJTIwZm9vZHxlbnwwfHx8fDE2NjgzMTkyNTc&ixlib=rb-4.0.3&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::720 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
779f952cd430c10a7c1c89067e94a39b3ef4e4f336e25e0a52b80bb923747078
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
x-content-type-options
nosniff
age
3774401
x-cache
HIT, HIT
x-imgix-id
518a5a8425c852ed278092f5868406b590dce38e
cross-origin-resource-policy
cross-origin
content-length
94494
x-served-by
cache-sjc10077-SJC, cache-vie6380-VIE
x-imgix-render-farm
01.584
last-modified
Sun, 13 Nov 2022 06:05:12 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
x-imgix-original-status
200
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame EC42 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:5a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
787e3396f1ff0f54337135bcaec8e8c75dd0b2a1687c3b0ab4948e872d316b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
xJUdICquM4oKT449krCHztTk_4l_Xs3L
content-encoding
br
via
1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 21:51:49 GMT
last-modified
Thu, 03 Nov 2022 13:13:11 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2404
etag
W/"3ce6a7637e3e0b41a7cc4d619da1f7f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
hUi8E8jl4L1ZggyHSveJomLb1-OSLxNmbdyYWbpxldAV7pU-hMZ-lA==
adview
securepubads.g.doubleclick.net/pagead/ Frame EC42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqyaT1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEggNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP2Y3F7doUXIUrJP-qJfV5r2-lqIjeTRNGTE5fOVOIBHrqkdORXyyOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yNjk3Njc5NTE4NTE1ODg2GNTEDA&sigh=IqPYrWyxWFg&uach_m=[UACH]&cid=CAQSPADq26N9yPwWIXmk9iSa9S1OGfmCwE9-1qnn8JZT4AjpRgikSN7_kPhQ5hc_lkg2tXJnaE8GNEY2v5WPvxgBIBM
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame EC42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1h4gaf1fcfx1aykw4d11c4n2v04fk4efd37s0k62q5xd76jnfzhv94k7444vx06v6eqxq2s4mxqjz74haxng1a1v6z00g56zz5h4qn14egftrt7yh3p5vm16qcfs2s3z28gxkh50rpbf9rwt0nv7mzmh3epbb6t2hc3w15j3zc2qnatesf5kp968bs8p7rkc2hxxb87afggb85kr6nbax9937raz5jyb7vqehtpy4sp94wr5j7eg065d804cv23206f64gtk40vsz3s9p0a4s880qrrqw2yb0vpnd06xjwjbg28g0s7ayedptfkae9apcm6b3tab47wzdnfkga561khde1n08840jtrhxnpd3w2e45bj97c942gfqxcq9a90gvagppm1pr&b=Y6og1wAHe7QIu-0FAA4G_iWkpNpg467DwK6TTQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Dec 2022 22:31:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 5978 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gfp0av1xg3tn0c7z952162zeffzcznqzsx46kvjtd3h93ggsy7h7452w6c487nm92341d7cb91q7fzdsbwpvhj3dx3jnmfk0284mjczbs8g384cmh7axkz716fvj0f7pb6mh7acmsrmta5xwegqqmdd2zjay1mf4cfzbm2crhvpkqx5bawk7qeay3amvb898d3j48vk0gbzneqhcrp64g35s35rtb694gc6zn71d9a78xhefasscv1erns6jtk9d5rbat6rr6jsvqh0m2f2ffxe3jrax962ks10751nsdjrz0vmkmndw30718hhrmyf0tn32f568m0cmx55enag4qr21avj2wbj13pw7gtdtbgv4s40n0t0h6rt0xg5f9sj8a10kj9kdymyfwgz09a4jh90ye3bca1436fkqdv9hctw3pc2j6mf4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9ea31dfcd550fafb23a576703212b77785580af9bffb27eb667f2b0a2c38647
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77fd44ebedaf9bb3-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:52 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EC42 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
24010
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 15:51:42 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D5E4 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54230
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 07:28:03 GMT
etag
48472445140208031
expires
Tue, 27 Dec 2022 07:28:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EC42 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
35922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
l
www.google.com/ads/measurement/ Frame EC42 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpB6dQHWLLPg1ii7HVA6OleTNJgYfqIGCnPLh9AlESKutuxdQQgcf_v4fjrI5KQ6f3qgs6UD-Lv-sjJduSCsljaBY0hA
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EC42 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
198998
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC42 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 22:31:52 GMT
pixel
protected-by.clarium.io/ Frame EC42 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31gl890jqi&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsNTEzNjc4NS9zdGFyYWR2ZXJ0aXNlci5jb21fV2ViXzMwMHgyNTBfMiIsInkiOjQ2OTg5MCwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC0yIn0sInRwX2NyaWQiOm51bGx9&sb=undefined&cb=9768779&h=www.staradvertiser.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.137.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-137-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 1570 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:5a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
787e3396f1ff0f54337135bcaec8e8c75dd0b2a1687c3b0ab4948e872d316b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
xJUdICquM4oKT449krCHztTk_4l_Xs3L
content-encoding
br
via
1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 21:51:49 GMT
last-modified
Thu, 03 Nov 2022 13:13:11 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2405
etag
W/"3ce6a7637e3e0b41a7cc4d619da1f7f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
MgM0tdIZx3aqnSSPWZngMjL56lFH_wLIJtWBAfzB8zaSqffBm8ELAA==
view
securepubads.g.doubleclick.net/pcs/ Frame 1570 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthNdZyUdI8-F_xw7FqqqvZ1HeWYLz9Fv232OalMGDp1JzYOrFc8FLst2mXY9yssM8HDRYjhokFcSexgjj4TIDYoaLPchzPOIUdzN3Q5zoJ2qM81SkFyQy3xOcUvSkMRVjGhzcsYhgXtMPtBNLRK3HK8yrX5aduEynANwbcuG6pW3vEnaY2UJrqO8QYO0lH3QMttbb3FnTogorw-drkeNROM_58wwBqUIN_-lDTsO4j4cgS7Ek6TGAvWg4v-hS_FMzJhsLxlsE_ootTt5zqQlvy3XwQaOLHJWOJO-JgeDsSnl_Tq-gB-JRpKTAxSMXjOyGoNkhe1blEpw&sai=AMfl-YSCEz3_EnP2mL76GDnxYRU8GkhU1FRDjMjYRrBR5nNf9b0CUxpZ8Mx49fjNMF93MU8d8iezCVWhmYnyRaGlLU5HbcAU2Lh960UqUIq6lqdIIIt55AzRp0ThCRLUZJxGuA&sig=Cg0ArKJSzPmuEZM8cbNZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1570 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
35923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1570 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
24011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 15:51:42 GMT
l
www.google.com/ads/measurement/ Frame 1570 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAvk2sklrfeLFdpXaIAhHuwP6tz1_8EQWWH_aDHOzr2ZSJl4SgRL3GhA0ie6irwExLcb7Q
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1570 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 22:31:53 GMT
18089032910229245794
tpc.googlesyndication.com/simgad/ Frame 1570 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18089032910229245794
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f6530122006490e64e6c925694cb22812d69fb06374a540b1c329e21267f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 17:18:33 GMT
x-content-type-options
nosniff
age
191600
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37779
x-xss-protection
0
last-modified
Fri, 14 Oct 2022 03:12:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 17:18:33 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 626B 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:5a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
787e3396f1ff0f54337135bcaec8e8c75dd0b2a1687c3b0ab4948e872d316b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
xJUdICquM4oKT449krCHztTk_4l_Xs3L
content-encoding
br
via
1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 21:51:49 GMT
last-modified
Thu, 03 Nov 2022 13:13:11 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2405
etag
W/"3ce6a7637e3e0b41a7cc4d619da1f7f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
WHI1wFTLwjMmJKamoLj65NbCtZgbrAiPRxcmNqt1BowQIOHGHwrYDQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 626B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttMUa9XlTH7shEOGgxtaPguqJnmtd_BkmH8TDSI5euF0Upz_q1GRSZA9dLKCL70NH-szJsxV0Y3xVvIuhnoE7iv_9tVCI6SH4MDt2Q8j-9BuqykHwITT_MQNdzN5evidWpXHTVDn5SSO9dqeyBqPHtGmE0gsBOROj-Bp7FtgAHoT4mPQf1fQqiUtyFlQXDEn59-SDMfXhVEf81hHLBvjZJf7Y3KBwef1h-jGWbjU5_wog_S_0rLqHb9iR7CXEFJlbdVhCEAS1gHrzutgELgP9cYECJypW_I-ojBhjOSWFu1AaHAsRm6tqmZtxRoQigPjKhq_FtaXSodW6L2vU&sai=AMfl-YS5sBCyUG97Hyjw1_8DVslTl8N_YzDMQRlve_eWsG8NfLtiJQo842Lrtaabm_2cNhL9FDDdGXg0iFwoJ8k2iOXAZ5ttztuXqyJZMurJSfgtJY3LzQYD0D2oGvlqE2K4Rg&sig=Cg0ArKJSzJLA15IGZ2rJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
zone
tradehouse.advertserve.com/servlet/view/banner/javascript/ Frame 626B 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=382&friendly=friendly_1918216196&pid=0&fr=400&frlm=1&random=1918216196&encode=1&origin=https%3A%2F%2Fwww.staradvertiser.com&referrer=https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/&cturl=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsu4v6LeA7sh_Fx_SNetDEUOX_y2Wo_hI1Mq347mA546xKtaImHSxnpW_F52LOVcqTH6wmWEpsXtnsrcEab4b4rMeBUssKsg1qL5Jkjhtga3s_l9mQqJIzesNPRTSdY3c7RTB4PR4E05WsdA4ru93weolKO1s4UJ1FKCf7E-GXa5dmwWjg3e6fC42DyfZu6rz_kxEY1uMwAXlIJSHSFliL05TzfSxipTMf0q0Z3-v4EXGuTj0_5tpaMuzBwGnylfGTIMCswEbpUOTSWpibenn-5peyWMWRPgn1AQElpaxral1ZN8qDrnmsv-FUnsM35mBwRmxDANZRoNaHs&sai=AMfl-YRFnus8_B4F-nP1_KXYeP3Ftnms_eOGaAk2aJvE2wrTDzShrbPFBmdFtLMe8vr811hEv01crU6H93EGU84DSrUsSTan66Pb5syUVtNBb3xjtPU-kueIxXplM-PkJOQA0Q&sig=Cg0ArKJSzPAwia8eOinGEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.255.62.201 London, United Kingdom, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 626B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 22:31:53 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 2414 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:5a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
787e3396f1ff0f54337135bcaec8e8c75dd0b2a1687c3b0ab4948e872d316b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
xJUdICquM4oKT449krCHztTk_4l_Xs3L
content-encoding
br
via
1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 21:51:49 GMT
last-modified
Thu, 03 Nov 2022 13:13:11 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2405
etag
W/"3ce6a7637e3e0b41a7cc4d619da1f7f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
TABHA5geyAocJDmpSYzSmyOBMUlnc8i7QLuSMxxzYWPmpLoE8YnazQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 2414 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssa0BT2sUbb9Xwo8VWD72Gne7kMkW0I9vW6erPeo48UPcmmyjAgtv9M7uFAeXvDWErvaFxtd_tHtky88fzKpKcpEDyNIR5-z3WgkCRy_izRvkwDh2aj_kV95z2Fxs2CsDPs51E9eQ35K0UDgJtK6p_JSF4G-aCoV_eFdx89P_y8VKivX0_5J5cjoPf3GVr001AsVYMXiK73sGm-Kr14420rvsa1dZ8DfOyv0RWadZqDoQF_NN-09llFugDJ1F90pIC5KiVb2MDg8x6_5Aisov5_wEHBG1epRv1MHuJEzQjzHMYagiYu_ftV0JoNzc2Qzmxz4VHNPfa3kqH4fNQ&sai=AMfl-YS-9DNmp3NtoeeajeP48qNA0QGIOLtTjhoEDhxtFw0NV7cv8xa_wTy8x6GZuS9-FH8lvsgA7PQes7pD9eO_canF3FJ9GjI2LqraHyutpn40NbU0A3ndNPiBS39M2-p38Q&sig=Cg0ArKJSzIUHrP6mg-UOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame 2414 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:8400:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
137610315b762c596611768205a6ac7d1be7994ebde09d2ee5ffbc7df0c6b463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
C2Ef3.XrzUfQK2BvQOWQT0sKwilYGE6c
content-encoding
br
via
1.1 9a736972b021a4b2382c29923f73ce8a.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 22:31:53 GMT
last-modified
Wed, 21 Dec 2022 22:16:47 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
age
21
etag
W/"d186d1e9b103777616918d39bb9a00c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
XLv4F6eR34eeZYv198chixJelJPap7peYpKRBADZTypcXm6VL_bz4A==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2414 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 22:31:53 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 089A 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:5a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
787e3396f1ff0f54337135bcaec8e8c75dd0b2a1687c3b0ab4948e872d316b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
xJUdICquM4oKT449krCHztTk_4l_Xs3L
content-encoding
br
via
1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 21:51:49 GMT
last-modified
Thu, 03 Nov 2022 13:13:11 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2405
etag
W/"3ce6a7637e3e0b41a7cc4d619da1f7f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
02aIfUy3rklK4Dmzc8Ans-TJboZ8fnpZvp8JJCY-cePoOnsy6VjIng==
view
securepubads.g.doubleclick.net/pcs/ Frame 089A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbEOVYb57lz7NzRJHhl3x2nEbLo52Mnctrp4eXhN3h6MGDTkxrKn0LZfyMoKQKmgnJnheqpajxSTDpSceL3tl_96iowKnNhdo9r9VHRAs1iR0gKbGAGWP9xHCwqXzyO9Vf6rWUPqEcxg9WCpy7rpVRJZqwWq0ZzQB2nW5G3TkotYzwzX-Jga-mEc49y4pHx1gZdYQ8jIdFyoN8GE9t5peqkRAKBLE1xmnRM44Q41zC5dWgYwjrc2u8jV3vjESpT40GGKchGfcXZIdrjpaIoGMKwKSnH63CMQGZ0SJmQr_eEO_zYCOKDMFjIM6qKucT_uv2FGqPbtfz9jY&sai=AMfl-YRuAgDyKYITvLDR7OyQRAJWM3Fa5HXERv7oS5DqnAIrUU6tk1Han8lh47s7csnXPMtna7rywOFgWljaS-us9US2EbCgP5EF8xqY_d5TwjWFADI521yvReVIzHma9dURwQ&sig=Cg0ArKJSzIvLpz8AmmYXEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 089A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
35923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 089A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
24011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 15:51:42 GMT
l
www.google.com/ads/measurement/ Frame 089A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuswJww7XbD-y4FyObzemBGOo1M5sepD7eZIxuHM1ubQU-A0kO6NlKe-eOQdns1-4nsFrh
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 089A 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 22:31:53 GMT
7583125336026224485
tpc.googlesyndication.com/simgad/ Frame 089A 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7583125336026224485
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93141d6a8efaf5c18231935d042ef767c28efcbd77ed3c1725bfac21eb15af6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 02:19:14 GMT
x-content-type-options
nosniff
age
159159
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41342
x-xss-protection
0
last-modified
Thu, 24 Sep 2020 03:03:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 25 Dec 2023 02:19:14 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 650D 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:5a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
787e3396f1ff0f54337135bcaec8e8c75dd0b2a1687c3b0ab4948e872d316b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
xJUdICquM4oKT449krCHztTk_4l_Xs3L
content-encoding
br
via
1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 21:51:49 GMT
last-modified
Thu, 03 Nov 2022 13:13:11 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2405
etag
W/"3ce6a7637e3e0b41a7cc4d619da1f7f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
dOcg8MJ3FP1Z7sVn7amawDu9KBZT0bFFhI9JG4fPaKR_6czgOPCi-w==
view
securepubads.g.doubleclick.net/pcs/ Frame 650D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2_WKxn4uVbFadYtk7TF9k2YGHDx0AHcm0At6RO_5wsRbtD597N-2gxrj9O17jd9zDIEpN-Zk-zwbR2FO5R8LutAovxbeI2L8sUEKud8hTg_NG45MKL49B_HY1mia6fRbHh_Udn-tuEHf8jSsXRS27TO5r-SwNlnFem2_ezgkAkE0RSjPRsNR3SisEpRA3d-T2Jzl08sVLiYgrkr95AZrbdlt5k57M67s7CYgwuYJyH-FRIaMeqcHq1DXcT9laZu7axmA8w_CJ6kP27E2LPWP1I9KbFNaWfmkEAAiXKoq6FGA5SaQXfE6iy5z37q_F-h5aQFueCS9Zg2ES51s&sai=AMfl-YTKUBQHtq_JftUMxejJ0BvgoFqNXYYSrFAyuOc-5Gt0kX3UmxkTdU0a5JE0SWLRA9aRZOezwf9EXu2eyo7q6DEsGI3FnPJ468Hv7Lapv3YUkEqg713JYAi-43QAEhd56g&sig=Cg0ArKJSzNx77rqj3RnBEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 650D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
35923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 650D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
24011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 15:51:42 GMT
l
www.google.com/ads/measurement/ Frame 650D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaShS1psgrKMfGIcClbFrBgS9NVYH4SWhh2-TKZFVAPubbfiyCJlP4SwLLQT97lk5PWixXtm
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 650D 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 22:31:53 GMT
10140896390764221721
tpc.googlesyndication.com/simgad/ Frame 650D 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10140896390764221721
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad8d84c2ec2518e28587554f3ad11b45899af49d2ea57ef1cba53d6ca0496b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 06:36:25 GMT
x-content-type-options
nosniff
age
143728
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42365
x-xss-protection
0
last-modified
Tue, 06 Mar 2018 02:40:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 25 Dec 2023 06:36:25 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame C2EE 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:5a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
787e3396f1ff0f54337135bcaec8e8c75dd0b2a1687c3b0ab4948e872d316b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
xJUdICquM4oKT449krCHztTk_4l_Xs3L
content-encoding
br
via
1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 21:51:49 GMT
last-modified
Thu, 03 Nov 2022 13:13:11 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2405
etag
W/"3ce6a7637e3e0b41a7cc4d619da1f7f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
WM_XTRKyQ3rnInRjrAf_RQqXaptiNB_Un7LBouaqKwgEwxNbtzinvA==
adview
securepubads.g.doubleclick.net/pagead/ Frame C2EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLq5W1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT9Ak_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjEweQFuQEkS8vJtnMP90mCJIzQ7OP_voWWvacJGW4C_TErMS0gzROAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjY5NzY3OTUxODUxNTg4NhjUxAw&sigh=P6TYIZ7ZbhI&uach_m=[UACH]&cid=CAQSPADq26N9e44roN6Wp9zpgfUiJSv5CbFRQBWQ47w8eMnYGm4yQzlhLSWE70z2WT5GDcOIZxaX3hU5yj5AbBgBIBM
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame C2EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gk9505xzxz0d4ye2s5xmsb28fyx2v4axbsz9wbb37fnft8qx575g4vfsxf9hkwmszqp63j20jrysg8v3tpna0d35z1t3v7zf36y09ry3zxepyey7bypf1h3rvk8y4mm72mg7y7h88fd0r1rjmf5wqs9cpmzp86vvd1n5drt8q9y8mbyn2tvh1q0r3jam2cewrkc48pbgvs279xgz3f5ywf7z6p2293dmq61e64w2m6m807pvaw7526g0z10j6en2rx50djetc7gq5byaw09bshz0n6mnahfa1f19rgkm7jb9xv0gzj5pk279eteapa39zr6fapc82krnggz3s12htbec9qh39efz2wzy3frsvxed6sbqyt6tmzmt8k563ns4vqe0ef36m&b=Y6og1wAHiSEK5VDUAAMW3EwnYIhGzKnPCKdsNw
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 0B23 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gg8b1yqqy0v1f6b3fhg9sg0yxxyne5cvep6q2zq7v6s6btdm7fc4z9stxbap1e82sc3njsk8r3t6ytkgv5m63e2yytd1pv7gs4wj5j4b5r4rbgvnm1n7jmmkxs0xcbe44xx5976wmewxc0xf141atc6vp6xwh1d8rgnt4xqsqvydr14dqbryn482at046z9cncs5ctw141ss69ya7910j7rrm9xp92mbve5qn5b3p92p6y1hrpeevkcgxcr7xdn6z3tp6rgyy6hm7xffnamt7g9kcj0t7f2wk3ndq44rn79wkcdxrgcgx9fm3nky5pne6j128n6tcgkw315bm5nds3s0xeq9h5apqtqfgqhh4nwb0yxqyf9jnncsx9jmv6tmzjqwbbr32y3b7g7dqg7sqtwdpz92217c6cq1krnypx7gdfkz7y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
437199fc5b9b27d6141547041bfe8a3995d3a28ec0a27280ddb3ad0751e884c4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77fd44ecfc5d912e-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:53 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C2EE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
24011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 15:51:42 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4FA6 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54230
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 07:28:03 GMT
etag
48472445140208031
expires
Tue, 27 Dec 2022 07:28:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C2EE 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
35923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
l
www.google.com/ads/measurement/ Frame C2EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaXOxEFch2znk5cD63KQgw2tX93lZnRWMKhh-lsge_tGGiH8WnCeUAP-S77FD9hpDdatLgFFNtY8GpOzRIfjnWEIUE5A
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C2EE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
198999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C2EE 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 22:31:53 GMT
pixel
protected-by.clarium.io/ Frame C2EE 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6NzI4eDkw&v=5&s=v31gl890k0m&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsNTEzNjc4NS9zdGFyYWR2ZXJ0aXNlci5jb21fV2ViXzcyOHg5MF8xIiwieSI6NDY5ODkwLCJjbyI6MCwicyI6ImRpdi1pbnN0aWNhdG9yLWFkLTQifSwidHBfY3JpZCI6bnVsbH0%3D&sb=undefined&cb=1249728&h=www.staradvertiser.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZOekk0ZURrdyIsIndkIjp7Im8iOjI4OTYyMTcyNDAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.137.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-137-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 276B 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:5a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
787e3396f1ff0f54337135bcaec8e8c75dd0b2a1687c3b0ab4948e872d316b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
xJUdICquM4oKT449krCHztTk_4l_Xs3L
content-encoding
br
via
1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 21:51:49 GMT
last-modified
Thu, 03 Nov 2022 13:13:11 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2405
etag
W/"3ce6a7637e3e0b41a7cc4d619da1f7f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
Ww2AgBLII-c0tjeKsuqLtfl4CkhVdYQ82FF1gW3S-7RU-bvAWQK96w==
adview
securepubads.g.doubleclick.net/pagead/ Frame 276B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ4F51yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEggNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuayVk5FFPs77h_MnFX1r6TU0T_xA1lML1P38BaP0sW68PdCBobyd8eAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yNjk3Njc5NTE4NTE1ODg2GNTEDA&sigh=8W6jYJAYO44&uach_m=[UACH]&cid=CAQSPADq26N9Xmvx6IJc6VtovoNdSJmcJ3nfInlNaTSu0h2mYXPfPmNq25eQraLyfwVAn6gUFy65AvJxaoUTMxgBIBM
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 276B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kkptnyzw36mhxmmqh0eykwnsh7ake5ba2awt678rv1kvay9bendbf9b872jjee0dkpddc8q66nq00b95vwayhjxm6d1c6c4yeerhseaq05rpw0s0jw7zbwyv6rqv004qs31a7j0bp4cbpnhn4ay7bsd6x2frn1r3w4g0sskhj8cha42wge9eakx7y8e0vjcxjtqdbhwejtk7wfc8v7ywgjmaxysjf3swbjqcgkdj5yvhqgvyd8ybsmksprr79xnpjx9zvr7b002x53zmmb7ch13zt2syc9dt8f1zhs64m4d19r8tdbmgh1evcx0cq6wn77ey604mfp3y3qhr5m71gc84vf58e79zjg8z96n7rmeapd8mc5q7vq1sp4xq2etq8zkb1mvpc&b=Y6og1wAHd38H_YdHAA5t4Wd7MnT4gNtdr3k4Cg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame FFA1 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kxshhgwhj8kn4xn630nn7j1cwwctf8tem3f2ykqgz6nk4ygjhagb8vtq8j4t9kpm99tn712w9gw6ygfs5112bytdmr598tvmb4p9n4ve33w5k6q99pvqgkek895hy1gkn3rhab6vmfvcq6qwjjfcy0aas1vqtjdxjckvmnjc49dr7scegxvjsdk1mtsmpnyf6taj93c5v0gssn2ktpp6bdb5pf5gpzzxjrf5a21ewr82zs3q86p4ctz7xnxtxrwhz2rhpg220ejptpf85k0mzbha86ejramcmckem9xkwwds3q7635e62myf3hyxxj8wxwxyh4fx75hkgfbdabajc21rh7n8hdyx6qfr1r9q0mje5qc2pjqnsn5prg3bnkqwycs0n7q4n8dbq0p15nb6mdqtcvtnqq3tds9r7qvdhrghx58xjpc8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5406c4ab3b8e55180072dce3ad70d0a7afcee54689860a1fa67875588f86a227
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77fd44ed3cca912e-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:53 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 276B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
24011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 15:51:42 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 568A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54230
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 07:28:03 GMT
etag
48472445140208031
expires
Tue, 27 Dec 2022 07:28:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 276B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
35923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
l
www.google.com/ads/measurement/ Frame 276B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYtZRJuZLnX_4-MTZhKjbIeeMfIfftRwcGVH1ti1ne-LuMzKg_d6UGc0FF35OmfyH7AZOnlv24SygpzyMPYx17BfaG4A
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 276B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
198999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 276B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 22:31:53 GMT
pixel
protected-by.clarium.io/ Frame 276B 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31gl890k25&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsNTEzNjc4NS9zdGFyYWR2ZXJ0aXNlci5jb21fV2ViXzMwMHgyNTBfMyIsInkiOjQ2OTg5MCwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC0zIn0sInRwX2NyaWQiOm51bGx9&sb=undefined&cb=9421227&h=www.staradvertiser.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.137.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-137-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
abtests
am-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/oahu-staradvertiser/log/3/abtests?route=AM:AM:V&tvi2=4948&lti=deflated&ri=e56bdf9eb4dc7fc5099c4782bb9b8163&sd=v2_0bc2b9393a1c7c9f928e0c49a24b620d_1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657_1672093911_1672093911_CNawjgYQrK1FGN2QwYTVMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGjvhs2V9cu1kixwAA&ui=1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657&pi=/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve&wi=8731165441885606960&pt=text&vi=1672093911133&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1672093913220%7D&tim=22%3A31%3A53.220&id=9268&llvl=2&cv=20221226-6-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/oahu-staradvertiser/log/3/abtests?route=AM:AM:V&tvi2=4948&lti=deflated&ri=e56bdf9eb4dc7fc5099c4782bb9b8163&sd=v2_0bc2b9393a1c7c9f928e0c49a24b620d_1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657_1672093911_1672093911_CNawjgYQrK1FGN2QwYTVMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGjvhs2V9cu1kixwAA&ui=1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657&pi=/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve&wi=8731165441885606960&pt=text&vi=1672093911133&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1672093913242%7D&tim=22%3A31%3A53.242&id=3175&llvl=2&cv=20221226-6-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
6f53a38d25f0ea772db614fb941519e4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b91ac7df59db5e97dd9c27fcf330c6955130e3118b635e19fb2e97c023509cf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
age
6421516
edge-cache-tag
379226829563982640636830187610323967922,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
379226829563982640636830187610323967922,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
105
expiration
expiry-date="Thu, 13 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://tasteofcountry.com/
content-length
39238
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100048-IAD, cache-iad-kcgs7200064-IAD, cache-bur-kbur8200162-BUR, cache-iad-kiad7000116-IAD, cache-fra-eddf8230023-FRA
last-modified
Mon, 12 Sep 2022 12:08:03 GMT
server
nginx
x-timer
S1672093913.264969,VS0,VE1
etag
"46e62d7d1cb17cd088bb3c80abf5ce19"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 5430, 1
5d6b03f19cc1f23aa1ce22a436c36e97.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d6b03f19cc1f23aa1ce22a436c36e97.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4dd5a40846ff9495a7705c9003d68c057552821fcb8866ea309a82a8ef76ccb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d6b03f19cc1f23aa1ce22a436c36e97.jpeg
age
2197639
edge-cache-tag
380020255213975030918327654955122484175,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
380020255213975030918327654955122484175,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
567
req-referer
https://www.espn.com/
content-length
25844
x-request-id
33c91d773b884e11bcc1c772712fd3fb
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000150-IAD, cache-iad-kjyo7100069-IAD, cache-bur-kbur8200038-BUR, cache-iad-kiad7000155-IAD, cache-fra-eddf8230023-FRA
last-modified
Thu, 01 Dec 2022 08:47:09 GMT
server
nginx
x-timer
S1672093913.276788,VS0,VE1
etag
"64fefe16f084dd52c4e5d4ac04956449"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 13, 1
dc1aa9c7f4feacc0362da8965be88cd9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab32357046cf4a9d0ac14bb34f9495c42cf3589a0d126536c95ae866abd79a0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
age
5737298
edge-cache-tag
570355061721211699538449521237231190296,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
570355061721211699538449521237231190296,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
97
content-length
14044
x-request-id
9de4a8804e5a97f266b31d0a0dec66e4
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200120-IAD, cache-iad-kiad7000099-IAD, cache-chi-klot8100067-CHI, cache-iad-kiad7000155-IAD, cache-fra-eddf8230023-FRA
last-modified
Fri, 21 Oct 2022 08:13:27 GMT
server
nginx
x-timer
S1672093913.276790,VS0,VE1
etag
"8259ddf27eafaa40f40f65fed9837da0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 52, 1
3ead58e12674808f12e79b256560081a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ead58e12674808f12e79b256560081a.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2eb88ecbf30e5ae3085743397d8b5a53544687aa0cbab773fe94bb690dba2900

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ead58e12674808f12e79b256560081a.jpg
age
3655873
edge-cache-tag
381627698217469947099100280957135315376,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
381627698217469947099100280957135315376,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
218
expiration
expiry-date="Mon, 14 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://smallbusiness.chron.com/
content-length
26184
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000030-IAD, cache-iad-kcgs7200135-IAD, cache-lga21935-LGA, cache-iad-kiad7000075-IAD, cache-fra-eddf8230023-FRA
last-modified
Fri, 14 Oct 2022 15:46:06 GMT
server
nginx
x-timer
S1672093913.279041,VS0,VE1
etag
"40a4b6352fc249431e02836c4df3f25a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 160, 1
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 26 Dec 2022 22:31:52 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
573769
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a000034LEuqAAG&gdpr=0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=yqkVGnxKK01hSk92cFdad3haVzNPTTk5cERIN3p3QWlyUkhuM0dkaXBEdTgvSzEvc1hZT0lKWG4xZWJZVUhmNmRKSVJEYVpoV2Y5dXF6K3V5NkNrdWkzV3JsUHZhcmphZ25Ra3hyN2ptUXF6UnJPQU9FZloxckx6a3IvMD...
362 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yqkVGnxKK01hSk92cFdad3haVzNPTTk5cERIN3p3QWlyUkhuM0dkaXBEdTgvSzEvc1hZT0lKWG4xZWJZVUhmNmRKSVJEYVpoV2Y5dXF6K3V5NkNrdWkzV3JsUHZhcmphZ25Ra3hyN2ptUXF6UnJPQU9FZloxckx6a3IvMDVydjFYRHFIRm5DajVvZ09OUUlxbnUya2tNcTZzTmttdzk2VTY3V2hIN0tjV1hHWTJnN1o2NWNwS3AyeE96Nmxjc3VkdWVQTVdHaHlkRkpPbTBWa01nNjFzUHEwYlJTR293Y1h5ekZnMHVHZE5SWWRDQlJPMEVNbVFjTnQ5SGs2UWNYdnVkZ2M2fA&cppv=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44121a73e63788f7bb47f3d1ac753db330fa2be8670394cf7938d97f14ca8c03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1371692
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=yqkVGnxKK01hSk92cFdad3haVzNPTTk5cERIN3p3QWlyUkhuM0dkaXBEdTgvSzEvc1hZT0lKWG4xZWJZVUhmNmRKSVJEYVpoV2Y5dXF6K3V5NkNrdWkzV3JsUHZhcmphZ25Ra3hyN2ptUXF6UnJPQU9FZloxckx6a3IvMDVydjFYRHFIRm5DajVvZ09OUUlxbnUya2tNcTZzTmttdzk2VTY3V2hIN0tjV1hHWTJnN1o2NWNwS3AyeE96Nmxjc3VkdWVQTVdHaHlkRkpPbTBWa01nNjFzUHEwYlJTR293Y1h5ekZnMHVHZE5SWWRDQlJPMEVNbVFjTnQ5SGs2UWNYdnVkZ2M2fA&cppv=2
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
357301
content-length
0
expires
0
934.json
id5-sync.com/g/v2/ 		216 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/934.json
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
da7a653bd7aac586c6a5b1a9940d4720b6125a7c95943ba62caae1b975ec96dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		43 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
x-server
10.45.6.170
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ 		63 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
53dd80011c5ceeb65b30091ad02c619b88d1b4e0ed2b94839efc9ab6d694af6c

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 25 Jan 2023 22:31:53 GMT
envelope
api.rlcdn.com/api/identity/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1273
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
web1_13302366-6db62aa8f97d455c8f9ea4a6dad74d04.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_13302366-6db62aa8f97d455c8f9ea4a6dad74d04.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fae785ae74a733574d37c71c9c7918e8f072f1e215ca3dfb11012cdff0186c38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
100
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_13302366-6db62aa8f97d455c8f9ea4a6dad74d04.jpg
age
187464
edge-cache-tag
538320624722636273465801303404795201374,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
cache-tag
538320624722636273465801303404795201374,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
1127
req-referer
https://www.staradvertiser.com/
content-length
85062
x-request-id
135c6e225471620d4b52e9898cec91fa
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200166-IAD, cache-iad-kcgs7200148-IAD, cache-bur-kbur8200033-BUR, cache-iad-kiad7000066-IAD, cache-fra-eddf8230023-FRA
last-modified
Sat, 24 Dec 2022 18:21:31 GMT
server
nginx
x-timer
S1672093913.320814,VS0,VE100
etag
"bc70af60abda306654beca745203967a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 64, 0
6f53a38d25f0ea772db614fb941519e4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
401aee906c7663f286c53a1246977e94467a7f694d05fb8732a49bc4ace4b8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
age
8444918
edge-cache-tag
379226829563982640636830187610323967922,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
cache-tag
379226829563982640636830187610323967922,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
208
expiration
expiry-date="Fri, 30 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.elgoldigital.com/
content-length
117956
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200176-IAD, cache-iad-kjyo7100141-IAD, cache-bur-kbur8200038-BUR, cache-iad-kjyo7100039-IAD, cache-fra-eddf8230023-FRA
last-modified
Tue, 30 Aug 2022 07:16:12 GMT
server
nginx
x-timer
S1672093913.321718,VS0,VE0
etag
"263d315fc04d484a846a03f21f18e26f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 8029, 7978
web1_CTY-solstice-service-7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_CTY-solstice-service-7.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c36cbcb6bf61bc3a3ea76d0c720450b8ce5dc73c7c0d2d4c3b03af490f66a9d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_CTY-solstice-service-7.jpg
age
128339
edge-cache-tag
347965274776376603726782135711639503341,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
cache-tag
347965274776376603726782135711639503341,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1179
req-referer
https://www.staradvertiser.com/
content-length
79472
x-request-id
6a54687bb71680c301aa54cf1c43b138
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000081-IAD, cache-iad-kiad7000052-IAD, cache-chi-kigq8000091-CHI, cache-iad-kiad7000142-IAD, cache-fra-eddf8230023-FRA
last-modified
Sun, 25 Dec 2022 10:24:49 GMT
server
nginx
x-timer
S1672093913.323497,VS0,VE1
etag
"c2211c099f4d2d73b80476c12a45c3ce"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 39, 1
web1_CTY-Public-School-Lunches-3906.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_CTY-Public-School-Lunches-3906.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
632bc184220b912609666c1d4be46e24bb7940713d30398891e43b8462b4704b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_CTY-Public-School-Lunches-3906.jpg
age
212778
edge-cache-tag
463314915959672924261076141930791474981,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
cache-tag
463314915959672924261076141930791474981,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
348
req-referer
https://www.staradvertiser.com/
content-length
66410
x-request-id
3da6bc7620de7cd6f8faa2fc3d8cce3c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200109-IAD, cache-iad-kiad7000087-IAD, cache-chi-klot8100158-CHI, cache-iad-kcgs7200033-IAD, cache-fra-eddf8230023-FRA
last-modified
Sat, 24 Dec 2022 11:19:37 GMT
server
nginx
x-timer
S1672093913.324157,VS0,VE3
etag
"f978fe8f51b66b2d489cca2d7232333b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 55, 1
91983c24df66c8a10e16fe34eb43a63c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/91983c24df66c8a10e16fe34eb43a63c.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebaadb64ecb60de44e8d2a2aed6117ccb3eca77ced8b085614f2be7e93d431d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/91983c24df66c8a10e16fe34eb43a63c.jpg
age
1091783
edge-cache-tag
599184611684034657562769456902860457246,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
599184611684034657562769456902860457246,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
186
expiration
expiry-date="Mon, 09 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://buhamster.com/
content-length
90978
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200055-IAD, cache-iad-kjyo7100177-IAD, cache-sna10750-LGB, cache-iad-kcgs7200153-IAD, cache-fra-eddf8230023-FRA
last-modified
Fri, 09 Dec 2022 15:29:02 GMT
server
nginx
x-timer
S1672093913.327089,VS0,VE1
etag
"94448e0aebea575e7f7965d779a4fc2f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 307, 1
dc1aa9c7f4feacc0362da8965be88cd9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5db132abc06730a17693dac1212476afd1733a95cc55f74d735a97400b2fd102

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
age
5739672
edge-cache-tag
570355061721211699538449521237231190296,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
570355061721211699538449521237231190296,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
112
req-referer
https://webmail.freenet.de/
content-length
13904
x-request-id
d1f2dfc24e7e63a1525b5f464ca3599b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100177-IAD, cache-iad-kiad7000022-IAD, cache-bur-kbur8200104-BUR, cache-iad-kcgs7200092-IAD, cache-fra-eddf8230023-FRA
last-modified
Fri, 21 Oct 2022 08:13:27 GMT
server
nginx
x-timer
S1672093913.331326,VS0,VE1
etag
"9deea6ace9927615027720125a83b49d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 59, 1
/
reporting.powerad.ai/ 		2 B
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
3ead58e12674808f12e79b256560081a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ead58e12674808f12e79b256560081a.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
800c870c48ff2e82922dbf536677ca23a8ff6a3c062c11b7979a380b9988e064

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ead58e12674808f12e79b256560081a.jpg
age
3561698
edge-cache-tag
381627698217469947099100280957135315376,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
381627698217469947099100280957135315376,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
708
req-referer
https://www.readersdigest.com.au/healthsmart/beauty/skin/8-reliable-home-remedies-for-corns-and-calluses?keycode=XREM929&utm_source=Resp&utm_medium=Emailing&utm_campaign=XREM929
content-length
28370
x-request-id
43504cbc13058d9e174a8a4995940886
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100179-IAD, cache-iad-kcgs7200154-IAD, cache-sna10723-LGB, cache-iad-kiad7000123-IAD, cache-fra-eddf8230023-FRA
last-modified
Sun, 13 Nov 2022 12:57:14 GMT
server
nginx
x-timer
S1672093913.334446,VS0,VE2
etag
"5fd82915fd764e9cf3afaec5326ace96"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 68, 1
5d6b03f19cc1f23aa1ce22a436c36e97.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d6b03f19cc1f23aa1ce22a436c36e97.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4dda81f160b2cb21ac6d906c80317d71bbe65171dd77a5286c1fe08e53e65cad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d6b03f19cc1f23aa1ce22a436c36e97.jpeg
age
2209484
edge-cache-tag
380020255213975030918327654955122484175,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
380020255213975030918327654955122484175,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
312
req-referer
https://7news.com.au/
content-length
61336
x-request-id
a1fdc839ab4e3843f59dfcf5f22c5276
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000122-IAD, cache-iad-kcgs7200110-IAD, cache-lga21940-LGA, cache-iad-kjyo7100124-IAD, cache-fra-eddf8230023-FRA
last-modified
Thu, 01 Dec 2022 08:47:08 GMT
server
nginx
x-timer
S1672093913.337169,VS0,VE1
etag
"b0eb0cf48ef6839c34436685fcc64f39"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 10, 1
604f64db35ad7d8e32fc4a7cffa729ec.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d2da7054df4b404b941992e6fe942c8c29c28d912344e8a8761152ca4f10297a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
age
5134231
edge-cache-tag
380932827776598572844696039841441315722,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
380932827776598572844696039841441315722,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
88
expiration
expiry-date="Thu, 24 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://odelices.ouest-france.fr/
content-length
14914
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100031-IAD, cache-iad-kcgs7200037-IAD, cache-lga21981-LGA, cache-iad-kiad7000152-IAD, cache-fra-eddf8230023-FRA
last-modified
Mon, 24 Oct 2022 10:08:09 GMT
server
nginx
x-timer
S1672093913.343371,VS0,VE1
etag
"05b856ee17d88666851f9b459e2d5d62"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 57, 1
f19eba5ecd470f379c195bc24ceeef7c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f19eba5ecd470f379c195bc24ceeef7c.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
857e1cb30adac62a9a0f5dc02883b27e2ae7db34b7b12a090f23217b21ca398d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f19eba5ecd470f379c195bc24ceeef7c.jpg
age
4746053
edge-cache-tag
573469952242949888824688778449159979012,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
573469952242949888824688778449159979012,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
683
req-referer
https://www.ynet.co.il/
content-length
20752
x-request-id
8cd51dfed271462f144b09c8dcc64288
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200146-IAD, cache-iad-kiad7000137-IAD, cache-lax10644-LGB, cache-iad-kjyo7100038-IAD, cache-fra-eddf8230023-FRA
last-modified
Sat, 29 Oct 2022 21:31:39 GMT
server
nginx
x-timer
S1672093913.343379,VS0,VE1
etag
"33f6a5a868169ea2ff644a56a0fae24d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 47, 1
web1_13302366-6db62aa8f97d455c8f9ea4a6dad74d04.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_13302366-6db62aa8f97d455c8f9ea4a6dad74d04.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b608c67736d035fb50514db86b02dde8dd9f7ad54f268e1e579d91c6e94d747

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
91
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_13302366-6db62aa8f97d455c8f9ea4a6dad74d04.jpg
age
187494
edge-cache-tag
538320624722636273465801303404795201374,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
538320624722636273465801303404795201374,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
698
req-referer
https://www.staradvertiser.com/
content-length
111448
x-request-id
c53d8b80f4fd445f6eb97d61bc0b4d0e
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200144-IAD, cache-iad-kjyo7100141-IAD, cache-lax10649-LGB, cache-iad-kiad7000040-IAD, cache-fra-eddf8230023-FRA
last-modified
Sat, 24 Dec 2022 18:21:31 GMT
server
nginx
x-timer
S1672093913.343371,VS0,VE91
etag
"307b435d09ec1bdb5ff5d79dddb022d6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 6, 0
web1_CTY-solstice-service-7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_CTY-solstice-service-7.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9d3e61f9ccefe5f2a55ea4d9e63bc61ea7ae68c2ea9e7dc1d202938e8385e65a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
90
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_CTY-solstice-service-7.jpg
age
128343
edge-cache-tag
347965274776376603726782135711639503341,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
347965274776376603726782135711639503341,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
618
req-referer
https://www.staradvertiser.com/
content-length
104052
x-request-id
cb679cdc36c0eeaf65c7b9a4ce331174
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000153-IAD, cache-iad-kjyo7100054-IAD, cache-bur-kbur8200085-BUR, cache-iad-kjyo7100149-IAD, cache-fra-eddf8230023-FRA
last-modified
Sun, 25 Dec 2022 10:24:49 GMT
server
nginx
x-timer
S1672093913.344975,VS0,VE90
etag
"159030ae6c3c44f320ddb839f27c6151"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 0
web1_CTY-Public-School-Lunches-3906.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_CTY-Public-School-Lunches-3906.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
027be3828158951b109252168fe6a30d5c42442b441a00dbb17b4a0a1683e4c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
93
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_CTY-Public-School-Lunches-3906.jpg
age
212709
edge-cache-tag
463314915959672924261076141930791474981,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
463314915959672924261076141930791474981,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
556
req-referer
https://www.staradvertiser.com/
content-length
91912
x-request-id
9e34f2df595fd63711b8f4af952820f8
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000048-IAD, cache-iad-kiad7000095-IAD, cache-sna10743-LGB, cache-iad-kiad7000150-IAD, cache-fra-eddf8230023-FRA
last-modified
Sat, 24 Dec 2022 11:19:37 GMT
server
nginx
x-timer
S1672093913.347985,VS0,VE93
etag
"998d250a4d78ad6c9578228ebd055cbd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 10, 0
web1_13296085-e4dd6aa120e74db2b48130a105098585.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_13296085-e4dd6aa120e74db2b48130a105098585.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eb723ed01d6c8f307f7078090ba0cca3966183d7485ebdfac501425693adc144

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
548
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_13296085-e4dd6aa120e74db2b48130a105098585.jpg
age
335212
edge-cache-tag
583430346097285776836038921310021289996,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
583430346097285776836038921310021289996,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, MISS, MISS
x-envoy-upstream-service-time
429
req-referer
https://www.staradvertiser.com/
content-length
58448
x-request-id
c06af9e70c8b875dc105abc212afa505
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100071-IAD, cache-iad-kcgs7200145-IAD, cache-chi-kigq8000140-CHI, cache-iad-kcgs7200073-IAD, cache-fra-eddf8230023-FRA
last-modified
Fri, 23 Dec 2022 01:20:46 GMT
server
nginx
x-timer
S1672093913.353120,VS0,VE548
etag
"d0f0a15b536d465fac4fe4295c6c6c53"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 0
web1_13295719-7276d15af4094bb09d9cef8ae73df44b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_13295719-7276d15af4094bb09d9cef8ae73df44b.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
235c371f1890f1f6f45d3a141e091e7fbe87985cc4ed068bd24583f5c5312e8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
91
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_13295719-7276d15af4094bb09d9cef8ae73df44b.jpg
age
341903
edge-cache-tag
433730674890729626751535064078240477340,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
433730674890729626751535064078240477340,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
394
req-referer
https://www.staradvertiser.com/
content-length
37084
x-request-id
0544324f3dae04caa1b45df021724c2b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100047-IAD, cache-iad-kjyo7100030-IAD, cache-lax10640-LGB, cache-iad-kjyo7100109-IAD, cache-fra-eddf8230023-FRA
last-modified
Thu, 22 Dec 2022 23:25:13 GMT
server
nginx
x-timer
S1672093913.353296,VS0,VE91
etag
"3085f48e676f1053b1a77c4801e4bb5f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 1, 0
web1_AP22356040557793.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_AP22356040557793.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
26eb0716c991fb9f461c3bf60f22e04dc2da8584b225ccf158d59d2f2124ccb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
92
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_AP22356040557793.jpg
age
276107
edge-cache-tag
528175054018579192754117841347903645364,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag
528175054018579192754117841347903645364,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
916
req-referer
https://www.staradvertiser.com/
content-length
22180
x-request-id
dbf359ad85738de34cc127f45a8dbaea
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000038-IAD, cache-iad-kjyo7100053-IAD, cache-lax10676-LGB, cache-iad-kiad7000177-IAD, cache-fra-eddf8230023-FRA
last-modified
Fri, 23 Dec 2022 16:05:42 GMT
server
nginx
x-timer
S1672093913.438759,VS0,VE92
etag
"0737e48fe70d14b68fed0c79cb357579"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 15, 0
web1_CTY-STATE-BUDGET-02.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_CTY-STATE-BUDGET-02.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
91f3ff5b0eaed25fd93438182fef1843b87fd28c9e17a2e5630328d2cc55752b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_CTY-STATE-BUDGET-02.jpg
age
388816
edge-cache-tag
536239861154963026409992170938256216391,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag
536239861154963026409992170938256216391,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
488
req-referer
https://www.staradvertiser.com/
content-length
34218
x-request-id
9a89081f623f624cadb8995d63c72acd
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200125-IAD, cache-iad-kjyo7100082-IAD, cache-chi-klot8100169-CHI, cache-iad-kiad7000040-IAD, cache-fra-eddf8230023-FRA
last-modified
Thu, 22 Dec 2022 10:16:35 GMT
server
nginx
x-timer
S1672093913.449554,VS0,VE1
etag
"fa262af79a77429d80d206ef56cf3407"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 25, 1
web1_CTY-Mililani-Stabbing-0072-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_CTY-Mililani-Stabbing-0072-1.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fafe2bd7bd5389b401d7692bb191efe69c4ee9c1a7405fdeddae1e3876fbb466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_CTY-Mililani-Stabbing-0072-1.jpg
age
23328
edge-cache-tag
491243236300480044079035364743175683314,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag
491243236300480044079035364743175683314,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
984
req-referer
https://www.staradvertiser.com/
content-length
36438
x-request-id
fff34b6c8d42414819e57a5d80804002
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100137-IAD, cache-iad-kcgs7200055-IAD, cache-chi-klot8100145-CHI, cache-iad-kjyo7100177-IAD, cache-fra-eddf8230023-FRA
last-modified
Mon, 26 Dec 2022 10:27:16 GMT
server
nginx
x-timer
S1672093913.449683,VS0,VE94
etag
"7c90bf545397a9efdeb5d9bdde817c5c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 0
6f53a38d25f0ea772db614fb941519e4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
150ff5ec14b2b3f3c2bcfc27dea6fd0b70ea6a9ed4b955484b2865f5b1ae9b3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
age
1770548
edge-cache-tag
379226829563982640636830187610323967922,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag
379226829563982640636830187610323967922,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
447
expiration
expiry-date="Sat, 31 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.witn.com/
content-length
121626
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100153-IAD, cache-iad-kcgs7200096-IAD, cache-lga21925-LGA, cache-iad-kjyo7100116-IAD, cache-fra-eddf8230023-FRA
last-modified
Wed, 30 Nov 2022 19:04:02 GMT
server
nginx
x-timer
S1672093913.451352,VS0,VE1
etag
"263d315fc04d484a846a03f21f18e26f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3604, 1
5d6b03f19cc1f23aa1ce22a436c36e97.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d6b03f19cc1f23aa1ce22a436c36e97.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
652f458f5a6b950fa7f5202c7f09758a1efb5863a10ba085181214449d8d29f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d6b03f19cc1f23aa1ce22a436c36e97.jpeg
age
2196984
edge-cache-tag
380020255213975030918327654955122484175,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag
380020255213975030918327654955122484175,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
305
req-referer
https://www.foxsports.com/
content-length
68844
x-request-id
5048c3209ee9103dca2bf39e51609db7
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200070-IAD, cache-iad-kcgs7200159-IAD, cache-lga21970-LGA, cache-iad-kjyo7100068-IAD, cache-fra-eddf8230023-FRA
last-modified
Thu, 01 Dec 2022 08:47:09 GMT
server
nginx
x-timer
S1672093913.452125,VS0,VE1
etag
"d59a60e94d929d7a07f81510710e9040"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2001, 1
web1_TKTK22-WEB-Honolulu-lifeguard-seal.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_TKTK22-WEB-Honolulu-lifeguard-seal.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
91aa267bac62e97e85ef74c1bc3bfa1aab24fa487d3e95540d290527dc4a0c2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
89
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_TKTK22-WEB-Honolulu-lifeguard-seal.jpg
age
49832
edge-cache-tag
392196933274782885535836204969334632212,320197154429204532661449260201797071578,29ecf9b93bbf306179626feeda1fab70
cache-tag
392196933274782885535836204969334632212,320197154429204532661449260201797071578,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
778
req-referer
https://www.staradvertiser.com/
content-length
20048
x-request-id
9b104f0545a4cd38e1e32b4696dc4fa6
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100030-IAD, cache-iad-kjyo7100141-IAD, cache-bur-kbur8200082-BUR, cache-iad-kiad7000112-IAD, cache-fra-eddf8230023-FRA
last-modified
Mon, 26 Dec 2022 04:01:30 GMT
server
nginx
x-timer
S1672093913.488364,VS0,VE89
etag
"333e4453ffda4026b66fc7446f04ad01"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 0
web1_20221226-RIVER-Letter.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_20221226-RIVER-Letter.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b0180902e08f439c9c0f31fab4bee48c0c40243ffe3a26449e55cef014713a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
884
date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_20221226-RIVER-Letter.jpg
age
0
edge-cache-tag
509021674085257385907533410081425239223,320197154429204532661449260201797071578,29ecf9b93bbf306179626feeda1fab70
cache-tag
509021674085257385907533410081425239223,320197154429204532661449260201797071578,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time
727
req-referer
https://www.staradvertiser.com/
content-length
11680
x-request-id
f7047c304fddf88e2fe58f862ffe9ba1
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200146-IAD, cache-iad-kcgs7200060-IAD, cache-bur-kbur8200026-BUR, cache-iad-kjyo7100090-IAD, cache-fra-eddf8230023-FRA
last-modified
Mon, 26 Dec 2022 15:40:26 GMT
server
nginx
x-timer
S1672093913.490376,VS0,VE884
etag
"599f5d5a0f71a69aec1ea4a19bc12074"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 0
91983c24df66c8a10e16fe34eb43a63c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/91983c24df66c8a10e16fe34eb43a63c.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
91dd0a811c7aea7a1dc469590d17197e2d60523516f0ffcd37a182cd6d09aa34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/91983c24df66c8a10e16fe34eb43a63c.jpg
age
1090514
edge-cache-tag
599184611684034657562769456902860457246,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
599184611684034657562769456902860457246,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
345
req-referer
https://www.salgoonews.com/
content-length
32970
x-request-id
55e75a682c24776756b2714db595a949
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000092-IAD, cache-iad-kcgs7200155-IAD, cache-bur-kbur8200083-BUR, cache-iad-kiad7000169-IAD, cache-fra-eddf8230023-FRA
last-modified
Fri, 09 Dec 2022 15:22:25 GMT
server
nginx
x-timer
S1672093913.490467,VS0,VE1
etag
"a04f013c2157a1e8f02a30df0a3feae4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 101, 1
dc1aa9c7f4feacc0362da8965be88cd9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
436051b6c166a58e2fdb34c60fa2f776ac0f577ce07e5bdd894abf677eb096df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
age
5737607
edge-cache-tag
570355061721211699538449521237231190296,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
570355061721211699538449521237231190296,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
98
req-referer
https://elgoog.im/
content-length
13630
x-request-id
e6747dbb9e572a76e8f2a2abe4cdcb2d
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000113-IAD, cache-iad-kcgs7200055-IAD, cache-bur-kbur8200020-BUR, cache-iad-kiad7000147-IAD, cache-fra-eddf8230023-FRA
last-modified
Fri, 21 Oct 2022 08:13:27 GMT
server
nginx
x-timer
S1672093913.498981,VS0,VE1
etag
"47074af163e5574eef2173ffeb469c55"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 88, 1
web1_13296511-42d0d6c2f805476b9af8c9f91d078502.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_13296511-42d0d6c2f805476b9af8c9f91d078502.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
012197f49fa92d2e1c4c410da25e30569ee824b4f240d9336185b4c122f843a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
96
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_13296511-42d0d6c2f805476b9af8c9f91d078502.jpg
age
326756
edge-cache-tag
577307626697017752598414122224304957672,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag
577307626697017752598414122224304957672,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
1197
req-referer
https://www.staradvertiser.com/
content-length
84346
x-request-id
d047a5709390357a4f8679a4aa1d3c30
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100097-IAD, cache-iad-kcgs7200143-IAD, cache-sna10749-LGB, cache-iad-kcgs7200029-IAD, cache-fra-eddf8230023-FRA
last-modified
Fri, 23 Dec 2022 01:51:14 GMT
server
nginx
x-timer
S1672093914.520926,VS0,VE96
etag
"e0739762bbb5def156be0c01baa6cd99"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 9, 0
web1_13304757-174cc85650974a26ad3047527fdc52f4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_13304757-174cc85650974a26ad3047527fdc52f4.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
61941173dcfc7de658982eead1f056ec900d254daa9c7eded3360dddf074750a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1333
date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2022/12/web1_13304757-174cc85650974a26ad3047527fdc52f4.jpg
age
0
edge-cache-tag
358570781652946004206652919590255827060,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag
358570781652946004206652919590255827060,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time
1166
req-referer
https://www.staradvertiser.com/
content-length
63040
x-request-id
3bb25730fa40de0d32b08ee933a12772
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200092-IAD, cache-iad-kcgs7200149-IAD, cache-bur-kbur8200111-BUR, cache-iad-kiad7000120-IAD, cache-fra-eddf8230023-FRA
last-modified
Mon, 26 Dec 2022 19:19:21 GMT
server
nginx
x-timer
S1672093914.596469,VS0,VE1333
etag
"df4a20186bdbb9747a5039fea48c8b5e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 0
map
bcp.crwdcntrl.net/6/ 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e61507cf8e9d794ea630b735740b44d102089dbf0aef8afe21827efa99d5b337

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
x-server
10.45.0.62
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame E7DC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:53 GMT
server
Kestrel
server-processing-duration-in-ticks
723016
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 5978 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gfp0av1xg3tn0c7z952162zeffzcznqzsx46kvjtd3h93ggsy7h7452w6c487nm92341d7cb91q7fzdsbwpvhj3dx3jnmfk0284mjczbs8g384cmh7axkz716fvj0f7pb6mh7acmsrmta5xwegqqmdd2zjay1mf4cfzbm2crhvpkqx5bawk7qeay3amvb898d3j48vk0gbzneqhcrp64g35s35rtb694gc6zn71d9a78xhefasscv1erns6jtk9d5rbat6rr6jsvqh0m2f2ffxe3jrax962ks10751nsdjrz0vmkmndw30718hhrmyf0tn32f568m0cmx55enag4qr21avj2wbj13pw7gtdtbgv4s40n0t0h6rt0xg5f9sj8a10kj9kdymyfwgz09a4jh90ye3bca1436fkqdv9hctw3pc2j6mf4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gfp0av1xg3tn0c7z952162zeffzcznqzsx46kvjtd3h93ggsy7h7452w6c487nm92341d7cb91q7fzdsbwpvhj3dx3jnmfk0284mjczbs8g384cmh7axkz716fvj0f7pb6mh7acmsrmta5xwegqqmdd2zjay1mf4cfzbm2crhvpkqx5bawk7qeay3amvb898d3j48vk0gbzneqhcrp64g35s35rtb694gc6zn71d9a78xhefasscv1erns6jtk9d5rbat6rr6jsvqh0m2f2ffxe3jrax962ks10751nsdjrz0vmkmndw30718hhrmyf0tn32f568m0cmx55enag4qr21avj2wbj13pw7gtdtbgv4s40n0t0h6rt0xg5f9sj8a10kj9kdymyfwgz09a4jh90ye3bca1436fkqdv9hctw3pc2j6mf4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%26client%3Dca-pub-2697679518515886%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
1158279
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k21%2FflspE7YP5zwz2EGG7BkYokqvXhpV7CSCk00SfOiJOFqL%2Fy14ip0u5LDODOniYdtoKzOYkdr7AilvU%2FlqBQ5UiDk4E9HuwdJcE%2FRENWRG2u5yf3IZm4nPVpCh9zteng4ZB2ZotYw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77fd44eedf5f912e-FRA
expires
Mon, 26 Dec 2022 23:31:53 GMT
r62eglto.js
ad4m.at/ Frame 5978 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gfp0av1xg3tn0c7z952162zeffzcznqzsx46kvjtd3h93ggsy7h7452w6c487nm92341d7cb91q7fzdsbwpvhj3dx3jnmfk0284mjczbs8g384cmh7axkz716fvj0f7pb6mh7acmsrmta5xwegqqmdd2zjay1mf4cfzbm2crhvpkqx5bawk7qeay3amvb898d3j48vk0gbzneqhcrp64g35s35rtb694gc6zn71d9a78xhefasscv1erns6jtk9d5rbat6rr6jsvqh0m2f2ffxe3jrax962ks10751nsdjrz0vmkmndw30718hhrmyf0tn32f568m0cmx55enag4qr21avj2wbj13pw7gtdtbgv4s40n0t0h6rt0xg5f9sj8a10kj9kdymyfwgz09a4jh90ye3bca1436fkqdv9hctw3pc2j6mf4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
576813
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzfBcWvoiy%2BU8UY9XXLgRFUIR2lJFTIy6TVFEPkn23IZ3tJKh%2B%2Fmdw13J8UVtZRhH3xsEdn5UUtN8ocK%2FVUya32vfd0%2F1nLhx%2B5wbly3J5CWGJchqFR%2B5lDYE45Zdda%2FGV%2F8Hg0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
77fd44eeea0a9bb3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 06:18:10 GMT
collect
d.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:52 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 0B23 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gg8b1yqqy0v1f6b3fhg9sg0yxxyne5cvep6q2zq7v6s6btdm7fc4z9stxbap1e82sc3njsk8r3t6ytkgv5m63e2yytd1pv7gs4wj5j4b5r4rbgvnm1n7jmmkxs0xcbe44xx5976wmewxc0xf141atc6vp6xwh1d8rgnt4xqsqvydr14dqbryn482at046z9cncs5ctw141ss69ya7910j7rrm9xp92mbve5qn5b3p92p6y1hrpeevkcgxcr7xdn6z3tp6rgyy6hm7xffnamt7g9kcj0t7f2wk3ndq44rn79wkcdxrgcgx9fm3nky5pne6j128n6tcgkw315bm5nds3s0xeq9h5apqtqfgqhh4nwb0yxqyf9jnncsx9jmv6tmzjqwbbr32y3b7g7dqg7sqtwdpz92217c6cq1krnypx7gdfkz7y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gg8b1yqqy0v1f6b3fhg9sg0yxxyne5cvep6q2zq7v6s6btdm7fc4z9stxbap1e82sc3njsk8r3t6ytkgv5m63e2yytd1pv7gs4wj5j4b5r4rbgvnm1n7jmmkxs0xcbe44xx5976wmewxc0xf141atc6vp6xwh1d8rgnt4xqsqvydr14dqbryn482at046z9cncs5ctw141ss69ya7910j7rrm9xp92mbve5qn5b3p92p6y1hrpeevkcgxcr7xdn6z3tp6rgyy6hm7xffnamt7g9kcj0t7f2wk3ndq44rn79wkcdxrgcgx9fm3nky5pne6j128n6tcgkw315bm5nds3s0xeq9h5apqtqfgqhh4nwb0yxqyf9jnncsx9jmv6tmzjqwbbr32y3b7g7dqg7sqtwdpz92217c6cq1krnypx7gdfkz7y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%26client%3Dca-pub-2697679518515886%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
1158279
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcfDo1D8CdQrsPoom%2F7YVrzXJXCKWD3R2HBrM1pRmQmVoXrjEP32OcsztDGFRl2Fu3f3UrdjzLgrTXus5cRSLPXbV2USKY1LhJJ2AbXHA5Kh7RSUxxFekkHrjjbdCCAS%2BT38be9XgnY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77fd44ef380e912e-FRA
expires
Mon, 26 Dec 2022 23:31:53 GMT
r62eglto.js
ad4m.at/ Frame 0B23 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gg8b1yqqy0v1f6b3fhg9sg0yxxyne5cvep6q2zq7v6s6btdm7fc4z9stxbap1e82sc3njsk8r3t6ytkgv5m63e2yytd1pv7gs4wj5j4b5r4rbgvnm1n7jmmkxs0xcbe44xx5976wmewxc0xf141atc6vp6xwh1d8rgnt4xqsqvydr14dqbryn482at046z9cncs5ctw141ss69ya7910j7rrm9xp92mbve5qn5b3p92p6y1hrpeevkcgxcr7xdn6z3tp6rgyy6hm7xffnamt7g9kcj0t7f2wk3ndq44rn79wkcdxrgcgx9fm3nky5pne6j128n6tcgkw315bm5nds3s0xeq9h5apqtqfgqhh4nwb0yxqyf9jnncsx9jmv6tmzjqwbbr32y3b7g7dqg7sqtwdpz92217c6cq1krnypx7gdfkz7y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
576813
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENNyBqtlnmRgNVkVjqFPNMX71e%2Few2jlKzxq3nj%2Fk186ge8IEBJ9xqHEf0h%2B72w3Q8u82XU0GLwgh9TyzyZdajaR4OqkYmnTuqAd7rL8dAqreBWyMHN1hj7NdAuNxUwoo75Dp3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
77fd44ef3811912e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 06:18:10 GMT
gtm.js
www.googletagmanager.com/ 		116 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
97de9855315e79e11b1846eb5916add111780cf70cae332283ae5479ac8cca72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46137
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Dec 2022 22:31:53 GMT
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame FFA1 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kxshhgwhj8kn4xn630nn7j1cwwctf8tem3f2ykqgz6nk4ygjhagb8vtq8j4t9kpm99tn712w9gw6ygfs5112bytdmr598tvmb4p9n4ve33w5k6q99pvqgkek895hy1gkn3rhab6vmfvcq6qwjjfcy0aas1vqtjdxjckvmnjc49dr7scegxvjsdk1mtsmpnyf6taj93c5v0gssn2ktpp6bdb5pf5gpzzxjrf5a21ewr82zs3q86p4ctz7xnxtxrwhz2rhpg220ejptpf85k0mzbha86ejramcmckem9xkwwds3q7635e62myf3hyxxj8wxwxyh4fx75hkgfbdabajc21rh7n8hdyx6qfr1r9q0mje5qc2pjqnsn5prg3bnkqwycs0n7q4n8dbq0p15nb6mdqtcvtnqq3tds9r7qvdhrghx58xjpc8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kxshhgwhj8kn4xn630nn7j1cwwctf8tem3f2ykqgz6nk4ygjhagb8vtq8j4t9kpm99tn712w9gw6ygfs5112bytdmr598tvmb4p9n4ve33w5k6q99pvqgkek895hy1gkn3rhab6vmfvcq6qwjjfcy0aas1vqtjdxjckvmnjc49dr7scegxvjsdk1mtsmpnyf6taj93c5v0gssn2ktpp6bdb5pf5gpzzxjrf5a21ewr82zs3q86p4ctz7xnxtxrwhz2rhpg220ejptpf85k0mzbha86ejramcmckem9xkwwds3q7635e62myf3hyxxj8wxwxyh4fx75hkgfbdabajc21rh7n8hdyx6qfr1r9q0mje5qc2pjqnsn5prg3bnkqwycs0n7q4n8dbq0p15nb6mdqtcvtnqq3tds9r7qvdhrghx58xjpc8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%26client%3Dca-pub-2697679518515886%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
1158279
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5sU3XCCIWe3uZ2prmaBbY61FZETHDF590hanN1qYxrC3kUmbFCNYkekldJyWRL2W4aKlsVwHsx3%2BLkEN5rh9glE1wQzSkMpwZVJLjf6ybFcvY4Mf006fb6nTZJcdvw%2F9sZjRjXQFOw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77fd44ef686c912e-FRA
expires
Mon, 26 Dec 2022 23:31:53 GMT
r62eglto.js
ad4m.at/ Frame FFA1 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kxshhgwhj8kn4xn630nn7j1cwwctf8tem3f2ykqgz6nk4ygjhagb8vtq8j4t9kpm99tn712w9gw6ygfs5112bytdmr598tvmb4p9n4ve33w5k6q99pvqgkek895hy1gkn3rhab6vmfvcq6qwjjfcy0aas1vqtjdxjckvmnjc49dr7scegxvjsdk1mtsmpnyf6taj93c5v0gssn2ktpp6bdb5pf5gpzzxjrf5a21ewr82zs3q86p4ctz7xnxtxrwhz2rhpg220ejptpf85k0mzbha86ejramcmckem9xkwwds3q7635e62myf3hyxxj8wxwxyh4fx75hkgfbdabajc21rh7n8hdyx6qfr1r9q0mje5qc2pjqnsn5prg3bnkqwycs0n7q4n8dbq0p15nb6mdqtcvtnqq3tds9r7qvdhrghx58xjpc8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
576813
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1pIcwxqRk95Q2%2BxGkqy7cvA4bj5bN8VVsZzVjoQf1KLY8Ao2gsHBz21diaqe5%2Fs6a4o7f9kIzyzszGYlTUMdMYogDLIB32%2BqBVofZwaiNY2dnTCAEn%2FFh55KbxxkhoyfYohkbI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
77fd44ef686d912e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 06:18:10 GMT
vjf6xlw9ustjg7nlla3a.mp4
cdn.taboola.com/libtrc/static/video/v1657201303/ 		896 KB
897 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1657201303/vjf6xlw9ustjg7nlla3a.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7907756e42e9579e361a3bac3fed17167a0e378023cbf8f79abb83c08e3c0159

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
6vV0Z2kcr9IqWfGTxGFYQOEFb8nA1vAp
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish
x-amz-request-id
3EX9X0BZ41Z3RZ44
age
117
x-cache
HIT
Content-Range
bytes 0-917260/917261
x-amz-replication-status
COMPLETED
Content-Length
917261
x-amz-id-2
l5doLRKjxkw5Y26cv1OU8XMN94c3sdfrm6A6tviObeNy196Xw5b9djNgekRoQlsBEk4NcWy37zM=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Thu, 07 Jul 2022 13:41:50 GMT
server
AmazonS3
x-timer
S1672093914.522041,VS0,VE1
etag
"72cebb60fabc4dbf2e155454b078a940"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
b5vabxhqezog1arnt7m2.mp4
cdn.taboola.com/libtrc/static/video/v1666339887/ 		866 KB
867 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1666339887/b5vabxhqezog1arnt7m2.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dc07516bb84363b41feac92819797ac2ed7c96947da75379100a309da766be4

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
5M7lg4hT5Uad0mDq7OgxKTYCwbmsYE9q
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish
x-amz-request-id
ZDJSVA1C8GEKY51D
age
78
x-cache
HIT
Content-Range
bytes 0-886582/886583
x-amz-replication-status
COMPLETED
Content-Length
886583
x-amz-id-2
bCHRROjHQ8KqfdNY9+rKxBUvyIQJAfVv1VnM8uRpXRizC8+UJgrOsUAz3a4PVQElov4ZFTc62rTepkQ3p5hdqA==
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Fri, 21 Oct 2022 08:11:39 GMT
server
AmazonS3
x-timer
S1672093914.522638,VS0,VE1
etag
"1b5ebbbf450bb3defa14aad23cc92811"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
sgkvo1esy2cwnzjt0t5f.mp4
cdn.taboola.com/libtrc/static/video/v1665745830/ 		750 KB
751 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1665745830/sgkvo1esy2cwnzjt0t5f.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c6a9ccc522188d4745ca6d4ff809131467bcad0e3c925085b71960e9771ac45

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
VYgQChJXkXnd6pcfFD5w6j04XmEFKZzq
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish
x-amz-request-id
SC77EY61QC7Y5EC1
age
1
x-cache
HIT
Content-Range
bytes 0-768361/768362
x-amz-replication-status
COMPLETED
Content-Length
768362
x-amz-id-2
lVkaJ4U/3DsB5/jd/Y40JjKRlDnHbuyL6/V+qFvZnRmmp7VFEUc0Mgb6jV9E9QtQHnYJgKlYi6Q=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Fri, 14 Oct 2022 11:10:40 GMT
server
AmazonS3
x-timer
S1672093914.524920,VS0,VE1
etag
"c84efd6e185e0397c0d3a079e5f0dc6f"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
vjf6xlw9ustjg7nlla3a.mp4
cdn.taboola.com/libtrc/static/video/v1657201303/ 		896 KB
897 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1657201303/vjf6xlw9ustjg7nlla3a.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7907756e42e9579e361a3bac3fed17167a0e378023cbf8f79abb83c08e3c0159

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
6vV0Z2kcr9IqWfGTxGFYQOEFb8nA1vAp
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish
x-amz-request-id
3EX9X0BZ41Z3RZ44
age
117
x-cache
HIT
Content-Range
bytes 0-917260/917261
x-amz-replication-status
COMPLETED
Content-Length
917261
x-amz-id-2
l5doLRKjxkw5Y26cv1OU8XMN94c3sdfrm6A6tviObeNy196Xw5b9djNgekRoQlsBEk4NcWy37zM=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Thu, 07 Jul 2022 13:41:50 GMT
server
AmazonS3
x-timer
S1672093914.527169,VS0,VE1
etag
"72cebb60fabc4dbf2e155454b078a940"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
ibe6wcawtax2helellpx.mp4
cdn.taboola.com/libtrc/static/video/v1671107679/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1671107679/ibe6wcawtax2helellpx.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
333f4d53b1d26d4f5ef139b78fba09185bd661575cb2406d1d08f4232f5a7bba

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
ePxAXOVAMlcplIPm8r9BkN5tUZL0sVcz
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish
x-amz-request-id
5RW6529DKD2TY36A
age
64
x-cache
HIT
Content-Range
bytes 0-1095106/1095107
x-amz-replication-status
COMPLETED
Content-Length
1095107
x-amz-id-2
I9aTwpdERfIipQ6hCkyVyFJw1l02dlvspZap8p0cvDEUkLUSnX7+GPIvW0vX1E5eCemAN2VGb2s=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Thu, 15 Dec 2022 12:34:45 GMT
server
AmazonS3
x-timer
S1672093914.527789,VS0,VE1
etag
"027a1e3bb4feb34832dfcd5f1c536a7c"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame DC76 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.payvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Dec 2023 21:12:33 GMT
b5vabxhqezog1arnt7m2.mp4
cdn.taboola.com/libtrc/static/video/v1666339887/ 		866 KB
867 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1666339887/b5vabxhqezog1arnt7m2.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dc07516bb84363b41feac92819797ac2ed7c96947da75379100a309da766be4

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
5M7lg4hT5Uad0mDq7OgxKTYCwbmsYE9q
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish
x-amz-request-id
ZDJSVA1C8GEKY51D
age
78
x-cache
HIT
Content-Range
bytes 0-886582/886583
x-amz-replication-status
COMPLETED
Content-Length
886583
x-amz-id-2
bCHRROjHQ8KqfdNY9+rKxBUvyIQJAfVv1VnM8uRpXRizC8+UJgrOsUAz3a4PVQElov4ZFTc62rTepkQ3p5hdqA==
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Fri, 21 Oct 2022 08:11:39 GMT
server
AmazonS3
x-timer
S1672093914.537718,VS0,VE1
etag
"1b5ebbbf450bb3defa14aad23cc92811"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
sgkvo1esy2cwnzjt0t5f.mp4
cdn.taboola.com/libtrc/static/video/v1665745830/ 		750 KB
751 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1665745830/sgkvo1esy2cwnzjt0t5f.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c6a9ccc522188d4745ca6d4ff809131467bcad0e3c925085b71960e9771ac45

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
VYgQChJXkXnd6pcfFD5w6j04XmEFKZzq
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish
x-amz-request-id
SC77EY61QC7Y5EC1
age
1
x-cache
HIT
Content-Range
bytes 0-768361/768362
x-amz-replication-status
COMPLETED
Content-Length
768362
x-amz-id-2
lVkaJ4U/3DsB5/jd/Y40JjKRlDnHbuyL6/V+qFvZnRmmp7VFEUc0Mgb6jV9E9QtQHnYJgKlYi6Q=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Fri, 14 Oct 2022 11:10:40 GMT
server
AmazonS3
x-timer
S1672093914.537736,VS0,VE1
etag
"c84efd6e185e0397c0d3a079e5f0dc6f"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
sbfcvda1gqwcij41gdnv.mp4
cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1655289863/ 		303 KB
303 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1655289863/sbfcvda1gqwcij41gdnv.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9409e8b88b7880640f02eb872b435e71ad5d79931e42cb675d098f78ee16be03

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
NHwYfLNYVEAbRmtYbe2mDdvej_0WkCnZ
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish
x-amz-request-id
DB4CPE1SKFMMFFDC
age
50
x-cache
HIT
Content-Range
bytes 0-310206/310207
x-amz-replication-status
COMPLETED
Content-Length
310207
x-amz-id-2
1+5b8A5cJkTqeExu2ZwtUfvGpEOd+/Y/eNtDey2XC37XBpoRkwD0BP2TTMX/OrB4FMK6EECCpQc=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Wed, 15 Jun 2022 10:44:31 GMT
server
AmazonS3
x-timer
S1672093914.539446,VS0,VE1
etag
"c54599e9c7c442de75cbb6db4644fb1e"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
photo-1519076976365-9c64dbd98317
images.unsplash.com/ Frame 3C19 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1519076976365-9c64dbd98317?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDEwfHxjaGlsZCUyMHBsYXlpbmclMjBwaWFub3xlbnwwfHx8fDE2NTQ2NjgyMTA&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::720 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a9c4b27ce87b2ada6e74a94e31cf34c2f3e14add900dcf2f93c2ef5de020d73f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
x-content-type-options
nosniff
age
5402290
x-cache
HIT, HIT
x-imgix-id
9fbe1e1ea2ebe9d08766ffe383ce5070665b7bdf
cross-origin-resource-policy
cross-origin
content-length
30633
x-served-by
cache-sjc10034-SJC, cache-vie6380-VIE
x-imgix-render-farm
01.1104
last-modified
Tue, 25 Oct 2022 09:53:42 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
x-imgix-original-status
200
vjf6xlw9ustjg7nlla3a.mp4
cdn.taboola.com/libtrc/static/video/v1657201303/ 		896 KB
897 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1657201303/vjf6xlw9ustjg7nlla3a.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7907756e42e9579e361a3bac3fed17167a0e378023cbf8f79abb83c08e3c0159

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
6vV0Z2kcr9IqWfGTxGFYQOEFb8nA1vAp
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish
x-amz-request-id
3EX9X0BZ41Z3RZ44
age
117
x-cache
HIT
Content-Range
bytes 0-917260/917261
x-amz-replication-status
COMPLETED
Content-Length
917261
x-amz-id-2
l5doLRKjxkw5Y26cv1OU8XMN94c3sdfrm6A6tviObeNy196Xw5b9djNgekRoQlsBEk4NcWy37zM=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Thu, 07 Jul 2022 13:41:50 GMT
server
AmazonS3
x-timer
S1672093914.544181,VS0,VE1
etag
"72cebb60fabc4dbf2e155454b078a940"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
ibe6wcawtax2helellpx.mp4
cdn.taboola.com/libtrc/static/video/v1671107679/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1671107679/ibe6wcawtax2helellpx.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
ePxAXOVAMlcplIPm8r9BkN5tUZL0sVcz
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish
x-amz-request-id
5RW6529DKD2TY36A
age
64
x-cache
HIT
Content-Range
bytes 0-1095106/1095107
x-amz-replication-status
COMPLETED
Content-Length
1095107
x-amz-id-2
I9aTwpdERfIipQ6hCkyVyFJw1l02dlvspZap8p0cvDEUkLUSnX7+GPIvW0vX1E5eCemAN2VGb2s=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Thu, 15 Dec 2022 12:34:45 GMT
server
AmazonS3
x-timer
S1672093914.546680,VS0,VE1
etag
"027a1e3bb4feb34832dfcd5f1c536a7c"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
b5vabxhqezog1arnt7m2.mp4
cdn.taboola.com/libtrc/static/video/v1666339887/ 		866 KB
867 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1666339887/b5vabxhqezog1arnt7m2.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dc07516bb84363b41feac92819797ac2ed7c96947da75379100a309da766be4

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
5M7lg4hT5Uad0mDq7OgxKTYCwbmsYE9q
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 varnish
x-amz-request-id
ZDJSVA1C8GEKY51D
age
78
x-cache
HIT
Content-Range
bytes 0-886582/886583
x-amz-replication-status
COMPLETED
Content-Length
886583
x-amz-id-2
bCHRROjHQ8KqfdNY9+rKxBUvyIQJAfVv1VnM8uRpXRizC8+UJgrOsUAz3a4PVQElov4ZFTc62rTepkQ3p5hdqA==
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Fri, 21 Oct 2022 08:11:39 GMT
server
AmazonS3
x-timer
S1672093914.547704,VS0,VE1
etag
"1b5ebbbf450bb3defa14aad23cc92811"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
truncated
/ Frame 198D 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8add84858b5c827bd404d6828b1216f96c813bc81bb383f744877dd8912d736

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 198D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHssZpTxEh2B_gjN8YcIc8inh9DnOBVXCypjHPHcYg755j3vlIlr2Qd5fYUdR_1oN-ZzyDZ91kgehJ4ZtKnlMVqoFifrw13SutF0DbIZVFyS_4-RMpwQiQ5LF5Q0b_c_YCfh2ayxvEShFJ2cyvOie0AuBkhuBJIrxKLKKf8QcaXrCsKfaOQyjgcVjW4CP8r7WUIa54PWtxcS9NI-aQc4luH40bWHIRitA7BKTVQyKT6kVqTM620p8TJw6xUTY8Ar8lIkQysiZlbAPINbmSudjUvQ45TNj0LmJRaQDeL6duONHqPYfkITyzAokvcWHaG7COn1uQ1ghmmW_6PJmfOShFRH0NjZNtgJq89nqp&sai=AMfl-YTDCbXThzSQx-VA0Ol8_K8m4K0cNdY-YkjtNGv80OeVKLQfueUK_iMrw75D7ZGdFn8QMO2pBEtku5OZaLWtvPNDDMfWK09g7l_WoXDjg30quHwQyEwxafdjImkUIgIP&sig=Cg0ArKJSzLrKMC3QGJY_EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 26 Dec 2022 22:31:53 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 198D 		0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=696954
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUbpdY1HFdOZseO60piNsHJw2%2Bv%2FjnkOE631sJSc71iEc0p%2BzkOvVFEMpuCdtOf7uwmiNnrWo6q9dbosRUR6QyRORsZAAxGqIyCJ5yMebMbc2Nf%2B1SUkupY%2FaPPqQ%2FkISuN1Lhmh9y%2Fap5cd5ORZ9Htscg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
77fd44f02e1f9a1e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FzR4jjKeePE76SQBnebB
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yqkVGnxKK01hSk92cFdad3haVzNPTTk5cERIN3p3QWlyUkhuM0dkaXBEdTgvSzEvc1hZT0lKWG4xZWJZVUhmNmRKSVJEYVpoV2Y5dXF6K3V5NkNrdWkzV3JsUHZhcmphZ25Ra3hyN2ptUXF6UnJPQU9FZloxckx6a3IvMDVydjFYRHFIRm5DajVvZ09OUUlxbnUya2tNcTZzTmttdzk2VTY3V2hIN0tjV1hHWTJnN1o2NWNwS3AyeE96Nmxjc3VkdWVQTVdHaHlkRkpPbTBWa01nNjFzUHEwYlJTR293Y1h5ekZnMHVHZE5SWWRDQlJPMEVNbVFjTnQ5SGs2UWNYdnVkZ2M2fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 26 Dec 2022 22:31:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
586593
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 4866 		26 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1672093913628&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&page=AdForge%20Ad%20Unit&refr=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=a7e57d00-b25a-4578-b511-243887fcdf5a&dtm=1672093912803&vp=300x250&ds=300x250&vid=1&sid=e5a10bc5-920c-4f41-a0dc-71643c8c79c3&duid=51094852-2df2-4d3b-997f-e31d5172dca0&fp=983239506&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiYjExN2M5YTctYzQzOC00MWJjLWE4OTctMmY5MTg5ODUxMjJhIiwiYmlkIjoiMWU5OWI4N2YtOGZiYi00ZWM2LWFjYWMtNWExMjE2NmU1YzY1IiwicGlkIjoiMTFkOGJmMDEtNGEwZC00MmYxLTljODItMzlmMWI3NzI2MjM0In19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
server
Google Frontend
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
x-powered-by
Express
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
464123d96b992ea84fb1563c555a0337
function-execution-id
iobvwqhail5d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
photo-1604908176997-125f25cc6f3d
images.unsplash.com/ Frame 4866 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1604908176997-125f25cc6f3d?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDI2fHxjaGluZXNlJTIwZm9vZHxlbnwwfHx8fDE2NjgzMTkyNTc&ixlib=rb-4.0.3&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::720 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
779f952cd430c10a7c1c89067e94a39b3ef4e4f336e25e0a52b80bb923747078
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
x-content-type-options
nosniff
age
3774402
x-cache
HIT, HIT
x-imgix-id
518a5a8425c852ed278092f5868406b590dce38e
cross-origin-resource-policy
cross-origin
content-length
94494
x-served-by
cache-sjc10077-SJC, cache-vie6380-VIE
x-imgix-render-farm
01.584
last-modified
Sun, 13 Nov 2022 06:05:12 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
x-imgix-original-status
200
94f3b1f1-f0fc-4500-8f92-712001c50999
https://www.staradvertiser.com/ Frame 198D 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/94f3b1f1-f0fc-4500-8f92-712001c50999
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame EC42 		0
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=364314
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdj57jZO9537%2FqQRiMGXU5XznCNvuUJOh7fmFEpTFwMkChddEW%2FMNGMWS18FglHav10%2FiZsfgTkjkT6iyxmDL6%2FL4PKkqlKxk4b9IKBFRJKIEK%2BhLLBIp6llznERCVMJ6zlktSfJwYLlOMV7MXWLxDiNkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
77fd44f07ea49a1e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FzR4jjXO4_O1B8YAUmsR
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 1570 		0
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=425138
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjGKEbtEgqfEQx9W4%2BbPJ6MNNUe%2BehoJ9M%2FPVzVug54Sz3J5lo%2BpKkP8EykUl5jHFRlymyumv7x85mNsjAwUBzEXewV4gBLxzRnuAXAZe4LwNYG1KbpfTkOcDAmwheRwsxT0kfjAHE3TZVppdHEcR%2BoVvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
77fd44f07ec09a1e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FzR4jjXZe4yhzPoB52-R
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 626B 		0
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=101152
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3P5qyJE5N3%2BvIwPxyTZNRYxHhnsWsV9F5uu69cRCrwRf9Ym1qYV1MD2cSHSEwjop9y%2BVfOG82OsGUizGTI5tAsHzECURdUuJFiPCq4Zcpr%2BQBUqYGPpauR13H11%2BqsjQEPoi%2F7Fl1oOD48AR%2FlXdbDUOg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
77fd44f09ee19a1e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FzR4jjb-qBD01MwAcHSi
google
match.adsrvr.org/track/cmf/ Frame D5E4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKQi_bzj8lmwcRAEMxPvOwk&google_cver=1&google_push=AavPq0OTv12ZrV1dZl_M0TB0UInGESO7kFhfWH56fW72aGSnmpus3Xla_057cCfynHdYs3IETV0VmEV1vSZ1ZKlhmjRo_5uQlA
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D5E4
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEZSJ7d0RIXhtRQuvvx8ZaA&google_cver=1&google_push=AavPq0P8B5MOzgUPfk7JoPYKJGD08VLqTb08AkWd_sq-Jt3OBsxEe4kgpBsIEJtl4Kg9FovhDr6g12rV1bF...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0P8B5MOzgUPfk7JoPYKJGD08VLqTb08AkWd_sq-Jt3OBsxEe4kgpBsIEJtl4Kg9FovhDr6g12rV1bF1gCv9hmx5ZrLQPjo&google_hm=AqYTITy-QuyRyv2ROx1G1Ys
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0P8B5MOzgUPfk7JoPYKJGD08VLqTb08AkWd_sq-Jt3OBsxEe4kgpBsIEJtl4Kg9FovhDr6g12rV1bF1gCv9hmx5ZrLQPjo&google_hm=AqYTITy-QuyRyv2ROx1G1Ys
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0P8B5MOzgUPfk7JoPYKJGD08VLqTb08AkWd_sq-Jt3OBsxEe4kgpBsIEJtl4Kg9FovhDr6g12rV1bF1gCv9hmx5ZrLQPjo&google_hm=AqYTITy-QuyRyv2ROx1G1Ys
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D5E4
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEI4IQXgXMutxdVQQSYC9x-w&google_cver=1&google_push=AavPq0MeB9H6rP1s3f5QOvqLhMgwg5fBuJniWjphuTpm9LMJaUriSSR1NC2hxxp6jdi3g_slE2Wmh9P_w3-eCRZe...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mJrunkyNSFmjL60TO3Vkfg2&google_push=AavPq0MeB9H6rP1s3f5QOvqLhMgwg5fBuJniWjphuTpm9LMJaUriSSR1NC2hxxp6jdi3g_slE2Wmh9P_w3-eCRZeq6BeKeBCllo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mJrunkyNSFmjL60TO3Vkfg2&google_push=AavPq0MeB9H6rP1s3f5QOvqLhMgwg5fBuJniWjphuTpm9LMJaUriSSR1NC2hxxp6jdi3g_slE2Wmh9P_w3-eCRZeq6BeKeBCllo
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mJrunkyNSFmjL60TO3Vkfg2&google_push=AavPq0MeB9H6rP1s3f5QOvqLhMgwg5fBuJniWjphuTpm9LMJaUriSSR1NC2hxxp6jdi3g_slE2Wmh9P_w3-eCRZeq6BeKeBCllo
x-host
tde-deliveryengine-production-769c9db745-7tbbj
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame D5E4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOwMMqYlvshpcE4oqset-M8&google_cver=1&google_push=AavPq0Mu5uONfubiePI_rxEYm7PMWhgzheUPijJ4MVN4Ly2Xh6pBo21RRNLIXbVdUW5dqt1GH62xdAY3cCddiQuLZwgJUlL...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mu5uONfubiePI_rxEYm7PMWhgzheUPijJ4MVN4Ly2Xh6pBo21RRNLIXbVdUW5dqt1GH62xdAY3cCddiQuLZwgJUlLTd8E&google_hm=eS1aVkhhRGlORTJwR1FsazN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mu5uONfubiePI_rxEYm7PMWhgzheUPijJ4MVN4Ly2Xh6pBo21RRNLIXbVdUW5dqt1GH62xdAY3cCddiQuLZwgJUlLTd8E&google_hm=eS1aVkhhRGlORTJwR1FsazN3VV9BLl9uTnp4bkRBTlhWZH5B
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 26 Dec 2022 22:31:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mu5uONfubiePI_rxEYm7PMWhgzheUPijJ4MVN4Ly2Xh6pBo21RRNLIXbVdUW5dqt1GH62xdAY3cCddiQuLZwgJUlLTd8E&google_hm=eS1aVkhhRGlORTJwR1FsazN3VV9BLl9uTnp4bkRBTlhWZH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame D5E4
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESELJEbDYQh4l6YEyXgIKtEDY&google_cver=1&google_push=AavPq0M9akYmqZKDkUHTNgUO4HFnPZJ7XmAZl7KLBeku6ZUOKcVvSirpP83HiF96_h_RLsnfobWYjIiCydKqTaRjcay7mI...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELJEbDYQh4l6YEyXgIKtEDY&google_cver=1&google_push=AavPq0M9akYmqZKDkUHTNgUO4HFnPZJ7XmAZl7KLBeku6ZUOKcVvSirpP83HiF96_h_RLsnfobWYjIiCydKqTaRj...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=tneLQvsgTpeeqoUIL9-47w&google_push=AavPq0M9akYmqZKDkUHTNgUO4HFnPZJ7XmAZl7KLBeku6ZUOKcVvSirpP83HiF96_h_RLsnfobWYjIiCydKqTaR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=tneLQvsgTpeeqoUIL9-47w&google_push=AavPq0M9akYmqZKDkUHTNgUO4HFnPZJ7XmAZl7KLBeku6ZUOKcVvSirpP83HiF96_h_RLsnfobWYjIiCydKqTaRjcay7mIBO5g
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=tneLQvsgTpeeqoUIL9-47w&google_push=AavPq0M9akYmqZKDkUHTNgUO4HFnPZJ7XmAZl7KLBeku6ZUOKcVvSirpP83HiF96_h_RLsnfobWYjIiCydKqTaRjcay7mIBO5g
access-control-allow-origin
*
date
Mon, 26 Dec 2022 22:31:54 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame D5E4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEATWS3BY-r27nyY3hr9z0JQ&google_cver=1&google_push=AavPq0Ntymozg-zwzTh-yosBJLOk8zVB9GZDNgMWnSvD39Be6D09CywVfhnLnoGyLUNBcH_qpfMqD80tKle7EIjusaIvWnvTzHM
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0Ntymozg-zwzTh-yosBJLOk8zVB9GZDNgMWnSvD39Be6D09CywVfhnLnoGyLUNBcH_qpfMqD80tKle7EIjusaIvWnvTzHM...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQzOTUxMTU5NjY2NjM2NTUxODg0MQ%3D%3D&google_push=AavPq0Ntymozg-zwzTh-yosBJLOk8zVB9GZDNgMWnSvD39Be6D09CywV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQzOTUxMTU5NjY2NjM2NTUxODg0MQ%3D%3D&google_push=AavPq0Ntymozg-zwzTh-yosBJLOk8zVB9GZDNgMWnSvD39Be6D09CywVfhnLnoGyLUNBcH_qpfMqD80tKle7EIjusaIvWnvTzHM
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQzOTUxMTU5NjY2NjM2NTUxODg0MQ%3D%3D&google_push=AavPq0Ntymozg-zwzTh-yosBJLOk8zVB9GZDNgMWnSvD39Be6D09CywVfhnLnoGyLUNBcH_qpfMqD80tKle7EIjusaIvWnvTzHM
date
Mon, 26 Dec 2022 22:31:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame D5E4
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEIFi9lx3wy3w9HlcOPpl4lY&google_cver=1&google_push=AavPq0N4cTy9h2-CquhIvYOyywwbCmynbySreAVchsOQF18VZWm0IHqfiXsE7_cvetT9CKzN-rSJTDj93EmxWjmssi0TgPGKpw
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE1MDk1NTEzMTQ5MjM4MzAwMFYxMA%3d%3d&mn_hm=MzE1MDk1NTEzMTQ5MjM4MzAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0N4cTy9h2-CquhIvYOyywwbCmy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE1MDk1NTEzMTQ5MjM4MzAwMFYxMA%3d%3d&mn_hm=MzE1MDk1NTEzMTQ5MjM4MzAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0N4cTy9h2-CquhIvYOyywwbCmynbySreAVchsOQF18VZWm0IHqfiXsE7_cvetT9CKzN-rSJTDj93EmxWjmssi0TgPGKpw&gdpr=&gdpr_consent=
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Dec 2022 22:31:53 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE1MDk1NTEzMTQ5MjM4MzAwMFYxMA%3d%3d&mn_hm=MzE1MDk1NTEzMTQ5MjM4MzAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0N4cTy9h2-CquhIvYOyywwbCmynbySreAVchsOQF18VZWm0IHqfiXsE7_cvetT9CKzN-rSJTDj93EmxWjmssi0TgPGKpw&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 26 Dec 2022 22:31:53 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D5E4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jeu5-PrYSV462n5ZCCNoJfSGrusYYDuL9rZkZupb8msn4H1YXDARer4isjIrsszzr-jDXe
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 2414 		0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=1072672
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAOxTV1DUeKQdotnYPMbt0sRipk9wbIDWtCKVr%2BPGgrmVb4TZv7kIFcimxOkTrwhFwuvPpa5mo%2B6ZFOxbk2SvEwlgQ%2F2C%2Bs3rn2UYnf5CIX1fbahpMWP7zFu2XitG1tjkW3Jr6xdA20L81u%2FQUpOu87ljQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
77fd44f09ef19a1e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FzR4jjdeAhlagwgBneiB
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 089A 		0
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=812826
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BFIvwcDKzLQysfLIRwN1eHiNI6RXeX1ru6%2FyMxDuXAGzjxeG8kfJmq7u8tE13iAjz4oAHq9dKYCEUdUlNUoDZ%2BzhodyPy%2F1E0enJ8L%2BtztCCn1LcAHieRYx6bH%2BaVEwsEt9ViOFvB3lxqeZCK7mcG5Jzg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
77fd44f0af0b9a1e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FzR4jjd7vwm1TfAAE_QS
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 650D 		0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=111632
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzwjqtbKGujM8Ri9CekP4RXn4QSOeMoMikFRy3B0HclfOc1C%2FM%2BryQgCrWN5V6TrxcQKz%2BQD2UsEHokEP9ZN%2F5aRm5nh1tSqmqIiWVNuS%2B81xQam9nWqAffS7OBc4zpewPYn%2B0ini5i5spwXi0Gr1zBDUg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
77fd44f0bf1e9a1e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FzR4jjgyHaan3poBnejx
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame C2EE 		0
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=359712
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIR1F6EYlERZqdQT1KSFG2WeoWDoQ9839kUuNEj6YEgr0HB%2BLScYmriVeoIXgQfLasGNHmgPKGLKq2LjMMsiHIe4CzEtUYVtDs%2FYAwntxfKSGEQeJuQXN7NBkM4xNFdZb%2BRBqtlRVUGNgWsLZQ%2Bn2H%2Bykg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
77fd44f0df399a1e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FzR4jjkmWo_d_RYBqf9h
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame DC76 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.payvibe.com/
Origin
https://travel.payvibe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 00:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Dec 2023 00:11:08 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 276B 		0
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=596723
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6z2K81yUek7exWL2W3z8pA99sN7f0QPOJk3I6JW%2BP6gK9vIxvl61nTsblc5e%2FVLsTHWuc086Pdojcv4pPAh0%2FfWahrtT212fT0%2F2LHrZM81j3bSkg3kwIdc2Ud1b5OWWpUfDsMaL24tp4rgDdaN1t7wy1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
77fd44f0ff719a1e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FzR4jjo_rbZEDsEBqf_B
sid
mug.criteo.com/ Frame E7DC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=staradvertiser.com&sn=ChromeSyncframe&so=0&topUrl=www.staradvertiser.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=hLFQmXxLdFNYOS95TFovd0tXc3YzakVmVk9VdkxENkZ3NSs5NDhjYndpOGRKOW9UVXhjdUtaWVhwMC9nVk5UU00xKzdOa2piZXdLS2JoclVTMmtWaHovcU1yQUp5Y2YzcytVRHRqUG00UHVGRzl2OVVUWU9SbzIxdVBxVm...
465 B
692 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hLFQmXxLdFNYOS95TFovd0tXc3YzakVmVk9VdkxENkZ3NSs5NDhjYndpOGRKOW9UVXhjdUtaWVhwMC9nVk5UU00xKzdOa2piZXdLS2JoclVTMmtWaHovcU1yQUp5Y2YzcytVRHRqUG00UHVGRzl2OVVUWU9SbzIxdVBxVm5LdzE5aWtrcThITXAzMUhORWp4RXR5Vy9FQm13SzRJWTRiWnl1UUk3QWwyQXFGa0pFVE1SUXoxQkNSS1RBeGVNSVd2eGF2MzdCVGpteUlWNVZ4a0ptV0hCb0lYcGFnWFdwVDR3aEhLSVVuNVlwQ2lIakQrbkNMNDFnYnlJRk5vZm1RQW5BU3o5cVpmbXFVcENLbTBibEtDN2ZkWS9nL0V1bWFlR0J0Y3QxMlFXR2hHNEREND18&cppv=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6010d195c2be56ec6de147dea51d81bd60b28f22db9bf29ada3704c8b9cf89f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2584670
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=hLFQmXxLdFNYOS95TFovd0tXc3YzakVmVk9VdkxENkZ3NSs5NDhjYndpOGRKOW9UVXhjdUtaWVhwMC9nVk5UU00xKzdOa2piZXdLS2JoclVTMmtWaHovcU1yQUp5Y2YzcytVRHRqUG00UHVGRzl2OVVUWU9SbzIxdVBxVm5LdzE5aWtrcThITXAzMUhORWp4RXR5Vy9FQm13SzRJWTRiWnl1UUk3QWwyQXFGa0pFVE1SUXoxQkNSS1RBeGVNSVd2eGF2MzdCVGpteUlWNVZ4a0ptV0hCb0lYcGFnWFdwVDR3aEhLSVVuNVlwQ2lIakQrbkNMNDFnYnlJRk5vZm1RQW5BU3o5cVpmbXFVcENLbTBibEtDN2ZkWS9nL0V1bWFlR0J0Y3QxMlFXR2hHNEREND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
380544
content-length
0
expires
0
dpixel
cms.quantserve.com/ Frame 568A 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFnboSvJpdjEIsHM2Rn_Ilo&google_cver=1&google_push=AavPq0O7b3a0MfUKy4aYuwHuDT9O0loBuzfPJKrkGjINkqzPm61nIrRI-n_YKzCeg16Ua56U9_lB_r6GhXKmzGx94OTOoIPCvT2e
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 568A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBFif2H37WZzuKn0i9gfIKs&google_cver=1&google_push=AavPq0N1CnGCdM8fAS2VMAHZGFHqHN79Ls7Q6YyhmJP64dSzRPBLmByZ5FrhJVc54KdXEI9fiRb8JC9ZTq73wTFIMjX0ppQUC78W&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBFif2H37WZzuKn0i9gfIKs&google_cver=1&google_push=AavPq0N1CnGCdM8fAS2VMAHZGFHqHN79Ls7Q6YyhmJP64dSzRPBLmByZ5FrhJVc54KdXEI9fiRb8JC9ZTq73wTFIMjX0ppQUC78...
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBFif2H37WZzuKn0i9gfIKs&google_cver=1&google_push=AavPq0N1CnGCdM8fAS2VMAHZGFHqHN79Ls7Q6YyhmJP64dSzRPBLmByZ5FrhJVc54KdXEI9fiRb8JC9ZTq73wTFIMjX0ppQUC78W&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0N1CnGCdM8fAS2VMAHZGFHqHN79Ls7Q6YyhmJP64dSzRPBLmByZ5FrhJVc54KdXEI9fiRb8JC9ZTq73wTFIMjX0ppQUC78W%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
77fd44f3fd3469a3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
7591
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBFif2H37WZzuKn0i9gfIKs&google_cver=1&google_push=AavPq0N1CnGCdM8fAS2VMAHZGFHqHN79Ls7Q6YyhmJP64dSzRPBLmByZ5FrhJVc54KdXEI9fiRb8JC9ZTq73wTFIMjX0ppQUC78W&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0N1CnGCdM8fAS2VMAHZGFHqHN79Ls7Q6YyhmJP64dSzRPBLmByZ5FrhJVc54KdXEI9fiRb8JC9ZTq73wTFIMjX0ppQUC78W%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
77fd44f1297069a3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 568A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBjsDMpfQjanhpEEvYjYYlA&google_cver=1&google_push=AavPq0Ma0Y7QP5SKu4iGq7Nrb5pyLsDP71ZfwFBkKYMhH47ZFa2yIF1VgzOivJaTYdkO8gvbCEk6wJVETU5WWBTCU77-...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBjsDMpfQjanhpEEvYjYYlA&google_cver=1&google_push=AavPq0Ma0Y7QP5SKu4iGq7Nrb5pyLsDP71ZfwFBkKYMhH47ZFa2yIF1VgzOivJaTYdkO8gvbCEk6wJVETU5WWB...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3f4f1166-d95b-447f-ad5b-aed4fcc62319&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Ma0Y7QP5SKu4iGq7Nrb5pyLsDP71ZfwFBkKYMhH47ZFa2yIF1VgzOivJaTYdkO8gvbCEk6wJVETU5WWBTCU77-BAvMXl1P0w&google_hm=ll2HefCdS9yWV7lx_h3JDg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Ma0Y7QP5SKu4iGq7Nrb5pyLsDP71ZfwFBkKYMhH47ZFa2yIF1VgzOivJaTYdkO8gvbCEk6wJVETU5WWBTCU77-BAvMXl1P0w&google_hm=ll2HefCdS9yWV7lx_h3JDg==
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Ma0Y7QP5SKu4iGq7Nrb5pyLsDP71ZfwFBkKYMhH47ZFa2yIF1VgzOivJaTYdkO8gvbCEk6wJVETU5WWBTCU77-BAvMXl1P0w&google_hm=ll2HefCdS9yWV7lx_h3JDg==
date
Mon, 26 Dec 2022 22:31:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 568A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGAMev9kCYErIRr_1Rx1Atc&google_cver=1&google_push=AavPq0Mq1ed_3-509wzHHRZ4dpAdPULTZuBq6QZMeseL5eGAxYTf10_20ZbZZsUSpp49XUob45Tc7J0X0FsfrOgK-8QUgGx...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mq1ed_3-509wzHHRZ4dpAdPULTZuBq6QZMeseL5eGAxYTf10_20ZbZZsUSpp49XUob45Tc7J0X0FsfrOgK-8QUgGxgLpNp&google_hm=eS1neDJkbnVsRTJwSHlYQ2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mq1ed_3-509wzHHRZ4dpAdPULTZuBq6QZMeseL5eGAxYTf10_20ZbZZsUSpp49XUob45Tc7J0X0FsfrOgK-8QUgGxgLpNp&google_hm=eS1neDJkbnVsRTJwSHlYQ25FWEVra2R3bHZVTDQxVFlGTX5B
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 26 Dec 2022 22:31:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mq1ed_3-509wzHHRZ4dpAdPULTZuBq6QZMeseL5eGAxYTf10_20ZbZZsUSpp49XUob45Tc7J0X0FsfrOgK-8QUgGxgLpNp&google_hm=eS1neDJkbnVsRTJwSHlYQ25FWEVra2R3bHZVTDQxVFlGTX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 568A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uBqWYhNtQvm79Y71mFulEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uBqWYhNtQvm79Y71mFulEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NGRqtPPLAG75eTFrTsHRQft00R4el21GUjFB_7RMU0polLXCxMw8BLOpwVi8TCuT07V8DMGcTR3LQcCZhvaWoX_JqzVbhP
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uBqWYhNtQvm79Y71mFulEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NGRqtPPLAG75eTFrTsHRQft00R4el21GUjFB_7RMU0polLXCxMw8BLOpwVi8TCuT07V8DMGcTR3LQcCZhvaWoX_JqzVbhP
date
Mon, 26 Dec 2022 22:31:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 568A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDTD2kMs3ymvPuuRUEhGp7s&google_cver=1&google_push=AavPq0NU4w3KGdJIK__BvmkfwkFQfdQtzRb6DctQV8RpfhmR8r_pD358TDqzdG8R3e6L-O3TMmNHiRD2jkXp769Nu4psDFizqc...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQzOTUxMTU5NjY2NjM2NTUxODg0MQ%3D%3D&google_push=AavPq0NU4w3KGdJIK__BvmkfwkFQfdQtzRb6DctQV8RpfhmR8r_pD358...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQzOTUxMTU5NjY2NjM2NTUxODg0MQ%3D%3D&google_push=AavPq0NU4w3KGdJIK__BvmkfwkFQfdQtzRb6DctQV8RpfhmR8r_pD358TDqzdG8R3e6L-O3TMmNHiRD2jkXp769Nu4psDFizqc2LeQ
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQzOTUxMTU5NjY2NjM2NTUxODg0MQ%3D%3D&google_push=AavPq0NU4w3KGdJIK__BvmkfwkFQfdQtzRb6DctQV8RpfhmR8r_pD358TDqzdG8R3e6L-O3TMmNHiRD2jkXp769Nu4psDFizqc2LeQ
date
Mon, 26 Dec 2022 22:31:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 568A
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDzy-Y4iS...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDz...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=965d8779-f09d-4bdc-9657-b971fe1dc90e&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=965d8779-f09d-4bdc-9657-b971fe1dc90e&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=965d8779-f09d-4bdc-9657-b971fe1dc90e&%%GOOGLE_PUSH_PAIR%%
date
Mon, 26 Dec 2022 22:31:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 568A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LIxfASysxfuBg_tBBhW_sDIIXQkbK0WViyZ5GSdi6RBgFjnEdqvMoEhTExPR5CN0bw7uguZQ
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4FA6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGd_58VdnWdLs2QytZHFq_E&google_cver=1&google_push=AavPq0PWycTXJQI50JD0R9OvYZ6BypPGMtv5O0o2KqIp_PLVYQ7jz8QQQfzDYq6OvuuALNZODsv_r9fZZcvrJvkiPQlPs72AkkDn
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk5ODM4NzIyNTgyNTQ3NTAyNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP0wYUzuLXqtwG5yB99PTmc&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP0wYUzuLXqtwG5yB99PTmc&google_cver=1
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP0wYUzuLXqtwG5yB99PTmc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 4FA6 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIjAn8-vGyygiJC7BIZpsV4&google_cver=1&google_push=AavPq0PLIoI1k4UC-uCU3GCwnvh4XArHMynrIv3ZLDH4kb59su4fhUl0trahRJFOwyPtCn9cFklidkmCjZuYbaeksqHI91HNR-M
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 4FA6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOO82RvPKO3onfHIj8zT5kM&google_cver=1&google_push=AavPq0OsDw_zf-Giq9DA2xPeARTGfTSysaFD0vnnZiH2D8_qJZZKRe04lmwWxLGoFljyVSoalm2MNoL_SXPdVPvcp0_UNjixyHA&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOO82RvPKO3onfHIj8zT5kM&google_cver=1&google_push=AavPq0OsDw_zf-Giq9DA2xPeARTGfTSysaFD0vnnZiH2D8_qJZZKRe04lmwWxLGoFljyVSoalm2MNoL_SXPdVPvcp0_UNjixyHA...
43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOO82RvPKO3onfHIj8zT5kM&google_cver=1&google_push=AavPq0OsDw_zf-Giq9DA2xPeARTGfTSysaFD0vnnZiH2D8_qJZZKRe04lmwWxLGoFljyVSoalm2MNoL_SXPdVPvcp0_UNjixyHA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OsDw_zf-Giq9DA2xPeARTGfTSysaFD0vnnZiH2D8_qJZZKRe04lmwWxLGoFljyVSoalm2MNoL_SXPdVPvcp0_UNjixyHA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
77fd44f3fd3869a3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
6895
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOO82RvPKO3onfHIj8zT5kM&google_cver=1&google_push=AavPq0OsDw_zf-Giq9DA2xPeARTGfTSysaFD0vnnZiH2D8_qJZZKRe04lmwWxLGoFljyVSoalm2MNoL_SXPdVPvcp0_UNjixyHA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OsDw_zf-Giq9DA2xPeARTGfTSysaFD0vnnZiH2D8_qJZZKRe04lmwWxLGoFljyVSoalm2MNoL_SXPdVPvcp0_UNjixyHA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
77fd44f1297269a3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4FA6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAK6Qz4yG2XSdxBldsR_yJw&google_cver=1&google_push=AavPq0OzGtxrQdEn6SABivratXpW35ip2IT1rMZa_gbWnnBMhnmGyXvq9hV-LQO7SBQTD1z7S9twar-IKI_KpIHe8HOQuoN...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OzGtxrQdEn6SABivratXpW35ip2IT1rMZa_gbWnnBMhnmGyXvq9hV-LQO7SBQTD1z7S9twar-IKI_KpIHe8HOQuoN7U5s&google_hm=eS1EY21BMEhaRTJwRU5Ibnl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OzGtxrQdEn6SABivratXpW35ip2IT1rMZa_gbWnnBMhnmGyXvq9hV-LQO7SBQTD1z7S9twar-IKI_KpIHe8HOQuoN7U5s&google_hm=eS1EY21BMEhaRTJwRU5IbnlLYVFGR1hzWWpVaWY3T0JHM35B
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 26 Dec 2022 22:31:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OzGtxrQdEn6SABivratXpW35ip2IT1rMZa_gbWnnBMhnmGyXvq9hV-LQO7SBQTD1z7S9twar-IKI_KpIHe8HOQuoN7U5s&google_hm=eS1EY21BMEhaRTJwRU5IbnlLYVFGR1hzWWpVaWY3T0JHM35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4FA6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBuBK6Kkwug7TgWhFOsXu2s&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBuBK6Kkwug7TgWhFOsXu2s&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBuBK6Kkwug7TgWhFOsXu2s&google_hm=Y6og2dMbjP7YRJJHFJMmiQAABGAAAAAB&google_nid=index&google_push=AavPq0NreOGvf31dkQdKnjvX_QcgEy3z_Enso...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBuBK6Kkwug7TgWhFOsXu2s&google_hm=Y6og2dMbjP7YRJJHFJMmiQAABGAAAAAB&google_nid=index&google_push=AavPq0NreOGvf31dkQdKnjvX_QcgEy3z_EnsoSa-b-eRvz0AlICxdDBy0I5g16XVLKk9S4Olc7AmnTyYiNmDLQ4oSjWGzWe-4V6p
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4h7XP6jFQCo6aZn4h%2FAHs7ayYLP8osWywN8IrIQqoiXXevWuNm37RFTpj9Rt2CpGZu6Mq5JC%2Fx%2FE2whLeYCY2YLfNBUeu%2FOafDPQJOzVrWHNNhL4af%2F063APbbsP3PEGhnO1Kiu74r%2Bcag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBuBK6Kkwug7TgWhFOsXu2s&google_hm=Y6og2dMbjP7YRJJHFJMmiQAABGAAAAAB&google_nid=index&google_push=AavPq0NreOGvf31dkQdKnjvX_QcgEy3z_EnsoSa-b-eRvz0AlICxdDBy0I5g16XVLKk9S4Olc7AmnTyYiNmDLQ4oSjWGzWe-4V6p
cache-control
no-cache
cf-ray
77fd44f34c629191-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 4FA6
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPXV_iOZVEDX-bIcvgevZ9s&google_cver=1&google_push=AavPq0OWWAtyTvaioEIbpBT2npJHsLWX874iXECneUQHTtqp4ZdykgtERhdl0RT74MePE5TCzPC12QvegXMXdqoS...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OWWAtyTvaioEIbpBT2npJHsLWX874iXECneUQHTtqp4ZdykgtERhdl0RT74MePE5TCzPC12QvegXMXdqoSZ_oEGDX09sgC
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OWWAtyTvaioEIbpBT2npJHsLWX874iXECneUQHTtqp4ZdykgtERhdl0RT74MePE5TCzPC12QvegXMXdqoSZ_oEGDX09sgC
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 26 Dec 2022 22:31:53 GMT
via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OWWAtyTvaioEIbpBT2npJHsLWX874iXECneUQHTtqp4ZdykgtERhdl0RT74MePE5TCzPC12QvegXMXdqoSZ_oEGDX09sgC
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
sUoxJF47fO0lVgvQjDUeIywV_5sPw8yKUqWxBd64QXrE4AIIY3S5iw==
pixel
cm.g.doubleclick.net/ Frame 4FA6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0Mrf2gKjTSms2DjNDRVOboWfQZ-3nnNtNbUU0ShptrBw1vvw2mG4y2VvZmiiZa0igdpwtkhjmQ3GizMvK11BRlCTdAfXCVu&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-09a896e0-5dc5-4eee-ad9f-dd4b5a1e0083-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0Mrf2gKjTSms2DjNDRVO...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0Mrf2gKjTSms2DjNDRVOboWfQZ-3nnNtNbUU0ShptrBw1vvw2mG4y2VvZmiiZa0igdpwtkhjmQ3GizMvK11BRlCTdAfXCVu&google_hm=AwmoluBdxU7urZ_dS1oeAIM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0Mrf2gKjTSms2DjNDRVOboWfQZ-3nnNtNbUU0ShptrBw1vvw2mG4y2VvZmiiZa0igdpwtkhjmQ3GizMvK11BRlCTdAfXCVu&google_hm=AwmoluBdxU7urZ_dS1oeAIM
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0Mrf2gKjTSms2DjNDRVOboWfQZ-3nnNtNbUU0ShptrBw1vvw2mG4y2VvZmiiZa0igdpwtkhjmQ3GizMvK11BRlCTdAfXCVu&google_hm=AwmoluBdxU7urZ_dS1oeAIM
date
Mon, 26 Dec 2022 22:31:54 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX09a896e05dc54eeead9fdd4b5a1e0083003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 4FA6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K7ggbUl9TeQKxheZ5ofL-GweTLrRW4mOiSahv6-fxrm-MSAcH9M_Z7GCayd_QPO_3AuHQf
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
spa-detector.20221226-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20221226-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e8fd3240a20a8577e0f4a0ce36708c6be9e70797164bb1694d0622ba475a75f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
RehS4AvAcOYEi3q5uAXNCtd.Wt20frAE
content-encoding
gzip
via
1.1 varnish
date
Mon, 26 Dec 2022 22:31:53 GMT
x-amz-request-id
5RXNA6JPSYJEWM9Y
age
31091
x-cache
HIT
x-amz-replication-status
PENDING
content-length
809
x-amz-id-2
CumoTfFQtlb2mTPCMfdW6VQ/qRurCyqRV5q98pJt8WITUg0zFSfMXD8Vebd+9DQhS8CQBPy4SgI=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Mon, 26 Dec 2022 13:51:47 GMT
server
AmazonS3
x-timer
S1672093914.854847,VS0,VE0
etag
"880b8f28ac876b9d7a39b63be7d8ddf7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
cache-control
private,max-age=86400
accept-ranges
bytes
x-cache-hits
39237
supply-feature
am-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/oahu-staradvertiser/log/3/supply-feature?route=AM:AM:V&tvi2=4948&lti=deflated&ri=e56bdf9eb4dc7fc5099c4782bb9b8163&sd=v2_0bc2b9393a1c7c9f928e0c49a24b620d_1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657_1672093911_1672093911_CNawjgYQrK1FGN2QwYTVMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGjvhs2V9cu1kixwAA&ui=1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657&pi=/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve&wi=8731165441885606960&pt=text&vi=1672093911133&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A31%3A53.828&id=381&llvl=2&cv=20221226-6-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/oahu-staradvertiser/log/3/abtests?route=AM:AM:V&tvi2=4948&lti=deflated&ri=e56bdf9eb4dc7fc5099c4782bb9b8163&sd=v2_0bc2b9393a1c7c9f928e0c49a24b620d_1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657_1672093911_1672093911_CNawjgYQrK1FGN2QwYTVMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGjvhs2V9cu1kixwAA&ui=1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657&pi=/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve&wi=8731165441885606960&pt=text&vi=1672093911133&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1672093913841%7D&tim=22%3A31%3A53.842&id=3443&llvl=2&cv=20221226-6-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/oahu-staradvertiser/log/3/supply-feature?route=AM:AM:V&tvi2=4948&lti=deflated&ri=e56bdf9eb4dc7fc5099c4782bb9b8163&sd=v2_0bc2b9393a1c7c9f928e0c49a24b620d_1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657_1672093911_1672093911_CNawjgYQrK1FGN2QwYTVMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGjvhs2V9cu1kixwAA&ui=1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657&pi=/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve&wi=8731165441885606960&pt=text&vi=1672093911133&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A31%3A53.844&id=1210&llvl=2&cv=20221226-6-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/oahu-staradvertiser/log/3/abtests?route=AM:AM:V&tvi2=4948&lti=deflated&ri=e56bdf9eb4dc7fc5099c4782bb9b8163&sd=v2_0bc2b9393a1c7c9f928e0c49a24b620d_1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657_1672093911_1672093911_CNawjgYQrK1FGN2QwYTVMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGjvhs2V9cu1kixwAA&ui=1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657&pi=/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve&wi=8731165441885606960&pt=text&vi=1672093911133&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1672093913851%7D&tim=22%3A31%3A53.851&id=5702&llvl=2&cv=20221226-6-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
a37e3fbc-d319-406d-b234-80ba6d23465d
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/ Frame EC42 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/a37e3fbc-d319-406d-b234-80ba6d23465d
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
truncated
/ Frame 1570 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85c111a71c9c318e5a9fe4ec6b04e4beb719139f3ecc3a9eca0b2dd172af2172

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1570 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwXHbP3hM-UTaB5QuokqCgQzBBYm6kMEdzfUoFvisgSG-Fqe8zFBVxQ0H-eFTR2uIPK8OoNlrZBCp3HpMo8Ynyo9puIB1Xvb6UPw_7tGVFufwc48gwoIRd7WmKij5KxPCKSgszwC6_Imxnd8t8yoclwaA3WKI_iBZr8USZ8agGwi6GwEhsGIFN2roptMlYOE0CkrBE18FebRL83gkGBAZ6DhIukMdK3OwujT7rJSf5IfDGqgN-cIRD-UY9lb1uUP6rLsARglrPrdCplbY1Lqq3dp8J8mgzxuSYGgPnKNrlA60TPRo2RwMwE_ZMITPAmUVEWwEFZCYIXTyI&sai=AMfl-YTfq0hK2BYlvKn71sndvtCDm2nggLcd_DJTAgS2szj3BC_V90zmC1ijPYotE2gBqRdAXXhOcSOTVe0pYR9ruqLmn3pBpBE_3w-oQlEKRX6COUzDNFZsQtbq5ehTwsay_g&sig=Cg0ArKJSzKhNotd5gbu_EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 26 Dec 2022 22:31:53 GMT
0d7cae8f-3550-4743-948b-d7b23d61fcbb
https://www.staradvertiser.com/ Frame 1570 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/0d7cae8f-3550-4743-948b-d7b23d61fcbb
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
truncated
/ Frame 2414 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6d59a59fc70c79f04f1af1b984fb901403d95708a01a9adfd06381e5e7a0e81

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 089A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
205c300f338f696a4bd615e498621a27b3317a3e083fb4470ad5f3bbeb2b07e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 089A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstko0v_TtG2_0NsmJpoXkG-u5QalfYz6gsxqWECNbFVvyh0-M0HnXgn6AB09_vkHwT7ht25BPC1Jx1jJHfo7v9jAtHr_Y75ZJbNywPuTBuLMNJ7BfVSm_A2AKnTWXND4ubwpejDrI-iB3T7UbCVCyvHerTXzVtpZQvkaXUnVLarGR5BN_ahmu1ihuMtlIyr8fFcvkniRIGLB77xNAzBwbhsLy4nLDu8SeCiYXeEYd73BrbEynKC2BFdqUsIU4ih4jQYUoVT75VEhFqTyDKMsRcRLIqEGvfwC44kAZIwhYwsVEGaKoRQdwsiYltg6WZ6thOkgPPtIwwiVoGllg&sai=AMfl-YRbruxDUfYPqUPNpjAwB2cWoYTVIQaHfU9D2weULU1aGfWU6bqtoYGHDIanU4m4gWgqpLnXMcBB4X9uDr10ske9J-Sn3kMns302cIWwLR4Lz4tg3QY-erLvkwV8DK1zNQ&sig=Cg0ArKJSzFhVYyJia8bAEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 26 Dec 2022 22:31:53 GMT
truncated
/ Frame 626B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8c15cdf043eac3b70dbdef88371f5f3733180ae9b01bf8cecb20a6749541d7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
6ba676ef-b7a6-4a56-8748-3d7e00b81571
https://www.staradvertiser.com/ Frame 626B 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/6ba676ef-b7a6-4a56-8748-3d7e00b81571
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
bb5a5655-673b-49e7-bff2-07889bae2662
https://www.staradvertiser.com/ Frame 2414 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/bb5a5655-673b-49e7-bff2-07889bae2662
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
truncated
/ Frame 650D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bbff9fb9f1b02576b3f13f7fdf3c9f947328556a16522df88f7610ff1a39d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 650D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu80De6l9wXo3wPOaaAHu4U-0hnu1WwLMNHlRYbN-rwJwFeRXzBxBNPTr0GXDC6tg3A5vw3uTTiUsx46GHbZfXOm5dqZHbkJ_Yli59jmBZMqnqqJgUPku0DaUvqpj1f8jtoSlGuj9AwewWZbko9A_s85fCQlSylSWc9wo-QxSHVesfW7tCOa0aW82FgJCXp_TnWPtW_Bc8dy1eVUcb4Pr5F1msV_b_hZtmsELsub_BuN8OIKOpYyFEBszsAdVxBfUsmLI6quHhhDC_O4fUUBvLsjFaT0Xui-d1p5B3Vp8DILA21108sWR4VpvQCGuXy6SXEdT1ZjUhaQVGIWnK_MQ&sai=AMfl-YTTGhFOIymGVqaSDyghP8VXZDneMEsymzC0U4zXm4PmKMScqXL5KnwJtS1L1SE9YTiVA6XwLWqCTBZtdft5zZQ0hLm60QWJjMnPPZTSlXB-seobbBPmAQi7_iQmIEtPQg&sig=Cg0ArKJSzD1h4jUnkUH9EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 26 Dec 2022 22:31:54 GMT
17e77443-8494-4cff-ae8f-406947852c0e
https://www.staradvertiser.com/ Frame 089A 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/17e77443-8494-4cff-ae8f-406947852c0e
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
34978d45-2f18-4075-b142-611e86852ad2
https://www.staradvertiser.com/ Frame 650D 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/34978d45-2f18-4075-b142-611e86852ad2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
2424b899-f318-45bd-bb77-dc6b031e4ae7
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/ Frame C2EE 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/2424b899-f318-45bd-bb77-dc6b031e4ae7
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
properties
api.payvibe.com/v1/design/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.payvibe.com/v1/design/properties
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.107.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-107-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,authorization,content-type,secretkey
Access-Control-Request-Method
POST
Origin
https://travel.payvibe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
ACCESS-CONTROL-ALLOW-ORIGIN,AUTHORIZATION,CONTENT-TYPE,SECRETKEY
access-control-allow-methods
POST
access-control-allow-origin
*
cache-control
no-cache, private
date
Mon, 26 Dec 2022 22:31:54 GMT
server
Apache
x-frame-options
sameorigin
hotdealshawaii
api.payvibe.com/v1/widget/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.payvibe.com/v1/widget/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.107.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-107-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,authorization,content-type,secretkey
Access-Control-Request-Method
GET
Origin
https://travel.payvibe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
ACCESS-CONTROL-ALLOW-ORIGIN,AUTHORIZATION,CONTENT-TYPE,SECRETKEY
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, private
date
Mon, 26 Dec 2022 22:31:54 GMT
server
Apache
x-frame-options
sameorigin
properties
api.payvibe.com/v1/design/ Frame DC76 		790 B
1002 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.payvibe.com/v1/design/properties
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/public/assets/app.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.107.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-107-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6934a4a5d8a7b71bb8c641bbf177884f4eca236d1420a095bf84fac479f95ba9
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Access-Control-Allow-Origin
*
secretkey
Referer
https://travel.payvibe.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
server
Apache
x-frame-options
sameorigin
vary
Authorization,Origin
content-type
application/json
x-ratelimit-remaining
1959
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
2000
content-length
790
hotdealshawaii
api.payvibe.com/v1/widget/ Frame DC76 		7 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.payvibe.com/v1/widget/hotdealshawaii
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/public/assets/app.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.107.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-107-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d7aa97a4e9822fa279df9f9b8fe7f35f1c98abc955214e6a17d08945c69ffda1
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Access-Control-Allow-Origin
*
secretkey
Referer
https://travel.payvibe.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
server
Apache
x-frame-options
sameorigin
vary
Authorization,Origin
content-type
application/json
x-ratelimit-remaining
1971
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
2000
content-length
6949
0261d544-394f-4b99-99be-302bb5060264
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/ Frame 276B 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/0261d544-394f-4b99-99be-302bb5060264
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
truncated
/ Frame EC42 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1140de93c03b2ab03d401f554748a904c640cabc839093fb36d2366d4d9fd761

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
d54ff8c4-cdc9-4e82-9572-a432b1be6c61.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ Frame 2414 		219 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/d54ff8c4-cdc9-4e82-9572-a432b1be6c61.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:8400:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0349010b37babceba329d08b05e6a58da4e22f1ff092ddfbadcc0d3549e0d79a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
RyaPrzLQ4oFlmsVcThdHQoLFDXhMlOpv
content-encoding
br
via
1.1 9a736972b021a4b2382c29923f73ce8a.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 22:31:29 GMT
last-modified
Wed, 21 Dec 2022 22:16:16 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
age
26
etag
W/"fc41695d4bab0465a1cc5b1a35cc96fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
NslfQ_pqcS_UdcOLZL_T93yahUtTRtH3F-AzR_SD77Pr-mW517qhng==
index.html
auth.instiengage.com/auth/ Frame F95D 		75 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:4200:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
125
cache-control
max-age=300
content-length
75
content-type
text/html
date
Mon, 26 Dec 2022 22:29:49 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Thu, 15 Dec 2022 19:04:38 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
x-amz-cf-id
1kRYvzCBjw3RPf3qqmkT7BQ07eYAwt7EEsty_-DoDwgg_sgBmxjL7Q==
x-amz-cf-pop
VIE50-C1
x-amz-version-id
0B8BOtRm3TjXkbLwwelDKjJGGmWGWjpp
x-cache
Hit from cloudfront
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5978 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28990410
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzjD0ddZJUTVoet2vKcR99vI8kLSzmvEXFmj0Gf2xRRbcCc04YY9zOvHILdK56X0PUR5h0UM2x0GIBwCPqLQmTe5b7OkoHOmCXG%2FLbbF2tM04iZXSvwl4s9FJExSmG0bs3JcGQB8XCcEDilphLrY5fg7"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
77fd44f43c0f9244-FRA
expires
Wed, 25 Jan 2023 09:38:24 GMT
truncated
/ Frame C2EE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63dc4843cd3af1cd69c36cdfe54ccfb710385410f21c0523786b7d93c59b749c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 276B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b9f1403a1ded764d476779e99e24e54f3bf38648223ff42f42cb505857b0de4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0B23 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28998196
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qi0I7E0HXupAWe4yR%2B%2BsKxTyDraN4FyRh8KgEsK6YpAHKucoqXNMak88oESMSecgSxZSNbeVbvaAElbm%2BU6HCbd3bCSw%2Fo1spb0AynAdyEOkCDsSmA8zDSHfkcnRlDGEwxMvxd7bTrtrymQaMPrYpHuw"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
77fd44f46d93694f-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame FFA1 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28998196
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFTMnrRUwq3JT%2BSie4Zn54bUhOor%2BVR9vnmWzKECWEj%2BB5PvtqHfPeStpP5%2BuymYGLrSRut%2BbW0u73HdhdipDHUkyqJHjLM0eiAmg5VEV6ppDXZQm8GG6mG49zLrABlkerrfpLB6w30mS4ngASxrpC61"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
77fd44f46d90694f-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
st
imprammp.taboola.com/ Frame 4D62 		742 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7kR8CFgNvKRxQw7KuiQRvKRxQw7KuiQUAAAAGBvQHJOUwDjeeycitWMyMa9FitnFLnDOHWzkyziwzi2G5cTiMQFIO43DjmYzcisXMuBYtZhu3xDlzuJUj48wysxiWG4fDCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b6tB0Onyue73u97trTg_Lw2R7WU5Pz8ty1_jdfslgMtkrJnvJai-xvBxep93nlrt8n7_a6bM87KbPW2T5Gw4vk1vucljessNb6LBcnp630O92ufV2t8zy9DlNbo3R8vSc3g7PW2V7-eUAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxcFwrrv1ZTc6XJ-X3R8AAAAAIAAAAAAkAAP7jSUAF6-JJ___________MQP0mTcy_____zcGPQAPPgAPQgAAAB9DdygvTK2_a1ZEBX9FjAAAAABkRaMXjyZ1QmVR9f__328FcAUAEFAIBYmUnaU7KPEWBgAAUDC2QA-L32922DV-t8v-_________83-z_7RhIjMzNKCWAAA1H4BAQDWfgEBANjUDQDgTQAu6AhaMRisTiEWs8FyM1kOlrMDAAAAuPv____XA4GJxzJxbpabhWPj2zhnzslwZdiYlgvLaGKbDEbe4wVp3blzci7uCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwHOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIExPbbLdajtzKiWnhFm1ctrVw5jCtZSaPZbgyeVzOmcUten1MD4dnYVvttigYoLYXydMinegmi8Fy4dssJ77ZbjhbGWcu52AxnBh2q5lhY3FNxBLNySKdyC77wsRjmTg3y83CsfFtnDPnZLgybEzLhWU0sU0GI39jYpvtVsuRWzkxLdyijcu2Fs4cprXM5LEMVyaPyzmzuEWvj-nh8Cxsq92-MdtNBsvNcrHYN2a7yWC5WS4W-w6d4bv6nI3KlzHj0SmL3rNUa3MYFC6DxfuTmBbT7uzg-f2OTpv6pSzqjMLL9-g1KDwHj2o7ei6z5sb12DqNvweDIpYILtKJ3mF0vTWnh-Vhsr0sp6fnZbmIJUrTRTrRSwaTyV4x2UtWe4nl5fA67T633OX7_NVOn-VhN33eIsvfcHiZ3HKXw_KWHd5Ch-Xy9LyFfrfLrbe7ZZanz2lya4yWp-f0dnjeKtvLIpYIThfpRPQyni7qPz7EbjhXzCZzyWA5V2yWqwQAAAAAAAAAsIQ58yYAAAAAp4HMFoPBap0HsVpNJrPVcgEirFh1gUEAAAAAAAB281aoal2FKWCKGz-eeIfR9dacHpaHyfaynJ6el-XKABFWqsybPxPEWq2WNQAAgAA2AABAALdu3gLCrPj_____OAAAABk5egAAAPp9oCgQAAAAAAB-glwsVgM!&cmcv=&pix=undefined&cb=1672093914316&uv=3246&tms=1672093914316&abt=esv_vC!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=ea88c32d-11f8-416c-b9fa-9d8f2fb09caa&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 26 Dec 2022 22:31:54 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230023-FRA
x-timer
S1672093914.319878,VS0,VE11
sync
am-match.taboola.com/ Frame 209B 		742 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7kR8CFgNvKRxQw7KuiQRvKRxQw7KuiQUAAAAGBvQHJOUwDjeeycitWMyMa9FitnFLnDOHWzkyziwzi2G5cTiMQFIO43DjmYzcisXMuBYtZhu3xDlzuJUj48wysxiWG4fDCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b6tB0Onyue73u97trTg_Lw2R7WU5Pz8ty1_jdfslgMtkrJnvJai-xvBxep93nlrt8n7_a6bM87KbPW2T5Gw4vk1vucljessNb6LBcnp630O92ufV2t8zy9DlNbo3R8vSc3g7PW2V7-eUAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxcFwrrv1ZTc6XJ-X3R8AAAAAIAAAAAAkAAP7jSUAF6-JJ___________MQP0mTcy_____zcGPQAPPgAPQgAAAB9DdygvTK2_a1ZEBX9FjAAAAABkRaMXjyZ1QmVR9f__328FcAUAEFAIBYmUnaU7KPEWBgAAUDC2QA-L32922DV-t8v-_________83-z_7RhIjMzNKCWAAA1H4BAQDWfgEBANjUDQDgTQAu6AhaMRisTiEWs8FyM1kOlrMDAAAAuPv____XA4GJxzJxbpabhWPj2zhnzslwZdiYlgvLaGKbDEbe4wVp3blzci7uCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwHOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIExPbbLdajtzKiWnhFm1ctrVw5jCtZSaPZbgyeVzOmcUten1MD4dnYVvttigYoLYXydMinegmi8Fy4dssJ77ZbjhbGWcu52AxnBh2q5lhY3FNxBLNySKdyC77wsRjmTg3y83CsfFtnDPnZLgybEzLhWU0sU0GI39jYpvtVsuRWzkxLdyijcu2Fs4cprXM5LEMVyaPyzmzuEWvj-nh8Cxsq92-MdtNBsvNcrHYN2a7yWC5WS4W-w6d4bv6nI3KlzHj0SmL3rNUa3MYFC6DxfuTmBbT7uzg-f2OTpv6pSzqjMLL9-g1KDwHj2o7ei6z5sb12DqNvweDIpYILtKJ3mF0vTWnh-Vhsr0sp6fnZbmIJUrTRTrRSwaTyV4x2UtWe4nl5fA67T633OX7_NVOn-VhN33eIsvfcHiZ3HKXw_KWHd5Ch-Xy9LyFfrfLrbe7ZZanz2lya4yWp-f0dnjeKtvLIpYIThfpRPQyni7qPz7EbjhXzCZzyWA5V2yWqwQAAAAAAAAAsIQ58yYAAAAAp4HMFoPBap0HsVpNJrPVcgEirFh1gUEAAAAAAAB281aoal2FKWCKGz-eeIfR9dacHpaHyfaynJ6el-XKABFWqsybPxPEWq2WNQAAgAA2AABAALdu3gLCrPj_____OAAAABk5egAAAPp9oCgQAAAAAAB-glwsVgM!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 26 Dec 2022 22:31:54 GMT
machineid
3406
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7kR8CFgNvKRxQw7KuiQRvKRxQw7KuiQUAAAAGBvQHJOUwDjeeycitWMyMa9FitnFLnDOHWzkyziwzi2G5cTiMQFIO43DjmYzcisXMuBYtZhu3xDlzuJUj48wysxiWG4fDCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b6tB0Onyue73u97trTg_Lw2R7WU5Pz8ty1_jdfslgMtkrJnvJai-xvBxep93nlrt8n7_a6bM87KbPW2T5Gw4vk1vucljessNb6LBcnp630O92ufV2t8zy9DlNbo3R8vSc3g7PW2V7-eUAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxcFwrrv1ZTc6XJ-X3R8AAAAAIAAAAAAkAAP7jSUAF6-JJ___________MQP0mTcy_____zcGPQAPPgAPQgAAAB9DdygvTK2_a1ZEBX9FjAAAAABkRaMXjyZ1QmVR9f__328FcAUAEFAIBYmUnaU7KPEWBgAAUDC2QA-L32922DV-t8v-_________83-z_7RhIjMzNKCWAAA1H4BAQDWfgEBANjUDQDgTQAu6AhaMRisTiEWs8FyM1kOlrMDAAAAuPv____XA4GJxzJxbpabhWPj2zhnzslwZdiYlgvLaGKbDEbe4wVp3blzci7uCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwHOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIExPbbLdajtzKiWnhFm1ctrVw5jCtZSaPZbgyeVzOmcUten1MD4dnYVvttigYoLYXydMinegmi8Fy4dssJ77ZbjhbGWcu52AxnBh2q5lhY3FNxBLNySKdyC77wsRjmTg3y83CsfFtnDPnZLgybEzLhWU0sU0GI39jYpvtVsuRWzkxLdyijcu2Fs4cprXM5LEMVyaPyzmzuEWvj-nh8Cxsq92-MdtNBsvNcrHYN2a7yWC5WS4W-w6d4bv6nI3KlzHj0SmL3rNUa3MYFC6DxfuTmBbT7uzg-f2OTpv6pSzqjMLL9-g1KDwHj2o7ei6z5sb12DqNvweDIpYILtKJ3mF0vTWnh-Vhsr0sp6fnZbmIJUrTRTrRSwaTyV4x2UtWe4nl5fA67T633OX7_NVOn-VhN33eIsvfcHiZ3HKXw_KWHd5Ch-Xy9LyFfrfLrbe7ZZanz2lya4yWp-f0dnjeKtvLIpYIThfpRPQyni7qPz7EbjhXzCZzyWA5V2yWqwQAAAAAAAAAsIQ58yYAAAAAp4HMFoPBap0HsVpNJrPVcgEirFh1gUEAAAAAAAB281aoal2FKWCKGz-eeIfR9dacHpaHyfaynJ6el-XKABFWqsybPxPEWq2WNQAAgAA2AABAALdu3gLCrPj_____OAAAABk5egAAAPp9oCgQAAAAAAB-glwsVgM!&cmcv=&pix=31589837&cb=1672093914315&uv=3246&tms=1672093914315&abt=esv_vC!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1672093908666.9!ts:1672093914315&mntl=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-length
0
server
nginx
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:54 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:54 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:54 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Mon, 26 Dec 2022 22:31:54 GMT
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Mon, 26 Dec 2022 22:31:54 GMT
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Mon, 26 Dec 2022 22:31:54 GMT
vary
Origin
authIframe.js
auth.instiengage.com/auth/ Frame F95D 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/authIframe.js?v=1
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:4200:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
5t0c70ij2yH4_3abcxf5deINM.AIH7.i
content-encoding
br
via
1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 22:29:47 GMT
last-modified
Thu, 15 Dec 2022 19:04:33 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
age
128
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300
x-amz-cf-id
nqv8lt4iiUg6nCHzkEGIOAqD_DHZzLiSlwo2BmUn3DVEzCBlkJisOw==
view
securepubads.g.doubleclick.net/pcs/ Frame 626B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTpspSOgvFeU-A1AE2u5G9J8MDiKX7lus1kRdTU58m_T27QCRVz1r25Wus8l3qlA_gx2jp8ehDKfmNYHKDY581-dNyiJJjR-F3Y6c6Mi4A3Ix-e4YLrxc85UbjqnblxvgbViM_3L5vUM-E4F4zBy5y5I1DZJG7vXfHXALoYWCKVa_9aySfPG1tsggER1yl2QVGLYXjgQBlcnGLLfVS0uRADQ2SvSGlyWzGVMrzWaY96dz57eWjeHKvxzvP3-1Zl0b451aPizGdAV475TMuySuBmIqRoH3rIy8uL5wJ1HofmB4J0NpwlrlWUMvWDGPYsddqXo9CvaRBPvNDVWfQSQ&sai=AMfl-YQ-io40nSGIdP3l7FtGb2agyYAKeK1TRSxR2Oc6IEiQsdJcveZzlgX3dQfDFEJnZaUI1YA7RXbESNbVfRGgW-9YFWkZN2aVr0yH2Y22l6oqtzWnJRVVKr7kv71KfMx5yw&sig=Cg0ArKJSzBIk_mQRunVdEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 26 Dec 2022 22:31:54 GMT
bulk
trc.taboola.com/oahu-staradvertiser/log/3/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/oahu-staradvertiser/log/3/bulk?tvi2=4948&route=AM%3AAM%3AV&lti=deflated&bulkSize=13
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230023-FRA
server
nginx
x-timer
S1672093914.364113,VS0,VE12
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.staradvertiser.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
frame.html
ad4m.at/ Frame 4DC8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2600800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
77fd44f4c948912e-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 26 Dec 2022 22:31:54 GMT
expires
Wed, 26 Oct 2022 23:22:52 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gh87aKCVL4zEtgITyRNOpHYp2Ub%2Fi1eDdy9blR4SzoXjzYTPgDhdcp%2BiLd9uvUWoraJfn%2FiU4bvLBpDxmgBh3x39LvdrsIkfB0ySsy3xIuKhPCjIBPGUG2IrcpH3bWa3cIkOOwc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160074
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjgxQTk2NjItMTM2RC00MkY5LUJCRjUtOEVGNTk4NUJBNTEw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFP_xreNn25GkSCtlyvPDSY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 26 Dec 2022 22:31:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
frame.html
ad4m.at/ Frame FEFD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2600800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
77fd44f509b5912e-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 26 Dec 2022 22:31:54 GMT
expires
Wed, 26 Oct 2022 23:22:52 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8GOwsKqPMolAgrvoiB6G%2FMxqnM3vN1dsLvz2ezJ0VXyrzQHc3OHAvdsYd3YpxyHWvf2XGOhELbACGWcF8pOpbCshh54CcKFPn2Q2RU6Pllc8IGuTuPQ%2FHeRRzjDHncychXNO9k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame BF51 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2600800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
77fd44f509ba912e-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 26 Dec 2022 22:31:54 GMT
expires
Wed, 26 Oct 2022 23:22:52 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2n8qKQIQ1IKZf8EkizE1AYn%2B1f6Pj%2Fo06fGpXhocdCawKmzam27cUvC%2BUG807RtacOp1kM3t3h%2FCtMV6S1vbkJoIxEszNn2mVlJ4LoW%2FJYKXGvPQX6UGTD2w7d26%2F5DzeXvlMDE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
config.js
cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/ 		83 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/config.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a92e32553ec0b6d763fbe2c1d98d281cdb09e3a80e1e36ebd81117dbd39458f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Dec 2022 22:28:34 GMT
server
cloudflare
x-amz-request-id
3YE71Q03MYG6MK80
age
46
etag
W/"21bb0ce4874f69f94df99383e974db90"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
77fd44f5081ebb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
HsfJfcmIx0Uz2PtehhcuN7X/GPS1uQYCKG7xdKYPhM/udgC2nF5uUbcjRSCtZW+h+yH+i86VupoL/7Q/EtSyyQ==
vjf6xlw9ustjg7nlla3a.mp4
cdn.taboola.com/libtrc/static/video/v1657201303/ 		794 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1657201303/vjf6xlw9ustjg7nlla3a.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
6vV0Z2kcr9IqWfGTxGFYQOEFb8nA1vAp
date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 varnish
x-amz-request-id
3EX9X0BZ41Z3RZ44
age
118
x-cache
HIT
Content-Range
bytes 0-917260/917261
x-amz-replication-status
COMPLETED
Content-Length
917261
x-amz-id-2
l5doLRKjxkw5Y26cv1OU8XMN94c3sdfrm6A6tviObeNy196Xw5b9djNgekRoQlsBEk4NcWy37zM=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Thu, 07 Jul 2022 13:41:50 GMT
server
AmazonS3
x-timer
S1672093914.419885,VS0,VE1
etag
"72cebb60fabc4dbf2e155454b078a940"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
ibe6wcawtax2helellpx.mp4
cdn.taboola.com/libtrc/static/video/v1671107679/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1671107679/ibe6wcawtax2helellpx.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
ePxAXOVAMlcplIPm8r9BkN5tUZL0sVcz
date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 varnish
x-amz-request-id
5RW6529DKD2TY36A
age
65
x-cache
HIT
Content-Range
bytes 0-1095106/1095107
x-amz-replication-status
COMPLETED
Content-Length
1095107
x-amz-id-2
I9aTwpdERfIipQ6hCkyVyFJw1l02dlvspZap8p0cvDEUkLUSnX7+GPIvW0vX1E5eCemAN2VGb2s=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Thu, 15 Dec 2022 12:34:45 GMT
server
AmazonS3
x-timer
S1672093914.424127,VS0,VE1
etag
"027a1e3bb4feb34832dfcd5f1c536a7c"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
b5vabxhqezog1arnt7m2.mp4
cdn.taboola.com/libtrc/static/video/v1666339887/ 		866 KB
867 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1666339887/b5vabxhqezog1arnt7m2.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dc07516bb84363b41feac92819797ac2ed7c96947da75379100a309da766be4

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
5M7lg4hT5Uad0mDq7OgxKTYCwbmsYE9q
date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 varnish
x-amz-request-id
ZDJSVA1C8GEKY51D
age
79
x-cache
HIT
Content-Range
bytes 0-886582/886583
x-amz-replication-status
COMPLETED
Content-Length
886583
x-amz-id-2
bCHRROjHQ8KqfdNY9+rKxBUvyIQJAfVv1VnM8uRpXRizC8+UJgrOsUAz3a4PVQElov4ZFTc62rTepkQ3p5hdqA==
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Fri, 21 Oct 2022 08:11:39 GMT
server
AmazonS3
x-timer
S1672093914.424319,VS0,VE1
etag
"1b5ebbbf450bb3defa14aad23cc92811"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
sgkvo1esy2cwnzjt0t5f.mp4
cdn.taboola.com/libtrc/static/video/v1665745830/ 		750 KB
751 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1665745830/sgkvo1esy2cwnzjt0t5f.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c6a9ccc522188d4745ca6d4ff809131467bcad0e3c925085b71960e9771ac45

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
VYgQChJXkXnd6pcfFD5w6j04XmEFKZzq
date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 varnish
x-amz-request-id
SC77EY61QC7Y5EC1
age
2
x-cache
HIT
Content-Range
bytes 0-768361/768362
x-amz-replication-status
COMPLETED
Content-Length
768362
x-amz-id-2
lVkaJ4U/3DsB5/jd/Y40JjKRlDnHbuyL6/V+qFvZnRmmp7VFEUc0Mgb6jV9E9QtQHnYJgKlYi6Q=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Fri, 14 Oct 2022 11:10:40 GMT
server
AmazonS3
x-timer
S1672093914.424443,VS0,VE1
etag
"c84efd6e185e0397c0d3a079e5f0dc6f"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
sbfcvda1gqwcij41gdnv.mp4
cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1655289863/ 		303 KB
303 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1655289863/sbfcvda1gqwcij41gdnv.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9409e8b88b7880640f02eb872b435e71ad5d79931e42cb675d098f78ee16be03

Request headers

Referer
https://www.staradvertiser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
NHwYfLNYVEAbRmtYbe2mDdvej_0WkCnZ
date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 varnish
x-amz-request-id
DB4CPE1SKFMMFFDC
age
51
x-cache
HIT
Content-Range
bytes 0-310206/310207
x-amz-replication-status
COMPLETED
Content-Length
310207
x-amz-id-2
1+5b8A5cJkTqeExu2ZwtUfvGpEOd+/Y/eNtDey2XC37XBpoRkwD0BP2TTMX/OrB4FMK6EECCpQc=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Wed, 15 Jun 2022 10:44:31 GMT
server
AmazonS3
x-timer
S1672093914.424568,VS0,VE1
etag
"c54599e9c7c442de75cbb6db4644fb1e"
content-type
video/mp4;codecs=avc1
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
sync
taboola-supply-partners.tremorhub.com/ Frame 4D62 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7kR8CFgNvKRxQw7KuiQRvKRxQw7KuiQUAAAAGBvQHJOUwDjeeycitWMyMa9FitnFLnDOHWzkyziwzi2G5cTiMQFIO43DjmYzcisXMuBYtZhu3xDlzuJUj48wysxiWG4fDCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b6tB0Onyue73u97trTg_Lw2R7WU5Pz8ty1_jdfslgMtkrJnvJai-xvBxep93nlrt8n7_a6bM87KbPW2T5Gw4vk1vucljessNb6LBcnp630O92ufV2t8zy9DlNbo3R8vSc3g7PW2V7-eUAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxcFwrrv1ZTc6XJ-X3R8AAAAAIAAAAAAkAAP7jSUAF6-JJ___________MQP0mTcy_____zcGPQAPPgAPQgAAAB9DdygvTK2_a1ZEBX9FjAAAAABkRaMXjyZ1QmVR9f__328FcAUAEFAIBYmUnaU7KPEWBgAAUDC2QA-L32922DV-t8v-_________83-z_7RhIjMzNKCWAAA1H4BAQDWfgEBANjUDQDgTQAu6AhaMRisTiEWs8FyM1kOlrMDAAAAuPv____XA4GJxzJxbpabhWPj2zhnzslwZdiYlgvLaGKbDEbe4wVp3blzci7uCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwHOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIExPbbLdajtzKiWnhFm1ctrVw5jCtZSaPZbgyeVzOmcUten1MD4dnYVvttigYoLYXydMinegmi8Fy4dssJ77ZbjhbGWcu52AxnBh2q5lhY3FNxBLNySKdyC77wsRjmTg3y83CsfFtnDPnZLgybEzLhWU0sU0GI39jYpvtVsuRWzkxLdyijcu2Fs4cprXM5LEMVyaPyzmzuEWvj-nh8Cxsq92-MdtNBsvNcrHYN2a7yWC5WS4W-w6d4bv6nI3KlzHj0SmL3rNUa3MYFC6DxfuTmBbT7uzg-f2OTpv6pSzqjMLL9-g1KDwHj2o7ei6z5sb12DqNvweDIpYILtKJ3mF0vTWnh-Vhsr0sp6fnZbmIJUrTRTrRSwaTyV4x2UtWe4nl5fA67T633OX7_NVOn-VhN33eIsvfcHiZ3HKXw_KWHd5Ch-Xy9LyFfrfLrbe7ZZanz2lya4yWp-f0dnjeKtvLIpYIThfpRPQyni7qPz7EbjhXzCZzyWA5V2yWqwQAAAAAAAAAsIQ58yYAAAAAp4HMFoPBap0HsVpNJrPVcgEirFh1gUEAAAAAAAB281aoal2FKWCKGz-eeIfR9dacHpaHyfaynJ6el-XKABFWqsybPxPEWq2WNQAAgAA2AABAALdu3gLCrPj_____OAAAABk5egAAAPp9oCgQAAAAAAB-glwsVgM!&cmcv=&pix=undefined&cb=1672093914316&uv=3246&tms=1672093914316&abt=esv_vC!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=ea88c32d-11f8-416c-b9fa-9d8f2fb09caa&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:8aa9:ea43:9402:2506 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 26 Dec 2022 22:31:54 GMT
server
Apache-Coyote/1.1
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 4D62 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7kR8CFgNvKRxQw7KuiQRvKRxQw7KuiQUAAAAGBvQHJOUwDjeeycitWMyMa9FitnFLnDOHWzkyziwzi2G5cTiMQFIO43DjmYzcisXMuBYtZhu3xDlzuJUj48wysxiWG4fDCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b6tB0Onyue73u97trTg_Lw2R7WU5Pz8ty1_jdfslgMtkrJnvJai-xvBxep93nlrt8n7_a6bM87KbPW2T5Gw4vk1vucljessNb6LBcnp630O92ufV2t8zy9DlNbo3R8vSc3g7PW2V7-eUAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxcFwrrv1ZTc6XJ-X3R8AAAAAIAAAAAAkAAP7jSUAF6-JJ___________MQP0mTcy_____zcGPQAPPgAPQgAAAB9DdygvTK2_a1ZEBX9FjAAAAABkRaMXjyZ1QmVR9f__328FcAUAEFAIBYmUnaU7KPEWBgAAUDC2QA-L32922DV-t8v-_________83-z_7RhIjMzNKCWAAA1H4BAQDWfgEBANjUDQDgTQAu6AhaMRisTiEWs8FyM1kOlrMDAAAAuPv____XA4GJxzJxbpabhWPj2zhnzslwZdiYlgvLaGKbDEbe4wVp3blzci7uCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwHOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIExPbbLdajtzKiWnhFm1ctrVw5jCtZSaPZbgyeVzOmcUten1MD4dnYVvttigYoLYXydMinegmi8Fy4dssJ77ZbjhbGWcu52AxnBh2q5lhY3FNxBLNySKdyC77wsRjmTg3y83CsfFtnDPnZLgybEzLhWU0sU0GI39jYpvtVsuRWzkxLdyijcu2Fs4cprXM5LEMVyaPyzmzuEWvj-nh8Cxsq92-MdtNBsvNcrHYN2a7yWC5WS4W-w6d4bv6nI3KlzHj0SmL3rNUa3MYFC6DxfuTmBbT7uzg-f2OTpv6pSzqjMLL9-g1KDwHj2o7ei6z5sb12DqNvweDIpYILtKJ3mF0vTWnh-Vhsr0sp6fnZbmIJUrTRTrRSwaTyV4x2UtWe4nl5fA67T633OX7_NVOn-VhN33eIsvfcHiZ3HKXw_KWHd5Ch-Xy9LyFfrfLrbe7ZZanz2lya4yWp-f0dnjeKtvLIpYIThfpRPQyni7qPz7EbjhXzCZzyWA5V2yWqwQAAAAAAAAAsIQ58yYAAAAAp4HMFoPBap0HsVpNJrPVcgEirFh1gUEAAAAAAAB281aoal2FKWCKGz-eeIfR9dacHpaHyfaynJ6el-XKABFWqsybPxPEWq2WNQAAgAA2AABAALdu3gLCrPj_____OAAAABk5egAAAPp9oCgQAAAAAAB-glwsVgM!&cmcv=&pix=undefined&cb=1672093914316&uv=3246&tms=1672093914316&abt=esv_vC!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=ea88c32d-11f8-416c-b9fa-9d8f2fb09caa&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 4D62
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=199cd425-856d-11ed-81cb-1ee5b9e10306&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=199cd425-856d-11ed-81cb-1ee5b9e10306&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7kR8CFgNvKRxQw7KuiQRvKRxQw7KuiQUAAAAGBvQHJOUwDjeeycitWMyMa9FitnFLnDOHWzkyziwzi2G5cTiMQFIO43DjmYzcisXMuBYtZhu3xDlzuJUj48wysxiWG4fDCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b6tB0Onyue73u97trTg_Lw2R7WU5Pz8ty1_jdfslgMtkrJnvJai-xvBxep93nlrt8n7_a6bM87KbPW2T5Gw4vk1vucljessNb6LBcnp630O92ufV2t8zy9DlNbo3R8vSc3g7PW2V7-eUAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxcFwrrv1ZTc6XJ-X3R8AAAAAIAAAAAAkAAP7jSUAF6-JJ___________MQP0mTcy_____zcGPQAPPgAPQgAAAB9DdygvTK2_a1ZEBX9FjAAAAABkRaMXjyZ1QmVR9f__328FcAUAEFAIBYmUnaU7KPEWBgAAUDC2QA-L32922DV-t8v-_________83-z_7RhIjMzNKCWAAA1H4BAQDWfgEBANjUDQDgTQAu6AhaMRisTiEWs8FyM1kOlrMDAAAAuPv____XA4GJxzJxbpabhWPj2zhnzslwZdiYlgvLaGKbDEbe4wVp3blzci7uCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwHOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIExPbbLdajtzKiWnhFm1ctrVw5jCtZSaPZbgyeVzOmcUten1MD4dnYVvttigYoLYXydMinegmi8Fy4dssJ77ZbjhbGWcu52AxnBh2q5lhY3FNxBLNySKdyC77wsRjmTg3y83CsfFtnDPnZLgybEzLhWU0sU0GI39jYpvtVsuRWzkxLdyijcu2Fs4cprXM5LEMVyaPyzmzuEWvj-nh8Cxsq92-MdtNBsvNcrHYN2a7yWC5WS4W-w6d4bv6nI3KlzHj0SmL3rNUa3MYFC6DxfuTmBbT7uzg-f2OTpv6pSzqjMLL9-g1KDwHj2o7ei6z5sb12DqNvweDIpYILtKJ3mF0vTWnh-Vhsr0sp6fnZbmIJUrTRTrRSwaTyV4x2UtWe4nl5fA67T633OX7_NVOn-VhN33eIsvfcHiZ3HKXw_KWHd5Ch-Xy9LyFfrfLrbe7ZZanz2lya4yWp-f0dnjeKtvLIpYIThfpRPQyni7qPz7EbjhXzCZzyWA5V2yWqwQAAAAAAAAAsIQ58yYAAAAAp4HMFoPBap0HsVpNJrPVcgEirFh1gUEAAAAAAAB281aoal2FKWCKGz-eeIfR9dacHpaHyfaynJ6el-XKABFWqsybPxPEWq2WNQAAgAA2AABAALdu3gLCrPj_____OAAAABk5egAAAPp9oCgQAAAAAAB-glwsVgM!&cmcv=&pix=undefined&cb=1672093914316&uv=3246&tms=1672093914316&abt=esv_vC!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=ea88c32d-11f8-416c-b9fa-9d8f2fb09caa&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20077

Redirect headers

Date
Mon, 26 Dec 2022 22:31:54 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=199cd425-856d-11ed-81cb-1ee5b9e10306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
46
Connection
keep-alive
Content-Length
0
sync
taboola-supply-partners.tremorhub.com/ Frame 209B 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7kR8CFgNvKRxQw7KuiQRvKRxQw7KuiQUAAAAGBvQHJOUwDjeeycitWMyMa9FitnFLnDOHWzkyziwzi2G5cTiMQFIO43DjmYzcisXMuBYtZhu3xDlzuJUj48wysxiWG4fDCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b6tB0Onyue73u97trTg_Lw2R7WU5Pz8ty1_jdfslgMtkrJnvJai-xvBxep93nlrt8n7_a6bM87KbPW2T5Gw4vk1vucljessNb6LBcnp630O92ufV2t8zy9DlNbo3R8vSc3g7PW2V7-eUAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxcFwrrv1ZTc6XJ-X3R8AAAAAIAAAAAAkAAP7jSUAF6-JJ___________MQP0mTcy_____zcGPQAPPgAPQgAAAB9DdygvTK2_a1ZEBX9FjAAAAABkRaMXjyZ1QmVR9f__328FcAUAEFAIBYmUnaU7KPEWBgAAUDC2QA-L32922DV-t8v-_________83-z_7RhIjMzNKCWAAA1H4BAQDWfgEBANjUDQDgTQAu6AhaMRisTiEWs8FyM1kOlrMDAAAAuPv____XA4GJxzJxbpabhWPj2zhnzslwZdiYlgvLaGKbDEbe4wVp3blzci7uCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwHOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIExPbbLdajtzKiWnhFm1ctrVw5jCtZSaPZbgyeVzOmcUten1MD4dnYVvttigYoLYXydMinegmi8Fy4dssJ77ZbjhbGWcu52AxnBh2q5lhY3FNxBLNySKdyC77wsRjmTg3y83CsfFtnDPnZLgybEzLhWU0sU0GI39jYpvtVsuRWzkxLdyijcu2Fs4cprXM5LEMVyaPyzmzuEWvj-nh8Cxsq92-MdtNBsvNcrHYN2a7yWC5WS4W-w6d4bv6nI3KlzHj0SmL3rNUa3MYFC6DxfuTmBbT7uzg-f2OTpv6pSzqjMLL9-g1KDwHj2o7ei6z5sb12DqNvweDIpYILtKJ3mF0vTWnh-Vhsr0sp6fnZbmIJUrTRTrRSwaTyV4x2UtWe4nl5fA67T633OX7_NVOn-VhN33eIsvfcHiZ3HKXw_KWHd5Ch-Xy9LyFfrfLrbe7ZZanz2lya4yWp-f0dnjeKtvLIpYIThfpRPQyni7qPz7EbjhXzCZzyWA5V2yWqwQAAAAAAAAAsIQ58yYAAAAAp4HMFoPBap0HsVpNJrPVcgEirFh1gUEAAAAAAAB281aoal2FKWCKGz-eeIfR9dacHpaHyfaynJ6el-XKABFWqsybPxPEWq2WNQAAgAA2AABAALdu3gLCrPj_____OAAAABk5egAAAPp9oCgQAAAAAAB-glwsVgM!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:8aa9:ea43:9402:2506 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 26 Dec 2022 22:31:54 GMT
server
Apache-Coyote/1.1
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 209B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7kR8CFgNvKRxQw7KuiQRvKRxQw7KuiQUAAAAGBvQHJOUwDjeeycitWMyMa9FitnFLnDOHWzkyziwzi2G5cTiMQFIO43DjmYzcisXMuBYtZhu3xDlzuJUj48wysxiWG4fDCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b6tB0Onyue73u97trTg_Lw2R7WU5Pz8ty1_jdfslgMtkrJnvJai-xvBxep93nlrt8n7_a6bM87KbPW2T5Gw4vk1vucljessNb6LBcnp630O92ufV2t8zy9DlNbo3R8vSc3g7PW2V7-eUAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxcFwrrv1ZTc6XJ-X3R8AAAAAIAAAAAAkAAP7jSUAF6-JJ___________MQP0mTcy_____zcGPQAPPgAPQgAAAB9DdygvTK2_a1ZEBX9FjAAAAABkRaMXjyZ1QmVR9f__328FcAUAEFAIBYmUnaU7KPEWBgAAUDC2QA-L32922DV-t8v-_________83-z_7RhIjMzNKCWAAA1H4BAQDWfgEBANjUDQDgTQAu6AhaMRisTiEWs8FyM1kOlrMDAAAAuPv____XA4GJxzJxbpabhWPj2zhnzslwZdiYlgvLaGKbDEbe4wVp3blzci7uCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwHOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIExPbbLdajtzKiWnhFm1ctrVw5jCtZSaPZbgyeVzOmcUten1MD4dnYVvttigYoLYXydMinegmi8Fy4dssJ77ZbjhbGWcu52AxnBh2q5lhY3FNxBLNySKdyC77wsRjmTg3y83CsfFtnDPnZLgybEzLhWU0sU0GI39jYpvtVsuRWzkxLdyijcu2Fs4cprXM5LEMVyaPyzmzuEWvj-nh8Cxsq92-MdtNBsvNcrHYN2a7yWC5WS4W-w6d4bv6nI3KlzHj0SmL3rNUa3MYFC6DxfuTmBbT7uzg-f2OTpv6pSzqjMLL9-g1KDwHj2o7ei6z5sb12DqNvweDIpYILtKJ3mF0vTWnh-Vhsr0sp6fnZbmIJUrTRTrRSwaTyV4x2UtWe4nl5fA67T633OX7_NVOn-VhN33eIsvfcHiZ3HKXw_KWHd5Ch-Xy9LyFfrfLrbe7ZZanz2lya4yWp-f0dnjeKtvLIpYIThfpRPQyni7qPz7EbjhXzCZzyWA5V2yWqwQAAAAAAAAAsIQ58yYAAAAAp4HMFoPBap0HsVpNJrPVcgEirFh1gUEAAAAAAAB281aoal2FKWCKGz-eeIfR9dacHpaHyfaynJ6el-XKABFWqsybPxPEWq2WNQAAgAA2AABAALdu3gLCrPj_____OAAAABk5egAAAPp9oCgQAAAAAAB-glwsVgM!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 209B
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=199cd425-856d-11ed-81cb-1ee5b9e10306&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=199cd425-856d-11ed-81cb-1ee5b9e10306&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7kR8CFgNvKRxQw7KuiQRvKRxQw7KuiQUAAAAGBvQHJOUwDjeeycitWMyMa9FitnFLnDOHWzkyziwzi2G5cTiMQFIO43DjmYzcisXMuBYtZhu3xDlzuJUj48wysxiWG4fDCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8b6tB0Onyue73u97trTg_Lw2R7WU5Pz8ty1_jdfslgMtkrJnvJai-xvBxep93nlrt8n7_a6bM87KbPW2T5Gw4vk1vucljessNb6LBcnp630O92ufV2t8zy9DlNbo3R8vSc3g7PW2V7-eUAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxcFwrrv1ZTc6XJ-X3R8AAAAAIAAAAAAkAAP7jSUAF6-JJ___________MQP0mTcy_____zcGPQAPPgAPQgAAAB9DdygvTK2_a1ZEBX9FjAAAAABkRaMXjyZ1QmVR9f__328FcAUAEFAIBYmUnaU7KPEWBgAAUDC2QA-L32922DV-t8v-_________83-z_7RhIjMzNKCWAAA1H4BAQDWfgEBANjUDQDgTQAu6AhaMRisTiEWs8FyM1kOlrMDAAAAuPv____XA4GJxzJxbpabhWPj2zhnzslwZdiYlgvLaGKbDEbe4wVp3blzci7uCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwHOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIExPbbLdajtzKiWnhFm1ctrVw5jCtZSaPZbgyeVzOmcUten1MD4dnYVvttigYoLYXydMinegmi8Fy4dssJ77ZbjhbGWcu52AxnBh2q5lhY3FNxBLNySKdyC77wsRjmTg3y83CsfFtnDPnZLgybEzLhWU0sU0GI39jYpvtVsuRWzkxLdyijcu2Fs4cprXM5LEMVyaPyzmzuEWvj-nh8Cxsq92-MdtNBsvNcrHYN2a7yWC5WS4W-w6d4bv6nI3KlzHj0SmL3rNUa3MYFC6DxfuTmBbT7uzg-f2OTpv6pSzqjMLL9-g1KDwHj2o7ei6z5sb12DqNvweDIpYILtKJ3mF0vTWnh-Vhsr0sp6fnZbmIJUrTRTrRSwaTyV4x2UtWe4nl5fA67T633OX7_NVOn-VhN33eIsvfcHiZ3HKXw_KWHd5Ch-Xy9LyFfrfLrbe7ZZanz2lya4yWp-f0dnjeKtvLIpYIThfpRPQyni7qPz7EbjhXzCZzyWA5V2yWqwQAAAAAAAAAsIQ58yYAAAAAp4HMFoPBap0HsVpNJrPVcgEirFh1gUEAAAAAAAB281aoal2FKWCKGz-eeIfR9dacHpaHyfaynJ6el-XKABFWqsybPxPEWq2WNQAAgAA2AABAALdu3gLCrPj_____OAAAABk5egAAAPp9oCgQAAAAAAB-glwsVgM!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20077

Redirect headers

Date
Mon, 26 Dec 2022 22:31:54 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=199cd425-856d-11ed-81cb-1ee5b9e10306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
26
Connection
keep-alive
Content-Length
0
d54ff8c4-cdc9-4e82-9572-a432b1be6c61.js
df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ Frame 2414 		343 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/d54ff8c4-cdc9-4e82-9572-a432b1be6c61.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/d54ff8c4-cdc9-4e82-9572-a432b1be6c61.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6c00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6fe20fcfdeb7726174fea4ce33c8e564964342ad5a16aea491725781eb98fd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
RB1fEkGJMRrijWwGACdJI8N3x3PYcIhK
content-encoding
br
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
date
Sun, 25 Dec 2022 23:53:46 GMT
last-modified
Wed, 21 Dec 2022 22:16:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
81489
etag
W/"697001459900d054992c480403c47ec4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
firyBh9EZyBFEsnvKT7lDalB1vB97t9GhTe23nKnLGJg6v3Zua5XHw==
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ Frame 2414 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/d54ff8c4-cdc9-4e82-9572-a432b1be6c61.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 02:17:36 GMT
content-encoding
gzip
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
x-amz-version-id
MzFJp_hCplumN12v7na.JL4ToSqQ7M.M
last-modified
Mon, 30 May 2022 15:16:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
72859
etag
W/"32357f1c0de69779f4fedf3aeb29d83e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
DXZxPFGEorzzqHprdhqHGh28UQ6SS6EjmXAE9V4hvuDPJKnlJlvwxw==
config.js
cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame 2414 		127 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/d54ff8c4-cdc9-4e82-9572-a432b1be6c61.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1870bed6fa3e0be6fe2ebfa6b43c0ea8645aa57af0ab31bc2a50dd2ebaa838ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Dec 2022 22:00:24 GMT
server
cloudflare
x-amz-request-id
F4HE3T2XN6WAEXXS
age
371
etag
W/"2efdd070378b508f8573efc3032bec7b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
77fd44f5a92dbb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MNtoXpScvBAUdzyEh3DSElo/B7qUM3DtQtRZU7ptBlqRNoqgB3J3aDm/6zcHz0meSa8rgMQ0KkA=
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212211045/ 		216 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 15:47:15 GMT
server
cloudflare
x-amz-request-id
5D8WAN8G73GBZH45
age
447905
etag
W/"fa407ba001f2ac06196124f41d523471"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77fd44f629eabb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
go5Qfjv3RzTg49IVkJ9mGyUrz31FeO9RxHJ2RQW0ZBjHDNInM0sWq5zm8+ZpzU3/xjlyKPDnHcY=
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34fd432b7a129fd6d9599b585bcfc8cde51d7cfd47ad4f906f0b36ac359a562a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1433 / 537 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Dec 2022 22:31:54 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221226-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Mon, 26 Dec 2022 22:31:54 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
152
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1672093915.588822,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
65
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
575
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Mon, 26 Dec 2022 22:31:54 GMT
vary
Origin
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2414 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/d54ff8c4-cdc9-4e82-9572-a432b1be6c61.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1433 / 197 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Dec 2022 22:31:54 GMT
event
event.insticator.com/v1/ Frame 2414 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/d54ff8c4-cdc9-4e82-9572-a432b1be6c61.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:54 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
rs
ad4m.at/ Frame 5978 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7bcec112f1759ebe8a79684a9458d4f37c916328e8092a0ba9d6bd4852e217b

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5X6fxr32C9cv4pZgO0l5vGejexOzoaUNdBTyqImjqnZE581Eu1aPJ0EZYaMaNqwwo%2FhbqcopekR5iEwYYzIEFjvDzk2XGTjffqms1lmS%2FsrEi8%2BW10kQEszrt%2FipPvkC5WViZWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
77fd44f6de09911f-FRA
x-backend-server
aa-reachservice-group-europe-west1-3b3l
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame FFA1 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa7360b0494989e110c84a6ffd4e23348c710942098b5c84003459e474d2657

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjPQxtWDINYt%2BU345NyrLzP8ptCEK7%2Bq%2BXl2nNIX2exXa2FirZKBfz7hT4B7Ub8S9q3OfBUYScJ4MBbh8%2F5GUMfe3GeEYvnF5raYmEWcJTUCtnu6zZau9tRrhU%2Fia2GZeNx8u94%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
77fd44f6de0c911f-FRA
x-backend-server
aa-reachservice-group-europe-west1-3b3l
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 0B23 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07673b42b2fb5e1cf98be1316270ab5390333a893d0735542887ccf48fbb19b5

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivIDa4ypSwdg64frWM5qPPJeRpHz6WYfPSa9d2zmlcdCUKl5alyK8tJb00bs6hDr7OGqtqqOieXt5xSih1iLw3cujdNIlSArl7VubaJWyRBJLGlFdFmClCKSn7SqfqaVjvHKXZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
77fd44f6de05911f-FRA
x-backend-server
aa-reachservice-group-europe-west1-3b3l
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77fd44f6adb5911f-FRA
content-length
24
content-type
text/plain
date
Mon, 26 Dec 2022 22:31:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q45NXYypgWoZqkEUb2Yg3p6Tij62I%2BsSeGCq4sOHvF7%2BS2%2BXxXCICCwqvjGAKwf9kajfkGpVf7KbJ6GYuwfsf0CRNF5Y40V%2BdrFm7k4L16N%2BCMmBunMHq8eHEZS7RMCKQULM69M%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-tbx2
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77fd44f6adb4911f-FRA
content-length
24
content-type
text/plain
date
Mon, 26 Dec 2022 22:31:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jh27Ghky4Rjuh74AE8Y92XzsB3nS%2FJlxWpAeyrIDyf5o5jmW4GTK2v%2BLIFz3gmaK5CgczEwY2Vt1LUVfZ6BCVNUPWv9HuJEbIvia%2BF8pD6zTo1qzYs2tLDR3cDTSHg8lWcX724s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-tbx2
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77fd44f6adb8911f-FRA
content-length
24
content-type
text/plain
date
Mon, 26 Dec 2022 22:31:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBetBl6fWznylXBzrWZsqUm%2FaMMlp2%2B39MxpJwJQgjVKra38CQCPU72WcT02ixPzGm8rSQBAvVhn1aoevwEESZ4jehV1gN7GjG76LvRbquT68ymoPtWuG3fWc5GRjnbGdykJLFQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-tbx2
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212211045/ Frame 2414 		216 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 15:47:15 GMT
server
cloudflare
x-amz-request-id
5D8WAN8G73GBZH45
age
447905
etag
W/"fa407ba001f2ac06196124f41d523471"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77fd44f69aa5bb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
go5Qfjv3RzTg49IVkJ9mGyUrz31FeO9RxHJ2RQW0ZBjHDNInM0sWq5zm8+ZpzU3/xjlyKPDnHcY=
/
pips.taboola.com/ 		64 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
24d0cad439634e0e922d4a4c617815fcfb15d52e1d3255b2edd2c2458c60a10f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230040-FRA
date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame 2414 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Dec 2023 21:12:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 2414 		554 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d628b27ccfd384db645a68130bf7e4ca23383a73e6c309e1ed1b5298134d818e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
expires
Mon, 26 Dec 2022 22:31:54 GMT
diberp-tcx-v7.13.0.js
americanhometownmedia.com/static/ 		328 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 22:55:15 GMT
content-encoding
gzip
age
2417799
x-guploader-uploadid
ADPycdtE5F3qemAxwdD5W44ynHkhUqa5s7O6uBBuRtqylR_NGByteR1jBDRCP2Tu-Xvx-lCb2YHB4Web_d8qsxiux1UGf5C7efij
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104504
last-modified
Mon, 29 Aug 2022 14:20:21 GMT
server
UploadServer
etag
"f085c7609fb7c47fb72fd768d721373e"
vary
Accept-Encoding,Origin
x-goog-generation
1661782821233427
x-goog-hash
crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
104504
accept-ranges
bytes
expires
Tue, 28 Nov 2023 22:55:15 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657&uad=427c74745e2aa0383c0c2da0efe7b840af61be18b35224d36d860914e3b2618b&mbl=ZmFsc2U=
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Dec 2022 22:31:55 GMT
cache-control
no-store
server
nginx
rar
as.ad4m.at/ad/ Frame 3BCF 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7229b6f1498341333603d9d68d93cbb3bc4635cb26eaa8844e859dd08ac0910e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kxshhgwhj8kn4xn630nn7j1cwwctf8tem3f2ykqgz6nk4ygjhagb8vtq8j4t9kpm99tn712w9gw6ygfs5112bytdmr598tvmb4p9n4ve33w5k6q99pvqgkek895hy1gkn3rhab6vmfvcq6qwjjfcy0aas1vqtjdxjckvmnjc49dr7scegxvjsdk1mtsmpnyf6taj93c5v0gssn2ktpp6bdb5pf5gpzzxjrf5a21ewr82zs3q86p4ctz7xnxtxrwhz2rhpg220ejptpf85k0mzbha86ejramcmckem9xkwwds3q7635e62myf3hyxxj8wxwxyh4fx75hkgfbdabajc21rh7n8hdyx6qfr1r9q0mje5qc2pjqnsn5prg3bnkqwycs0n7q4n8dbq0p15nb6mdqtcvtnqq3tds9r7qvdhrghx58xjpc8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%26client%3Dca-pub-2697679518515886%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77fd44f71d01912e-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:54 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 5678 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6680ef106d411f8b3257f1377f26831539130757c246cd29d792ef5e2778e234
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gg8b1yqqy0v1f6b3fhg9sg0yxxyne5cvep6q2zq7v6s6btdm7fc4z9stxbap1e82sc3njsk8r3t6ytkgv5m63e2yytd1pv7gs4wj5j4b5r4rbgvnm1n7jmmkxs0xcbe44xx5976wmewxc0xf141atc6vp6xwh1d8rgnt4xqsqvydr14dqbryn482at046z9cncs5ctw141ss69ya7910j7rrm9xp92mbve5qn5b3p92p6y1hrpeevkcgxcr7xdn6z3tp6rgyy6hm7xffnamt7g9kcj0t7f2wk3ndq44rn79wkcdxrgcgx9fm3nky5pne6j128n6tcgkw315bm5nds3s0xeq9h5apqtqfgqhh4nwb0yxqyf9jnncsx9jmv6tmzjqwbbr32y3b7g7dqg7sqtwdpz92217c6cq1krnypx7gdfkz7y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%26client%3Dca-pub-2697679518515886%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77fd44f72d07912e-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:54 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 0191 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9917d6c339d41e0a96c50e0e90a233d85ccb04329c5a5638cdb0921dbdc1d511
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gfp0av1xg3tn0c7z952162zeffzcznqzsx46kvjtd3h93ggsy7h7452w6c487nm92341d7cb91q7fzdsbwpvhj3dx3jnmfk0284mjczbs8g384cmh7axkz716fvj0f7pb6mh7acmsrmta5xwegqqmdd2zjay1mf4cfzbm2crhvpkqx5bawk7qeay3amvb898d3j48vk0gbzneqhcrp64g35s35rtb694gc6zn71d9a78xhefasscv1erns6jtk9d5rbat6rr6jsvqh0m2f2ffxe3jrax962ks10751nsdjrz0vmkmndw30718hhrmyf0tn32f568m0cmx55enag4qr21avj2wbj13pw7gtdtbgv4s40n0t0h6rt0xg5f9sj8a10kj9kdymyfwgz09a4jh90ye3bca1436fkqdv9hctw3pc2j6mf4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%26client%3Dca-pub-2697679518515886%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77fd44f72d13912e-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:54 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 2414 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcRB79HvZ-Xy6yY6aj9tmjM_5VuAoc-KEBnLpozOdYPXwVpQ6P56VMvPtcCF7blBKMUabqwE_N1kfii9D_xiISZSaT2gjBGKf5NKuNGBFMR5xfX9ydWRC20tn8YVQQAPPJMHj6TxZnvojsnswlLVOeHw8RrMy94KeBTr592yo0wJgzolYlinAQWytw-JZV8mrfW2dtGDAupCOyOgJCwOTwb_4Sn_vPBzyz5Qu-2Jnx1xU5v4CJ-skW8aa9F-AUY33qiJees-T8DYL379LDxFcZXZOc8Y4Ufb0bfO14zcWtvTXP_yPaI3KKaOnF2C7iE_RBG1GBxlFea0-URCKEYA&sai=AMfl-YRtvllnHt_O4rAxWuu4GCJefk61b9Zxc4UF25eA_YdS6g8SwVHtu5MDCLHqPR90ISDSYCBaaNiq9VzTp_pWTJUBJZsEDEctd2CPgb7ofSX4bIqlIbk7Aa5DmMoEUShwzg&sig=Cg0ArKJSzLvvWdb4q3jHEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 26 Dec 2022 22:31:54 GMT
integrator.js
adservice.google.de/adsid/ Frame 2414 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2414 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2414 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1887403806901820&correlator=1189023896865375&eid=31070873&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2933112504&sfv=1-0-40&prev_scp=h%3D22%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cust_params=ip%3D1%26he%3D0&sc=1&cookie=ID%3Df331695c6dc12b2c%3AT%3D1672093911%3AS%3DALNI_Ma5hPQ3nVcqHDgnu9hrZKfj0rOxag&gpic=UID%3D00000b99026d4273%3AT%3D1672093911%3ART%3D1672093911%3AS%3DALNI_Mab9hpat4azlL26VvvV-EP84Z-jLw&abxe=1&dt=1672093914775&lmt=1672093914&dlt=1672093913018&idt=1734&adxs=1024&adys=354&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=522cb95o1m6l&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&ref=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&top=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&frm=23&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1495739541.1672093911&ga_sid=1672093915&ga_hid=936532834&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRi3pcGE1TBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBillcGE1TBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YpZXBhNUwSABSAghkEhQKBW9wZW54GKiiwYTVMEgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2469be863509cd32822aa7f86b85923dc642cc20f7df9d3d693048ec60528844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12058
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2414 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f545d203ac625aeac707319e6d65afe9206739df8879c6906c5e256687da4250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11092
x-xss-protection
0
container.html
c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FADD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:54 GMT
expires
Tue, 26 Dec 2023 22:31:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 5678 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
1158280
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7SLkzKzp4rwqWWEBz7ekv4eef%2Fa7LkSJvt5nJWaT%2BoKVwmdGW7SbCnVdDopeNMqPaksXcGDPd8WPe%2FVj9jAb3GIbLHCb8kKxUnCpHedYeBY5A%2FNqEBHziQtG%2Fp2tNCdksmjAXmHW0Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77fd44f76d7e912e-FRA
expires
Mon, 26 Dec 2022 23:31:54 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 5678 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96280
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlnlC%2B34uU6%2FzJIQ9WIh6HSlAUMlKK5%2BqmhIFFIdJLtuiNGtoB17ilzCPrt02mSLeiP9MBUBRFdVTRGg79CCEWgOTPkoBSjJuz1zLB3IuKXUNG8Zhp8vLLgbpJJTv74wwwvucBU08Dqehq5m"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7895d9bb3-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame 5678 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
799054
cf-polished
qual=85, origFmt=jpeg, origSize=46259
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10888
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:09:44 GMT
server
cloudflare
etag
"b2cf554576629d98986c459034c76d1a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2Fp%2Bs4HAaSXyJfxRFlBtxSkk8HyWpXo8hzkWfaZdZ5DbY83GjdUQVe%2Fv9KdgEa1jwpwpSE2y7zvZ0rubFgQzXOyH%2FsmEzXSkL2S5lES2JBlk3Nwkf7EDClA0e7nr%2FKWATX7taQPXJBA4K7Su"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f799759bb3-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
/
partner.o2online.de/a/ Frame 5678
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIfVzp6rmPwCFQDvEQgd-J0Jxw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122623315579855612687X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_N...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122623315579855612687X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122623315579855612687X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:55 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122623315579855612687X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122623315579855612687X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
date
Mon, 26 Dec 2022 22:31:55 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 5678 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88198
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFhVUQId7yFRDuvO5AXa3CTlwWNhBP3iFONWG0wzGzP6aeNDEynJn48UmWWXxGSuyQKz3IpEwqj%2Bk%2BNO%2BezoTEyPJLLgtHdXrmqlPfRFHCWZ5nwcsaCwYHGQgTWfdJJfgMeThlDtod%2BkCvOm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7997e9bb3-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 5678 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
799051
cf-polished
qual=85, origFmt=jpeg, origSize=85977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20094
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:32:10 GMT
server
cloudflare
etag
"115bea0885590f780802fd14548a1cde"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KAU1OABHljBGgnTJgNvpNAk3a5RpTz6noywF2uT6rci6KBWdrTz1wGdjP4rAtevPScAMYMTVP0eyGFpbziMUVzycyegPCcfPwhVHaH6hoanj0QQd7aNkQy10MxAbi6rfc5abBitofVwFSdt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f799819bb3-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
/
partner.blau.de/a/ Frame 5678
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CM_Szp6rmPwCFWyW_QcdPUkJWg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122623315579855612697X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122623315579855612697X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:55 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122623315579855612697X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Mon, 26 Dec 2022 22:31:55 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 5678 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
535106
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TeaAwYlhUhaV8UadwpW5ihMCx4gsQCKod5HgXCJEZIkD5wqMQIPiSlqFI50uiwcf%2FFYCrLut41sqmXn3wxnjTT%2Fm%2FFrLFX355Uoz%2FNGx5tQJMMnpnihoOp6Sp46jQIFsaSla%2FEe6C5fISDSc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f799829bb3-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 5678 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2050472
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQ9U9iSZgwSdMcOeZ5bLJQ9aULlX68aWVAC4bLcEtu00vyK1l%2BGP4jewiOZHtRqp0d7z3J3tGIOuXhq0oNVMhlGGg%2BJ%2BVqgp18UlVLFMipNFcPULv3Sx8ZPTQaP9G%2BHhvQN3cFTXitVe8p8P"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f799839bb3-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
ztpv.php
www.conrad.de/ Frame 5678
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1672093914_19c9f9f0-856d-11ed-bb44-226289dc062e&insert=AW&&gdpr=0&gdpr_consent=
0
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1672093914_19c9f9f0-856d-11ed-bb44-226289dc062e&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=911605e9254f7c7edcd2a440d020a5a9%2F13030451217351876153&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914713&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jez8kwkrxd8fqe1kf6chjpa66ney4vtm9bkh1xkmx6jshk04webet7mh4rp99shcj4b55b2xvdq6x9tyev9pkbqe4tqqjptn961996bh9h33v7d52prmpw0w4zfgqdtvx5b4h2agaeprddjm93w1t20zcqw3mrjt1wsr28t7h61ghd2stnq3e4mnafex1rvg7t32wk21ppw8n3kk91sqx400f74qxgf1w6j1gk8hn705p7s1c6wg2qzja0at5v02bqevw1azaevc78fhgb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh4Jb1yCqY6GSHtShlQfcrYywDJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgSAA0_Qb3TQ3opWWGgo22W7ov3B-lCV_zvHh4Vee-R82LksuqF4nbM5M8GbWrrVbOLoNpZGSj8fXI5Yva0iw6_KLQP1cmIFcQ7z-WfwP7yNHY-sx-QawXzOdgByBDha5eXaJf0pS0d87c516hph4v5y1chruGgD0ZA2WzXoLCkBCyyD7p8kfMdnWpk9SrLkOaNyr2-GvNf_T7nH5SGN-KfAZUxNNrKf8s-Li4RET2099y76b2V-6Hak-4aRFfNPxf37wXweBHtkIxAa1JsC1JR7EzOqkMlQ6D2GJylN0dmpvcj6RJ8RH_eR94qm95iPQ78c8gexusX5niYn4C4RRp0Tzk1ilwLjQ9nWjMAUw-QtdsRulZXNfkFxR3xQQMx_H97-9lQA03G-5Zaz3r5rBfZcqyOLNT_24jgsSi0RIjq4EObpZlHEg8iHpLo-KtoMhLYbux-qVGvfWjFyeyD8l7CVsjrq1FUnm_J7GiAxlfXBubgvq4vUoxShYFIZl9dzjNeFruAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0jCfyVZar1taRZobxz_yIy-_XT6w%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
content-type
text/html; charset=UTF-8
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
585650888
cache-control
no-cache
cf-ray
77fd44f88e079b98-FRA
expires
-1

Redirect headers

Date
Mon, 26 Dec 2022 22:31:54 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1672093914_19c9f9f0-856d-11ed-bb44-226289dc062e&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 3BCF 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
1158280
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Z117YdHG4pteuNy8rDl4gFqGp%2BdX%2FqgiEITARvJsZM2ht3WmA%2Fa3gA3L50SF5HcC7NlBmxVJ7Bs%2BHf7FUEpPm9Er9qMmWscqWxC7VY5XOiq32iSvO7YdoF6Of4G%2FwnoaOp3LBX7srY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77fd44f77d9e912e-FRA
expires
Mon, 26 Dec 2022 23:31:54 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 3BCF 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96280
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCa7b%2FzfSg%2FtjsM1CCVVWp4h3LZLwtX1x8d9xlSQ5qzZ3WiMG1Rv9D9G%2BfJLQ1l1zKT0YGM4AZnM8VhOgjWeL8V29f9KEcHW1%2BUCN5WleCgxBm1qdPruT9Dd9meqTcUwi%2FSwrqHJm4FC09OH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f789609bb3-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame 3BCF 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
799054
cf-polished
qual=85, origFmt=jpeg, origSize=46259
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10888
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:09:44 GMT
server
cloudflare
etag
"b2cf554576629d98986c459034c76d1a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqIuXlyhVnHfgqCzMeN9oWqkhkllVbiPDDdmbhNhdIbQ8Am49AC200n59CMZa8qAyEYWc1ae6vJzpp5EGw9sqncljySXG2gkU8JWam%2ByhodNbDGP%2B%2FUHk7l%2F4EGpi2QTIjlGuRFu6uhbVAuC"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7ade8912e-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
/
partner.o2online.de/a/ Frame 3BCF
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMTYzp6rmPwCFajzEQgd3qMHQQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122623315579855612691X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122623315579855612691X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022122623315579855612691X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:55 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122623315579855612691X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022122623315579855612691X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
date
Mon, 26 Dec 2022 22:31:55 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 3BCF 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88198
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fuu6j%2FCRe2tjDpuLEF%2FEGtrd%2FjUTC9bpPw1Zrp8WdUFLEtFPOqGySs%2BbMKnvvhNPZuCvYRpuHeOKjzfd%2F9TcKX8DP8GwXZ6e8II%2BGwQSzaccFfhopajls2azh7ZJ4Q1c5VqCaL6rPPj0KB0r"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7bdf7912e-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 3BCF 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
799051
cf-polished
qual=85, origFmt=jpeg, origSize=85977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20094
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:32:10 GMT
server
cloudflare
etag
"115bea0885590f780802fd14548a1cde"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4lwznNyfgmaqHDkz3F63TZdtEoRn7DcqN4KHGl60A%2Bk8t%2BrTELFAlk0IiwzkNJEE3geWYKiscc0cj6pL6FVeQ0Ds8McoeOxzLjaJpcTh8mCcsd6V%2Bt%2BxpPlvtXwkToUFw0%2BRZB%2BIbzd01BP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7bdf8912e-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
/
partner.blau.de/a/ Frame 3BCF
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CJDZzp6rmPwCFRkI4Aod_dgA_Q;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122623315579855612693X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122623315579855612693X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:55 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122623315579855612693X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Mon, 26 Dec 2022 22:31:55 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 3BCF 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
535106
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJHZ%2F6nEFr8WZFNlDCqyANhwyUrW1cZMOAfD1WU7iK1oeWm7SBjlKHhip9DcMsgXcCBzldXil4ejTn9ADaYKkuBfN%2FQuRM0mnKfxHGltqNDTf%2FhFKaJ3Bbqk1w%2FJ494qXh45rlN0ee2kwZI4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7bdfb912e-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 3BCF 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2050472
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00ti1xwqUUdJSD%2FFG5lWonmaIPpERtiTXyb9v6ibbPUQ4siwzidKaIadrH%2FRwTqohFuYd5Eu7yih6Xt0PBL14OR6h%2BHLTd6mBX6pHUK%2BZtMV3CziIMrKa%2Bzy0n4mv50%2Bpjldw2TPyoFDhu9B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7bdfc912e-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
ztpv.php
www.conrad.de/ Frame 3BCF
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1672093914_19ca4810-856d-11ed-bfb9-223141246197&insert=AW&&gdpr=0&gdpr_consent=
0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1672093914_19ca4810-856d-11ed-bfb9-223141246197&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=65438f399068363bf4f19dabaaccfcff%2F5928786977640840401&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914711&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2xx97a7xg3rsd5dakm54bk0k1nqcdhttadx817ky72ma5myt0apdhbnr0g38d3xk16xepa61dbctngmd1h9pgbv0hgd9hn7fc4xjykxebxhvgpdstxn15ss174nda5zdfynv0v5xh1vazcn1fzrmj24d47d8m5g0z2csh8n3e0243yv3697f9kx3vqd9gttef0tcap3fpbzt9p953dskte5z9wks6krfxyfe21zn3qqqy5ynfvmmbhsbqxkn09r8rxq9r6y10xhcz40r80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCM_5U1yCqY__uHceO9u8P4du5oAqQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0P37wLaRu6ce1pgUpTCMtxuCG1CX6PIcL0Z6Tngn4jug_5KgtAMhlHG5pZlfoHjwy-RfCD6RQA-zuVRNfcRhtSB3RzVmChoMefh0If_EWKeZda3iS5yBCRgSuf9FzuFx5_jzr6vq5RcK7hDRuogeaaIu7hyhJhEsorSlPo1lXeF1Y_MBlfe8aRp-_frtwkJtnZKeClEB_xuK9xdd6Z-8fMC6LfhPVUiODRBwdJTBhfZqdkb6rw06ZnMK4cLXuIoDUDBPMiyRplSOH3FmVldc4rAxSxbkseNp5gJDgsg9FZUb5G3gqO9tFX28EVCGxhcTZbMPLWOyp8T-Ey7cUyIco0iSQAhkWl5NPW-YqxqIslAmR_-Y6dSjRwdglP6g94BbegZCORkBWNoNRMfK8kLewQYxv0RRfOgcU7CDbAzX-J2UQeeu80IN9AiXmk9rIGDdIVIpFHi-ZR8SuazXkbDX6Td8xzugXeuxoKfGduhKe1klzCB8x-pmSfqiEchUfSPdOY5gB-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3pKsg-82xoEcfVcjtUGIL8Cdvxlw%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
content-type
text/html; charset=UTF-8
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
584979027
cache-control
no-cache
cf-ray
77fd44f88e0a9b98-FRA
expires
-1

Redirect headers

Date
Mon, 26 Dec 2022 22:31:54 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1672093914_19ca4810-856d-11ed-bfb9-223141246197&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 0191 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
1158280
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ip%2BrAN%2FNTMCPWwigRWzEACg%2B3WE4q5LHBIy9ecJD3Lf8F350SDJnGqm5NfCro9xiyltaft4Vh6kU8ecnurT%2F3%2FjXsd%2BgXTMHK9b9lrlE7%2FU9NXnM0IRS5XB5jX13%2BBzXX49V6E9hkCo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77fd44f78db3912e-FRA
expires
Mon, 26 Dec 2022 23:31:54 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 0191 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96280
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xXCIN7reYRxtfmZhG2%2BwY4h3Pd%2B1GFzfT5YirhlSDQxpHjCozrwLXfeWJKvrnk%2FtZ4r5eeV948Bzzxx2ltBJn0buo3QPKDiFPAQN%2B9r5A7aqz1a8cVQOc9mlCRTMrnoZYvbCFHkpFbWCiaD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7895f9bb3-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame 0191 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
799054
cf-polished
qual=85, origFmt=jpeg, origSize=46259
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10888
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:09:44 GMT
server
cloudflare
etag
"b2cf554576629d98986c459034c76d1a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6trPFVDU%2FVC%2Bu1gNluEvdfrsf7OaXVaWLtD1n8%2FroA1kipbuTkSuwvJeVYghL4mshpAOFUJvPyP8PUH%2FTHQbLpAYQOZRzg%2BU3Xv88CAAYEXfBX9%2BL0Gq1Z3KJ7%2Fpx171RaiMEfvHwaHBkl%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7bdfd912e-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
/
partner.o2online.de/a/ Frame 0191
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIHazp6rmPwCFZOIdwodtQkJow;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122623315579855612695X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122623315579855612695X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022122623315579855612695X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:55 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122623315579855612695X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022122623315579855612695X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
date
Mon, 26 Dec 2022 22:31:55 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 0191 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88198
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPjfkKMIV8BlgFmLZHaHO0TYeQGze%2FN4C6v7Z2LKaba2fvcP6VCI91UTyzZF3DK4VJResLE64Khzj0qeG9onRyVniAb07PgIN0IpvVKYifPnqajkjt22L48ZHczrlipgHaWeG2nsbwxlPldF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7bdfe912e-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 0191 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
799051
cf-polished
qual=85, origFmt=jpeg, origSize=85977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20094
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:32:10 GMT
server
cloudflare
etag
"115bea0885590f780802fd14548a1cde"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0LmwKz2PmZ19K4bRCY3bpwzrbypHiJ1yV3OmYMYSUzlPaHotizVBgrL9IwYxcFzHW5m1LppyCzbrlB7mhMTfR1VmkR0%2B16ZrSr8XobSYd6DflpgzJGU4bknBRGkjl1riWwO0ST79otU4%2BQI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7bdff912e-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
/
partner.blau.de/a/ Frame 0191
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CN7Yzp6rmPwCFcT0EQgdnzsKFQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122623315579855612689X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122623315579855612689X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 22:31:55 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122623315579855612689X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Mon, 26 Dec 2022 22:31:55 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 0191 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
535106
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwyeuSk3AJlALB%2FGZHP2ErbS9M4a1z%2FWoYaVz9vIT2Mpkqp78KQ85hSSGhlr6QGxjX7Y4D4QLZrrlRFuCwLhb5qxFInQSs7sWUzlTJvLyh47cXVlO8e9ZMVttWFw8mt457688%2BoPUn3PU%2BS%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7be00912e-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 0191 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2050472
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mv2%2BLIsFTImsrXqX%2FGGv7wkaZezPDAp%2FA8%2FNbhgUK78MRrt33texquYfgcqEh5hvhvbgQMnGGkb%2B0XlujEvU%2F1pLX6xXvSNfMshqQtxE%2FDqdL6yTnnH2LOi8A2Sc%2Buy9pKjoSMIgJRvDFIDB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77fd44f7be01912e-FRA
expires
Tue, 27 Dec 2022 22:31:54 GMT
ztpv.php
www.conrad.de/ Frame 0191
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1672093914_19ca2100-856d-11ed-b703-22303eeb12d1&insert=AW&&gdpr=0&gdpr_consent=
0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1672093914_19ca2100-856d-11ed-b703-22303eeb12d1&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=699366883a50a5dd6b5b2c1bf5ae24e1%2F11209568047002995654&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672093914715&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkjxvs5f5rxzk605axabk6ymeh7kzwh00exa8tzz0vceta0pbt666hk4phf7h2hwqs6yms4xmbfqc2jkbwhebcpb5nmgtepv28qyy6dzrz1jgy0yk75k21fvnqg3ewrdd1kt4ge477vnerpj8h53fw8zmb3m96th0taexxf2frzz7aqnb5t8hfdpv1t75r3cekfhqjnbcgrjjt46bzv9t42wgsqestwj6v2zkvt6rk0268rqsd4937b8bp4fe6ph11ff6m21yvy39gbjy1g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0uGq1yCqY7T3HYXa7_UP_o248A2Q4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yNjk3Njc5NTE4NTE1ODg2yAEJqQIIAP-yeNWxPuACAKgDAaoEhQNP0D8h8AVL3hlRfYoXh_oix96Opu8qm32axOenTvWyPTCAxrGH-HYywyK7s3qEsPaiXgjFJNymC6HuYtHlMmZbeMYq-Y2VsZZPFB2EV8TAFCW0ZTNFzwE84zfZ_KcLllG4TwVPlTx0Uaj7XmZ4XTOf2_V1EkwsjBurIBtVbApY6wH7obrITyYqbGDJfDMYcKce875CcG4ogznrr-ptNSzfyAO34SbeqFrONcrdBgtaCNcrh8hy3E7aIG0qku-bEyNZ0as4exVlV2wxg3hpNRINCXRaUX0JydpQr1bjp1w_qnmzMsx9boljWwZedLVrXpPC9ZBzI3-xa6bkKU-ktwZMoilLfxayxOfwFGa5orUHS-MKrMW3okShCTHJWslS-HJYOooU9DVJRrXgq2yiBdVFS68UkSUPP8ijvjS_1UmuaL-I_dhEV_A_PzkY9942aRH2fn3ucDc4C1XlWP3a3n9PdrxPEnrIsjSFHggEw06CIO7_LLlEJ7oHwBRZgrHI5YqyAFgHnOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WNl3nCB-l4M0uQwJp5pdDbhpagA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
content-type
text/html; charset=UTF-8
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
585650890
cache-control
no-cache
cf-ray
77fd44f88e099b98-FRA
expires
-1

Redirect headers

Date
Mon, 26 Dec 2022 22:31:54 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1672093914_19ca2100-856d-11ed-b703-22303eeb12d1&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
476
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230023-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1672093915.846086,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
86
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2414 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 22:31:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 71DB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7456
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 20:27:38 GMT
expires
Tue, 26 Dec 2023 20:27:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9327 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c28cd8a845a2c3e43c95ee2cd156139ace5acbe84ad78cc78d55ad817c1bd49c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RZVKgI4P7N08rTLBko-Pxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-RZVKgI4P7N08rTLBko-Pxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:54 GMT
expires
Mon, 26 Dec 2022 22:31:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 1570 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0bDet9VWPTI_6SOKD5cMP97pBLPob_U7r92ADOWZzJYaT5D-33hFnbkzFFFx4aX5PN7tOlB3aGpKX11hao8Jm9S8CfMqc_UPNYWqnwtRuV-vxXzGf&sig=Cg0ArKJSzPRUcwIOYSYZEAE&id=lidar2&mcvt=1074&p=221,436,311,1164&mtos=1074,1074,1074,1074,1074&tos=1074,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3802804222&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672093912986&rpt=913&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B5D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:54 GMT
expires
Tue, 26 Dec 2023 22:31:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
d.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:54 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
sodar
pagead2.googlesyndication.com/pagead/ Frame 9327 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=1887403806901820&rc=null
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 5B5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0Dpx2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT8Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmVu5sVigcFXcZWzddDz1V-qy0Mfh81cQLZ4n8_064zS3WaM9rBwv4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yNjk3Njc5NTE4NTE1ODg2GNTEDA&sigh=JpuR6sHtW6g&uach_m=[UACH]&cid=CAQSPADq26N905RUHze6_dfKUdHXawSfLbA6O7iAMr2lcmVvQSaZEwllKOJaGuv1pR_REkJuhRqvkKHXRTEpGhgBIBM
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 5B5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k7OjE_KUWKwC-gGdg2ICAgAAAD6EVk6PZ0_xDT11yAemKFwQ2iCqY7k9AZAqbUfW0SRgABIAAA&wp=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
214909
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 400D 		151 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c0296ec7cab0de78726ec563372bb7070c7f28a8b9faf44d62eec83905d00aee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:55 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=y51r3GVPjHilFD_3OoXLQBZDCoX6_ethY3SAjzZ5FZsczu3RTyCgM4c2wTwsqISZO6OEZ0xNZE9KKNWe6juf4kR4jyzOfiHaijVlIteuZatUFT6JhmUMYwcIbuNxBusxfiqj7Wp0QyOYZy4D33wkm8WM4LKLLLSXPHA-cwBUGiciqRE7Asi7IZiL5wosOHy79jiPjZ_S2IhJOT1j07N8aR0D3KAU-JGqWL3O0CNPJOV7108BXQI2Lg_no8c"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
79453610
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5B5D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
24013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 15:51:42 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E76A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54232
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 07:28:03 GMT
etag
48472445140208031
expires
Tue, 27 Dec 2022 07:28:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5B5D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
35925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
l
www.google.com/ads/measurement/ Frame 5B5D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1ciLDNPF6yGPz_0RqPdIGSpckRv7SpVkXs92M3eL5S8BkCY_sULpyPN-a0dPWWGqqHo-hudu_vq0GYhk9lBF3HQAXPg
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5B5D 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
199001
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5B5D 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 22:31:55 GMT
pixel
protected-by.clarium.io/ Frame 5B5D 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31gl890m2v&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsNTEzNjc4NS9zdGFyYWR2ZXJ0aXNlci5jb21fV2ViXzMwMHgyNTBfMyIsInkiOjQ2OTg5MCwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC0zIn0sInRwX2NyaWQiOm51bGx9&sb=undefined&cb=6196375&h=www.staradvertiser.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.137.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-137-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:55 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 71DB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
524551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 20:49:24 GMT
truncated
/ Frame 5B5D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
022c8c70829fb5908171d06c8a30846887150422c4ca0c1215e41604dcb2f79f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
google
match.adsrvr.org/track/cmf/ Frame E76A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFBvYj2WboQKrioZRIn-1mI&google_cver=1&google_push=AavPq0OmyPv6OK7CMai-qRGonC459h1Wl4c1Bqtnt9qcrYy7xlUwn8Nkk1bnIb4jzxa-2wn-YCl7ndOZNeax8hDqgLRTwE0CGID04Q
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 26 Dec 2022 22:31:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E76A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBjsDMpfQjanhpEEvYjYYlA&google_cver=1&google_push=AavPq0NF7tAR_FwQHNsAof0Bzz3KteJ4octJcoCFuUR7Av5vhMccXszt-ZlS55XzpMUImAZ_5nJfx3wVFk-TOiGrNpgw...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5123196424462168016&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NF7tAR_FwQHNsAof0Bzz3KteJ4octJcoCFuUR7Av5vhMccXszt-ZlS55XzpMUImAZ_5nJfx3wVFk-TOiGrNpgwxfM4TxjytQ&google_hm=ll2HefCdS9yWV7lx_h3JDg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NF7tAR_FwQHNsAof0Bzz3KteJ4octJcoCFuUR7Av5vhMccXszt-ZlS55XzpMUImAZ_5nJfx3wVFk-TOiGrNpgwxfM4TxjytQ&google_hm=ll2HefCdS9yWV7lx_h3JDg==
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NF7tAR_FwQHNsAof0Bzz3KteJ4octJcoCFuUR7Av5vhMccXszt-ZlS55XzpMUImAZ_5nJfx3wVFk-TOiGrNpgwxfM4TxjytQ&google_hm=ll2HefCdS9yWV7lx_h3JDg==
date
Mon, 26 Dec 2022 22:31:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dds
rtb.openx.net/sync/ Frame E76A 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGyAzyb_fM_BaUzVHw7SJlw&google_cver=1&google_push=AavPq0OTn-o9KpqpVct3lwOhe0AvkQyFMNwHYX0z0QxDVLoVp5pmL6l84-z3mMjrPX97T4vH6wsinoYoSj7RQTO-1fIab7jBCp1euQ
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
dcda4s409mke731ajiolqv36b1in3fdf
pixel
cm.g.doubleclick.net/ Frame E76A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uBqWYhNtQvm79Y71mFulEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uBqWYhNtQvm79Y71mFulEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0PgmouQHbclWXiHCGawVxnyKatxaS9OYuP6pb2IRWWKtO8NIuZRNm_jpB5wv1SII3PupoP-ebO82K3bgPTjy4pyPH6LkeTKsA
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uBqWYhNtQvm79Y71mFulEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0PgmouQHbclWXiHCGawVxnyKatxaS9OYuP6pb2IRWWKtO8NIuZRNm_jpB5wv1SII3PupoP-ebO82K3bgPTjy4pyPH6LkeTKsA
date
Mon, 26 Dec 2022 22:31:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E76A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENfn4Z1TsZYOGfqe1NygFmE&google_cver=1&google_push=AavPq0OUlMPf8ND2YYafxOMmMeXrK2ILtpvnd1WgBoBg8_yAlKp1lKc_o_wmi16UfPyJkNyFjnS1vOkutnIA...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OUlMPf8ND2YYafxOMmMeXrK2ILtpvnd1WgBoBg8_yAlKp1lKc_o_wmi16UfPyJkNyFjnS1vOkutnIAjb2j5wBMO79G6vFuew
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OUlMPf8ND2YYafxOMmMeXrK2ILtpvnd1WgBoBg8_yAlKp1lKc_o_wmi16UfPyJkNyFjnS1vOkutnIAjb2j5wBMO79G6vFuew
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OUlMPf8ND2YYafxOMmMeXrK2ILtpvnd1WgBoBg8_yAlKp1lKc_o_wmi16UfPyJkNyFjnS1vOkutnIAjb2j5wBMO79G6vFuew
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame E76A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDTD2kMs3ymvPuuRUEhGp7s&google_cver=1&google_push=AavPq0Mt91KolyUnmyc7kROdDQuGYrVVKNfxlcSZL_mzkMZD4LoUKnfHovoYXskKoEkJM3VU5YtzYkeVlZ87dKyl3vf-u7AoG4br
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQzOTUxMTU5NjY2NjM2NTUxODg0MQ%3D%3D&google_push=AavPq0Mt91KolyUnmyc7kROdDQuGYrVVKNfxlcSZL_mzkMZD4LoUKnfH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQzOTUxMTU5NjY2NjM2NTUxODg0MQ%3D%3D&google_push=AavPq0Mt91KolyUnmyc7kROdDQuGYrVVKNfxlcSZL_mzkMZD4LoUKnfHovoYXskKoEkJM3VU5YtzYkeVlZ87dKyl3vf-u7AoG4br
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQzOTUxMTU5NjY2NjM2NTUxODg0MQ%3D%3D&google_push=AavPq0Mt91KolyUnmyc7kROdDQuGYrVVKNfxlcSZL_mzkMZD4LoUKnfHovoYXskKoEkJM3VU5YtzYkeVlZ87dKyl3vf-u7AoG4br
date
Mon, 26 Dec 2022 22:31:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame E76A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBza0B-N9B1JmdrDd-46xr8&google_cver=1&google_push=AavPq0Pn0G8CjXCS8ykkjb17-O4TQa0YL720bHoBp8-x_mH517NdyVjiJ7oriRaNTo9RdqMQt7...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00RjYwMDNaRTJ1R0RTa0YyOWJDMnh2N2xZUkowQnR3d35B&google_push=AavPq0Pn0G8CjXCS8ykkjb17-O4TQa0YL720bHoBp8-x_mH517NdyVjiJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00RjYwMDNaRTJ1R0RTa0YyOWJDMnh2N2xZUkowQnR3d35B&google_push=AavPq0Pn0G8CjXCS8ykkjb17-O4TQa0YL720bHoBp8-x_mH517NdyVjiJ7oriRaNTo9RdqMQt7YybD8wTrr4Do2gylN-TGTqKdWPbA
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00RjYwMDNaRTJ1R0RTa0YyOWJDMnh2N2xZUkowQnR3d35B&google_push=AavPq0Pn0G8CjXCS8ykkjb17-O4TQa0YL720bHoBp8-x_mH517NdyVjiJ7oriRaNTo9RdqMQt7YybD8wTrr4Do2gylN-TGTqKdWPbA
date
Mon, 26 Dec 2022 22:31:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame E76A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IL5r431momXjzoNCDlDciqldz0y5w0fDmoZ0OsfHhxELJBFdC39xhCXXrMLZiv930jVqKCiA
Requested by
Host: c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame 71DB 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?AZyNew
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 400D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:55 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 400D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:55 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 400D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 21 Dec 2023 22:31:55 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 400D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 21 Dec 2023 22:31:55 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 400D 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=y2TfExhJds-uODI7-8xJPc56KlGfI5s6qM48evN3f3Po9uLAEZneBX2wS4vCVdtxzBfljR7uOM7oY9rDX4xe355L9hECZmip5Z2rcvD_DIC5iG69ebYShDMfHb0_4xq1farq9vb3zcLVEVNlDF1VTiam-reM1jJVKAGxVOWyWBDNPT4qKFA1Ch7uCx5uVk6DoR0Wes05Cw3Yg7pdRdUB_bmYSeHEAnHj_hGjsnkwtl-k2-nT-I-I-Tl-ufaGF_xnt-AxfBODf48rk0alNejPISdc188zFqjzWLcKKql4n_PKlhC4U843a6bG2LZtzoG6oKQ39X33t4u6KMFYAH637QgBMSg0Mie_5iL7CjG8x4-sEj-XEPBkL3FTZteqIL4mfgzttJi2oGKhCP3CerL3CQPcRhG4zV1PZkFr75JnztoD2ISk
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4672690
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 400D 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
438163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2F68RvK8IxvvdMjBcjp0WWG0fGmAWAqVJ%2FR4dwRp9Zzuj6QxoVzUfT4T4lJXjVHg%2FlCz1Q%2FmVH95fKIyFaaSrDtTmQfKpx8EDwELDXMlElspDpkIW4vRLKDiKPf80icYdlmE9kqAhqjIRN33WSLNI4Xq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77fd44fb4a9f900d-FRA
expires
Sat, 16 Dec 2023 22:31:55 GMT
animejs.js
static.criteo.net/animejs/ Frame 400D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:55 GMT
e16bbeb08cad4eed824b4aba70e9b3a6_gilb__.woff
static.criteo.net/design/dt/ Frame 400D 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/e16bbeb08cad4eed824b4aba70e9b3a6_gilb__.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
07a19f4ab2cc2f9c0f975221e3ec83b1d1f00de764e366a1b2706a32222b1401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 22 Mar 2018 14:42:43 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5ab3c0e3-9e14"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:55 GMT
58c75efece344ebfa9a2c55cf3f7f0b8_gil___.woff
static.criteo.net/design/dt/ Frame 400D 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/58c75efece344ebfa9a2c55cf3f7f0b8_gil___.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a049b746d5a16d9e2ffc5c52c9dcdb88ad3ae95a8159ecab60517636129e6d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 22 Mar 2018 14:42:43 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5ab3c0e3-a414"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:55 GMT
img
pix.eu.criteo.net/img/ Frame 400D 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=12626&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12626%2F221219%2Fe5a1382806fa4d5cb2f6acbab0be6d7b_img_vertical_2.jpg&v=3&w=1200&s=7YGpTWnOjuhm-8cmBi1c_gTY
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
cc59945990b94dc04f0f77e8d89597e06a36456d45d311d1c9219f827ff79b3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30476771
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
53568
expires
Thu, 14 Dec 2023 16:18:06 GMT
img
pix.eu.criteo.net/img/ Frame 400D 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=12626&q=80&r=0&u=https%3A%2F%2Fwww.intimissimi.com%2Fdw%2Fimage%2Fv2%2FBHHR_PRD%2Fon%2Fdemandware.static%2F-%2FSites-INT_EC_COM%2Fdefault%2Fimages%2FRPD50S019-M.jpg%3Fsfrm%3Djpeg%26sw%3D400%26sh%3D600&v=3&w=400&s=htUTO4xJl_hOuYHX26HEoBS0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
7ecbb1529819f6036d9f0ca24e81486fd683cdf50b13400e8b2b2e3608469f8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7488
expires
Mon, 26 Dec 2022 22:31:55 GMT
img
pix.eu.criteo.net/img/ Frame 400D 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=12626&q=80&r=0&u=https%3A%2F%2Fwww.intimissimi.com%2Fdw%2Fimage%2Fv2%2FBHHR_PRD%2Fon%2Fdemandware.static%2F-%2FSites-INT_EC_COM%2Fdefault%2Fimages%2FRPS2468986I-M.jpg%3Fsfrm%3Djpeg%26sw%3D400%26sh%3D600&v=3&w=400&s=jNPn0dT_X7Rb0PzRa5KimkG4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
69414cc85efa9a6b1107fd77da1d71c180cf083adeafc25039746f70dd7194fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8814
expires
Mon, 26 Dec 2022 22:31:55 GMT
img
pix.eu.criteo.net/img/ Frame 400D 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=12626&q=80&r=0&u=https%3A%2F%2Fwww.intimissimi.com%2Fdw%2Fimage%2Fv2%2FBHHR_PRD%2Fon%2Fdemandware.static%2F-%2FSites-INT_EC_COM%2Fdefault%2Fimages%2FSBD49V141J-M.jpg%3Fsfrm%3Djpeg%26sw%3D400%26sh%3D600&v=3&w=400&s=ayVicJE7-bLSEYZr--Kt3gRE&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ee5f9288970a3587d55d576ba4a6a63003517d374ff991561392c95a0220e11f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=216
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4510
expires
Mon, 26 Dec 2022 22:35:31 GMT
img
pix.eu.criteo.net/img/ Frame 400D 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=12626&q=80&r=0&u=https%3A%2F%2Fwww.intimissimi.com%2Fdw%2Fimage%2Fv2%2FBHHR_PRD%2Fon%2Fdemandware.static%2F-%2FSites-INT_EC_COM%2Fdefault%2Fimages%2FSID96C142J-M.jpg%3Fsfrm%3Djpeg%26sw%3D400%26sh%3D600&v=3&w=400&s=HY8xWK6xBVn-wA-i-SrzGqQ5&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
29722934233472141b7508292ecbe20a0c9560e5bfbbbfc6c357933cf6942006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5330
expires
Mon, 26 Dec 2022 22:31:55 GMT
img
pix.eu.criteo.net/img/ Frame 400D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=12626&q=80&r=0&u=https%3A%2F%2Fwww.intimissimi.com%2Fdw%2Fimage%2Fv2%2FBHHR_PRD%2Fon%2Fdemandware.static%2F-%2FSites-INT_EC_COM%2Fdefault%2Fimages%2FCMD12F019-M.jpg%3Fsfrm%3Djpeg%26sw%3D400%26sh%3D600&v=3&w=400&s=_xVgi9bKTfA4utZM85Nvn3vB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
97d0fdf2c0f531a018c478da0c87d92287e308a785eaa01e3ee85941a60efaf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6172
expires
Mon, 26 Dec 2022 22:31:55 GMT
img
pix.eu.criteo.net/img/ Frame 400D 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=12626&q=80&r=0&u=https%3A%2F%2Fwww.intimissimi.com%2Fdw%2Fimage%2Fv2%2FBHHR_PRD%2Fon%2Fdemandware.static%2F-%2FSites-INT_EC_COM%2Fdefault%2Fimages%2FSBD49O_044_F.jpg%3Fsfrm%3Dpng%26sw%3D400%26sh%3D600&v=3&w=400&s=h93FBCtI0Fyuz3f3Z21d6jNk&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
4b85a79cc2d174876bc4698fb58a4e417ebd6e8b360a86746fc9a67ff9ca6283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
946
expires
Mon, 26 Dec 2022 22:31:55 GMT
all
csm.eu.criteo.net/ Frame 400D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=y51r3GVPjHilFD_3OoXLQBZDCoX6_ethY3SAjzZ5FZsczu3RTyCgM4c2wTwsqISZO6OEZ0xNZE9KKNWe6juf4kR4jyzOfiHaijVlIteuZatUFT6JhmUMYwcIbuNxBusxfiqj7Wp0QyOYZy4D33wkm8WM4LKLLLSXPHA-cwBUGiciqRE7Asi7IZiL5wosOHy79jiPjZ_S2IhJOT1j07N8aR0D3KAU-JGqWL3O0CNPJOV7108BXQI2Lg_no8c&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Dec 2022 22:31:54 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 400D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:55 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 400D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2414 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn0Wt8uoXikL6fXi5DjJBZtZhEJVv_SoB98RBdwIdGrQRrFseXTBGA8p_hwiTT9h2RmR4wf1U_ycZpFfCdTY4qcqfL14zPvYrthAJkh-AfjHboe5_L&sig=Cg0ArKJSzJ1Fz9O0AkIwEAE&id=lidar2&mcvt=1000&p=354,1024,604,1324&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2303525361&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672093913018&rpt=1746&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2414 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=1887403806901820&bg=!hIelh8PNAAYgquz3AKo7ACkAdvg8WuVxhhO6h_nVgkemrrMd_r1Rzxer9NX-tBFXrz9IwUmFasrZTQIAAAB7UgAAAARoAQcKAFQaRDQI_ai77Uv-glrWQV2Wt3sW4K9Pz_mcc1FFW67vmfe2j33A_PIe0H1C6PruebJ-furQMekFBSnOb7N2oaTXy2tFwCx3bzB9HyrmWwa8Qvi95NKZAwKBFO2tAyzV7TDiBMLrRPEWBy7vZA0TJQLv-w_sNhtjIePtIGVdoIDcAgQgcQHg3jBAu5v74z-sps-J75r64AhQbCcp5z52gWQCugARSzDU5rJcaoGd-os-fGgZs4sjMkhgO32peUzkcVNhc2pUXAe06HpQyLzdM1kCq6i2jGzdnQDvLKoklkyGPXBDs7KNOqtvkSrDgSCsPMkJBV3xAgVKj2yg_QhB64NEdeY8d3gEY0JkAO5L3M_aAG8eoPlMmObPFiFekxwWrTILQtU0wY4ebDgGB2ls9Ld2fJZ_oaKCepcWWTeRI50-g4poXCVg8_KBDX3rgepjZSdYzevQXzlhfOFT3j2kBPULgSZGA_JwOnGWf5N3VC4DHOE0yU97IFYh-LAINSt7CYdoNcfCCl8bG2D5S6Fvvla-clm7y9izmrU7MXc90RTNq8VNU3kRVcxjRykRHLlLZYW6wNHPQ8iTlqpSK0bLZYZhQrC0SXpeYP2yPCcnOMBMJhjrgb0lTLqfhSSGVU4McB5MvzbS4hehPiSW9UZ9V3kL2scXrbIr2gim9HV7ey48KbsABAOLkasTYdtHSPcNerSBqIgqF71xm8wrtVSGvgn5d9RMXZrpu0y7TLOXjWUg_3bJ8RkR-X6pM43mg4WZuHPhI_fNywq1RUe4JzhP3LIyFBZhMZBP6qicZ6EC0FKGzZhprotWb594hWhQV_ASuQKnVSJoG3khk-5ARdRwIvAWLXoGkefI597iroWo9xbRKlQde2jtwpazRGi3BonWKkQImeWH4kusr7Etijj2aNKXmBIoIEAu0fcTQoajZoicSJWdwfRYM0pHPRwg9VPtDj_K7fnz-zPgmlWMi1jm7IJrAI2QjIKDiN7gshGm2r9p2wsSFq9H_WjTjQXNPpF_2DWuWgKK-GrHbO9_j0r8Jib0I_JnUxmQAhsB8dTkA33crlYk6kd2ZXilQ684BA7Up1DbX2t8WwQv__OriO65pLaW_MH94V0HoUNXRq1vniUC-IvMrLhtYM9ElA
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
product.instiengage.com/ceu-code/ Frame 9FF0 		370 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:4200:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef0837a509d691a6a76069c2e71cb435b37c24db45d03ab2308218d256e9bad3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
itvBLrzl4PQpOXxg.aSvzygOV03Bdc_Z
content-encoding
br
via
1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 22:31:56 GMT
last-modified
Tue, 04 Oct 2022 16:29:39 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
age
259
etag
W/"f8c9913d6d4f80c23adb1b50dc580656"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600,public
x-amz-cf-id
TapELtM7EMnB_pE4Lk3dWCO4RxWEWejfualL2AlDntPnp-NYClgBoA==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1070775458&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&dp=%2F134cd2a0-7eab-4f89-ad56-f416cc5743c6&ul=en-us&de=UTF-8&dt=Migrants%20dropped%20near%20VP%20Harris%E2%80%99%20home%20on%20frigid%20Christmas%20Eve&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHHAAUABAAAAACAAI~&jid=1332055836&gjid=1379756308&cid=1495739541.1672093911&tid=UA-123718506-11&_gid=937555741.1672093911&_r=1&_slc=1&z=1938703886
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.instiengage.com/json/ Frame 9FF0 		245 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.121.131 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-121-131.compute-1.amazonaws.com
Software
/
Resource Hash
6e79391c115046bbbaf82e7f9aa527597fb4e1bfd9f6ce4f1fcdc8b4f6fdb5dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:56 GMT
access-control-allow-credentials
true
x-database-date
Mon, 26 Dec 2022 13:37:06 GMT
content-length
245
vary
Origin
content-type
application/json
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 9FF0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7ed7ef9182dc5206d1b7a8038bcfe2b57fc1be96d78b75152e9b713ca4ef2d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
T2IjPTIo4qchLnC2G3GrIcEa98kcWaxz
date
Mon, 26 Dec 2022 22:28:24 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
last-modified
Wed, 13 Jul 2022 16:30:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
222
etag
"591958545714b5567fc57c2f4c215b1c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
REPLICA
accept-ranges
bytes
content-length
3973
x-amz-cf-id
6TnYIJi8VxE_cUWGutz7oaH_vbvVgvGUM8ORX1yTwJOVCEpBDjUVhQ==
icon-check.png
static.instiengage.com/files/images/embed4.0/app/ Frame 9FF0 		649 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/icon-check.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
LAzj2T9To4nJbbC7ZHWfpQpTuFxrgcvY
date
Mon, 26 Dec 2022 22:29:46 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
170
etag
"b673377b664a0b33454c267d911fcfc1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
649
x-amz-cf-id
KiguexRN7pD173z4D-LaFVw4bAPAENTUSTV17ljhd0Zf8cKQ9-6Ovw==
graphic-ooc-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 9FF0 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/graphic-ooc-opt.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
eOMnJSzBI81wb4OK.n4S.oHVD4IqRrSP
date
Mon, 26 Dec 2022 22:28:24 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
220
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4833
x-amz-cf-id
beL805TJl6hZXWlJWia3tDwHtjvWcjZ-ucIXA2dAL1WpvrEduvehBQ==
contents
cms.instiengage.com/v3/ Frame 9FF0 		19 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.instiengage.com/v3/contents?embed_uuid=e5666664-52a2-4b8b-bca2-c3f0a6d328e9&cookie_id=null&content_order=ORDERED&for_embed=true&content_count=20
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.121.131 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-121-131.compute-1.amazonaws.com
Software
/
Resource Hash
4b08a4e1249d15a5528ca608417b9eea11b7950b4d8ac9f892456ebacb26b488

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:56 GMT
access-control-allow-credentials
true
content-length
19223
vary
Origin
content-type
application/json
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-123718506-11&cid=1495739541.1672093911&jid=1332055836&gjid=1379756308&_gid=937555741.1672093911&_u=aHHAAUABAAAAACAAI~&z=1307943841
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 26 Dec 2022 22:31:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-123718506-11&cid=1495739541.1672093911&jid=1332055836&_u=aHHAAUABAAAAACAAI~&z=289879069
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-123718506-11&cid=1495739541.1672093911&jid=1332055836&_u=aHHAAUABAAAAACAAI~&z=289879069
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5B5D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrgaDUof2leEJMoB1cBgC9AjYGLj9aIiEbfbTAOMQgBlR2mN01VvwlR1kSjslqBLmGUtZ1ndZ9kvgPDieETpo6iOE&sig=Cg0ArKJSzD9-_w0duP81EAE&cid=CAASF-RosV8TA2p-ws6Qq-eDYG9LnpO-lV4g&id=lidar2&mcvt=1000&p=354,1024,604,1324&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2933112504&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672093915062&rpt=394&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 400D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=y51r3GVPjHilFD_3OoXLQBZDCoX6_ethY3SAjzZ5FZsczu3RTyCgM4c2wTwsqISZO6OEZ0xNZE9KKNWe6juf4kR4jyzOfiHaijVlIteuZatUFT6JhmUMYwcIbuNxBusxfiqj7Wp0QyOYZy4D33wkm8WM4LKLLLSXPHA-cwBUGiciqRE7Asi7IZiL5wosOHy79jiPjZ_S2IhJOT1j07N8aR0D3KAU-JGqWL3O0CNPJOV7108BXQI2Lg_no8c&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og2gAMphUIu-KIAA8y16TsXGgQPY0ny90tgw&u=%7CGLt41UjbekwxR6lQACd9Zcpmr%2Bn4iz2hW570W167Gjs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRFAsM8HTJsVdISiCnWsB3RHnfztC9z0fN9qN5Z8jQWtyfXjMSEUbvMc4rP1p3ipdApwHhhnMPkrrDqJWdIKBX3o-dX6gwIipLVm3U029RfAKG7KYiuVHXf5E_lTluuPWJsrzoIkEHAfSVx4MH62_mZ8jIdG9l4Ez3FUDd0koJaffY_Hj4V5t_B8r8gWzp_hdz7hpl8QoNmnB-UM8eBMbd7dP40dXK43Yv6ZGD0Faav02S0jRhrimCOKRDXBAdAAfpTXtrnBSoYzPP14Q-GFO4DQk9wC7JV2NSa5e6QnFXNCQngIMt6cuRT2myfoJljjHwuncS33Dd318iJsLYksUuxiwrYDWLQ1zPcs_GDHLVJ2RW3sVrdz8ZDJdLlWrBmeA8GSnQvXHBNmZtydOA4jXzTw1tgBYGueu08ntbwVH4fbnzUAsmbnMNjPpjPPPj3eExlNekfujoq2-R5cOvh-Svz3Y62wkpCqSHEE0dm9a8T3-YmIziTjtlydQ4hItwoqsGoVN4hBCsHZUzXCiAzmuBxTJFJnDhtaHJY2ZoiYkQgWt8-2xXut4tc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFQ5c2iCqY5XMMojF7_UP1-W8qAjJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAggA_7J41bE-4AIAqAMBqgT_Ak_QaHMA6Z6AOGW9sY3RkrL4AbuBjuotaJKEUZYU0i29ULRIoo5jLhIX76prnaUnzmyDOh3ewQLip7qvcBgk5ZuPu5JWZCfs_LoOFA5qs11PG1uYCrddoq1blYHZJGI19hz60GdsJrIaNkVBSvXq1kaNuz4fHNHAKJCAg-JUtAiotveCJZXPYq__piUrcJAUoYCkrTrDvv2uCq2jW9v6MB9rxZGI3LunKQ-vxLjyN-bBHZAc_Wwg4GjcbOFSuO46vt7EgrQ1E6VdmpSvORZ46vxnBV-0fwTk5rr347Gyx_-Vtt6Voqz3Oy8hEEyjQ7o5CgrGSR8LVURU2LlJlEOvnkpng-Rt7no3fUvsDnq0xta1IRzkLUI0gJ2GjyXEf96mO3c14-_8vszp332KQyvtrhy3l5BIAof6HJahcrNBJHi5ssX8uj7rA_b0zS6infaBlDwlWZSXmRm7kMon_8nP2vDJ1-zI8RK7xM1X-XkIryrvzlvIXCqbQSaXKA-QoVut4AQBgAaXpv-Rrde0kdoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1VWA9m-uOzMly0nmexjV2ev7IAKg%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Dec 2022 22:31:55 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
ff22c107-6012-41df-b533-42b43440396e
static.instiengage.com/client_images/0eda47e1-3a3f-4444-8ab9-a525f4133e8d/ Frame 9FF0 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/client_images/0eda47e1-3a3f-4444-8ab9-a525f4133e8d/ff22c107-6012-41df-b533-42b43440396e
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc67f48afa808c8c8f95c8e8c11cf7f8d57d96fb901e8548a2dd2b61f9b1c2fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
6vvtsoEgEoX1q9LK9W1dY9aQWqo0FqDY
date
Mon, 26 Dec 2022 22:31:57 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
last-modified
Tue, 05 Jul 2022 13:11:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"bdfb420c1e288cc142bf3dd59fdfbd5c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
cache-control
max-age=3600,public
accept-ranges
bytes
content-length
122957
x-amz-cf-id
lh58n8oP3uNRh-VOYIhmv_ADNBjYNMXpuoR9soiuuubuPoLM93fj8w==
bid
ap.lijit.com/rtb/ 		24 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2cef8950fd4af5f1d508b82f7d3c873674e706c521353f2b3f77b809630d1945

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 26 Dec 2022 22:31:56 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969da301757594a0c49518afc10016&pos=8a9695e3017777b66e76bc36403401e5&cmd=bid&secure=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
fed5afae687d10799297ab565e67a6db3b8c7831871a951f98c0e2a828dfd63f

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Dec 2022 22:31:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
content-length
62
trinity.json
apex.go.sonobi.com/ 		94 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226756a3ee1d02a5%22%3A%225ada8bc6024f756e9ec4%7C300x250%7Cgpid%3D%2F281191609%2C5136785%2Fcityspark_oahu%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&s=40865964-f89c-4400-bdcc-a70e2becd845&pv=063a2288-79fa-4c79-a27a-046a79238f69&vp=desktop&lib_name=prebid&lib_v=7.13.0-pre&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F%22%2C%22domain%22%3A%22staradvertiser.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22staradvertiser.com%22%7D%2C%22keywords%22%3A%22Politics%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=1&gdpr=false&schain=%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200049%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
769b4ee09a1f16f722c392c866ac2e344639c5d54f32cc859b5758b0a947ca94
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 26 Dec 2022 22:31:57 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-143
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		137 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ab8a708676ef778b44f5da980a7643485aa1dab7fa3db3f4748ec193fff4b5ff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 26 Dec 2022 22:31:56 GMT
AN-X-Request-Uuid
96978134-83ba-456c-b931-b496f97a8fd5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.139; 178.162.209.139; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=359592&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2298240703aad035%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F%22%2C%22domain%22%3A%22staradvertiser.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22staradvertiser.com%22%7D%2C%22keywords%22%3A%22Politics%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.13.0-pre%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F%22%2C%22tmax%22%3A1800%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22adunitcode%22%3A%22ahm_widg_id_0%22%2C%22divId%22%3A%22ahm_widg_id_0%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210895d09a89189d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22359592%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F281191609%2Fcityspark_oahu%22%2C%22gpid%22%3A%22%2F281191609%2Fcityspark_oahu%23ahm_widg_id_0%22%2C%22tid%22%3A%22702afdd2-90d9-4df9-ba03-d0d7ec8dda00%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200049%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d194176a273a86feca5fb1dc7a1d9e1ded662a6653c61f87054331351ac27fe

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FFsWi45gK0eLMwj6XmcKlT%2BiAcwxcB%2FfwO6riOEydmj1o4BA4IYZqdRykytTv0k%2FKRmbRA5qS%2BnVMjdMP3ZEc4l1F9r6lU9LQKQ%2FsOHtt98IRtI3abnBSLqT%2BiB%2Fu4WnckrAbfv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77fd4504c9cc9091-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
collect
d.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Mon, 26 Dec 2022 22:31:57 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3230147019992116&correlator=1036208249734691&eid=31070873%2C31071093%2C31071151&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=281191609%3A5136785%2Ccityspark_oahu&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=22&adks=1413280974&didk=564184613&sfv=1-0-40&prev_scp=frstlk%3Dtrue&eri=1&cust_params=ip%3D0%26he%3D0&sc=1&cookie=ID%3Df331695c6dc12b2c%3AT%3D1672093911%3AS%3DALNI_Ma5hPQ3nVcqHDgnu9hrZKfj0rOxag&gpic=UID%3D00000b99026d4273%3AT%3D1672093911%3ART%3D1672093911%3AS%3DALNI_Mab9hpat4azlL26VvvV-EP84Z-jLw&abxe=1&dt=1672093918713&lmt=1672093918&dlt=1672093909331&idt=1663&adxs=1024&adys=1894&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=11&ucis=m&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=1495739541.1672093911&ga_sid=1672093911&ga_hid=1070775458&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRi3pcGE1TBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBillcGE1TBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YpZXBhNUwSABSAghkEhQKBW9wZW54GKiiwYTVMEgAUgIIbw..
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed2f1d0b5e0007acc1ff34b70f9b9090fd7cb87e6eb2bde72a49cd6cb3c05bb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10182
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 19C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:51 GMT
expires
Tue, 26 Dec 2023 22:31:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 19C9 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:5a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
787e3396f1ff0f54337135bcaec8e8c75dd0b2a1687c3b0ab4948e872d316b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
xJUdICquM4oKT449krCHztTk_4l_Xs3L
content-encoding
br
via
1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 21:51:49 GMT
last-modified
Thu, 03 Nov 2022 13:13:11 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2410
etag
W/"3ce6a7637e3e0b41a7cc4d619da1f7f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
n8jUMkb-oc9gMOwQOmURc2c5RuGaQqhhz1aGsX4UmwO4lIzNp-ADYQ==
adview
securepubads.g.doubleclick.net/pagead/ Frame 19C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpYww3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgTyAk_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7JOxXY0rDtRNQohbtr6XFKHyFwvIYAnrk5Ymia-gfJn-7g2GndtHgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjcxODQyNjIzNzYxNTYxMBih6Ck&sigh=XDc2Q-Bf1-I&uach_m=[UACH]&cid=CAQSPADq26N9QXimqnRx3yG8pG1dMBAAW4aN0BkJvWQTGNHnKjP2uTj0J-lFqzuzxx_G8Phl5QAAGDXE7-J97RgBIBM
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 19C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k525EvKUWKwC-gGdg2ICAgAAAHDupmh9B3kcC3qIsKZOUjYQ3iCqY4WXFn__guVjGz2dABIAAA&wp=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
2652940
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame E0AA 		136 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
67ccceee353f5b1b16b7e88c1a0bfe402b7738ca5b066c3a5d514bf6aaa26e8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:31:58 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0GXYiGVPjHilFD_39FmdD4ZmjUKRuyab42MBj_WpLkBfY4ztgXZaerHqHZzO0q2-sT1sg3wzcdXKBic3aVJnFWFFVwxcxgM-JpeRCwKmi0M5ZQshOydr3ObrC9EoytCug1x-lP7MzN4L8MAOYJsnNeB-zMtc2zuofDYCbGTesWBOORZ5tGzCFosXHGIfvwFH_Se_qNFSZ1x9QGXe3YbDb5QQpbGN0bzeBj8QjTGtEqI5ciA3Qegsv5hbfZWUcJAC5_LFHQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
56970183
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 19C9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
24016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 15:51:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 19C9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
35928
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
l
www.google.com/ads/measurement/ Frame 19C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPlBDLXNZ73yTHH4gXeWmtn2gXkLiDj0kMErXaLNL6mFxfVp-m5NMMnhZZwd0jyzgOIZvx
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 19C9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
199004
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 19C9 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 22:31:59 GMT
truncated
/ Frame 19C9 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ee8ccbe444af7420f762a7add0a249e00725cbba8a4b9681ea4434edf213b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 19C9 		0
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=654796
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZ2iZCE637xTPRnfpzwSKVcG0VF9yhYDp9DZ9zSO6ihF%2FnYI7rwGOok1fvQo6uLWD01LGKLnxEdQ8lNFvVuQ7WQjSPuqYHLvwJYm4AZnpMTrk8iXdyJie79lM9oBPuOzefIy%2Fu%2F22mNXVTPMYW%2B9PYY52g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
77fd4511cc759a1e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FzR4j2z5AfP-LH4Bnjgx
96b920a2-0a0d-4a91-980a-f7e5addbf9ba
https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/ Frame 19C9 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/96b920a2-0a0d-4a91-980a-f7e5addbf9ba
Requested by
Host: f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
URL: https://f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
privacy_small.svg
static.criteo.net/flash/icon/ Frame E0AA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:59 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame E0AA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:59 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E0AA 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 21 Dec 2023 22:31:59 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E0AA 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 21 Dec 2023 22:31:59 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame E0AA 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=x02q4thvpYMFLuLWNcC0gmWBWUAl8mDAULCTw1lob5SXmMp8WYT2aSZEVKoi_-aA-l2j63VfFYsyg0IAy87mhMvG8Hp-JYlZEKrULfPvN96HgvEfjP7csE9gwxd-NjCAR2UINVlWOYusKbK8C4naDO4rFskdZTLpTrtr32E84aQOoNzizC5Fqpl4eveO-sKpiuSHmkIJZAlb50jR8Etb8oYtG67TUjPyUnZLeSV5cb80gFFbBFSvnOvnroW2A3NOrnWtsaYHW8rVAoE94rp4orHuufl5m9TKGJWmGOd3ipJ2I2R3ySf7AKzld7QSaGSgWrBZllziIzELKfAHYf10P72uXRHUhdCd4N7HM5bZMQBt3rgeDHcC8Go0ZtRapzQ4xTUJGQt9YPSzAZXzQhaVoVvVptBNHc9VVIcoKfD82yxNnRDNVw2zhC-FH77w4M-hHNti8A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Dec 2022 22:31:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4635298
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E0AA 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
438167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJBiYZkRmTSYj5R16ToAfUBWmJm3yqp8kyPF5Fsm8fMvh8AuBBzUa9Q1fdyxhgnzPig3s5POfc8N8aB0Uc5WNUUbBBf0crDIWAVgGlr%2FfxqcLB6yuNlomv7FACuY4RCAjlORJ6ln3xkDbSYbVAZYGzGc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77fd45121cfe900d-FRA
expires
Sat, 16 Dec 2023 22:31:59 GMT
animejs.js
static.criteo.net/animejs/ Frame E0AA 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:59 GMT
bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame E0AA 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-de74"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:59 GMT
9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame E0AA 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-e7e4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:59 GMT
img
pix.eu.criteo.net/img/ Frame E0AA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=91953&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91953%2F211214%2Fb9c57b3a1c1041d88e6b2f0db631a78b_logo_smyle.jpg&v=3&w=596&s=BWXKS-2-T6gu-H_pWaDWFl61
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
3bab5cbb8a7bb3bf2bb64d969fe1d30dba61a7c15830da82bba8815223d6c745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30530981
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2192
expires
Fri, 15 Dec 2023 07:21:41 GMT
img
pix.eu.criteo.net/img/ Frame E0AA 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91953&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F463f0c9a-db52-4881-860d-02d7668e2a79_b01e63d2-5531-429a-b66b-9cb358387097.jpg%2F1280x960.jpg&v=3&w=400&s=BdSCEBLPo6anzWH-xgBg1qbV&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
cdcde63736dceab510901079c6464de0844f12b26f85172ab8ec2437c085bace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=362356
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14240
expires
Sat, 31 Dec 2022 03:11:15 GMT
img
pix.eu.criteo.net/img/ Frame E0AA 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91953&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fc835ad37-1cc9-43be-9dad-9e5846f5a5e9_6fe1771c-0602-412c-a6a0-cb448622da93.jpg%2F1280x960.jpg&v=3&w=400&s=RuYAAhsHNA7cAJMxd3a6SSnx&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b5d4096ebcf4b95e6b11580b008a427454ea743cd79813da6800204d7fff182f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=247601
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33578
expires
Thu, 29 Dec 2022 19:18:40 GMT
all
csm.eu.criteo.net/ Frame E0AA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=0GXYiGVPjHilFD_39FmdD4ZmjUKRuyab42MBj_WpLkBfY4ztgXZaerHqHZzO0q2-sT1sg3wzcdXKBic3aVJnFWFFVwxcxgM-JpeRCwKmi0M5ZQshOydr3ObrC9EoytCug1x-lP7MzN4L8MAOYJsnNeB-zMtc2zuofDYCbGTesWBOORZ5tGzCFosXHGIfvwFH_Se_qNFSZ1x9QGXe3YbDb5QQpbGN0bzeBj8QjTGtEqI5ciA3Qegsv5hbfZWUcJAC5_LFHQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Dec 2022 22:31:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E0AA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:59 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E0AA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:31:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Dec 2023 22:31:59 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5C79 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: americanhometownmedia.com
URL: https://americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
11301
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 26 Dec 2022 22:32:00 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
52, 82321
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230028-FRA
X-Timer
S1672093920.401156,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 490F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: americanhometownmedia.com
URL: https://americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1027
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77fd451a897bbbad-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 26 Dec 2022 22:32:00 GMT
expires
Tue, 27 Dec 2022 02:32:00 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 5C79 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Dec 2022 22:32:00 GMT
AN-X-Request-Uuid
716857b5-6b69-4940-8656-97d13c7f141d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.139; 178.162.209.139; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=2&f_privb=0&tid=2344b8d6-a57c-4755-9ab4-af67c848d417&pid=2473dd71-f055-459b-8be8-da7975026c1d&dtm=1672093920864&qnm=_matherq&visible=1&tabid=6139f779-c1fa-405e-9ce2-8e0a8fc52872&url=https%3A%2F%2Fwww.staradvertiser.com%2F2022%2F12%2F25%2Fbreaking-news%2Fmigrants-dropped-near-vp-harris-home-on-frigid-christmas-eve%2F&vp=1600x1200&ds=1600x7904&tofa=1672093911&vid=1&lvidt=1672093911&duid=c5781a352b63e704&fp=983239506&cid=ma15446&mrk=988352900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3MjA5MzkwODY2NiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMi43bWIiLCJoZWFwVCI6IjE3LjFtYiIsImZzdFBhaW50IjoiMTMwMSIsImZldGNoUyI6IjEiLCJkb21haW5TIjoiMiIsImRvbWFpbkUiOiIxMSIsImNvbm5TIjoiMTEiLCJjb25uRSI6IjM5NiIsInNzbFMiOiIxMzkiLCJyZXF1UyI6IjM5NiIsInJlc3BTIjoiNTgyIiwicmVzcEUiOiI2OTIiLCJkb21Mb2FkIjoiNjY1IiwiZG9tSW50ZXIiOiIxNDM3IiwiZG9tTG9hZFMiOiIxNDM4IiwiZG9tTG9hZEUiOiIxNDQ4In19
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.131.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-131-223.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Mon, 26 Dec 2022 22:32:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
all
csm.eu.criteo.net/ Frame E0AA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=0GXYiGVPjHilFD_39FmdD4ZmjUKRuyab42MBj_WpLkBfY4ztgXZaerHqHZzO0q2-sT1sg3wzcdXKBic3aVJnFWFFVwxcxgM-JpeRCwKmi0M5ZQshOydr3ObrC9EoytCug1x-lP7MzN4L8MAOYJsnNeB-zMtc2zuofDYCbGTesWBOORZ5tGzCFosXHGIfvwFH_Se_qNFSZ1x9QGXe3YbDb5QQpbGN0bzeBj8QjTGtEqI5ciA3Qegsv5hbfZWUcJAC5_LFHQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6og3gALi2cIu-0FAA4G_pkacVNyyZOH0ZwheA&u=%7C%2BnlFFgoEZal3BeePt%2B%2FXy8MSkhkPrkB%2FYQ8xZnKeklA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf3diV7C2_VUKApo2Mqx7-Zupv19uV1_rqxJenF4uFoozvS2aeZmzOQpKLRmtg5XlLKaMpFzkuDoGTYM4w66-izzccpRkxhMVMxnvfHyD9KuK15KqaJtrmOTzyryAs_X_EtGAe2WDBvdFlR-HE6cRQe_a2PVGEw_AbTodwJ4IZDAR1vmXjasPKP-pwreonoV6Y7170gq3YMJpiLHS-QVEoK-GLdysKY-Nuz5a1-uPD-9eF3GmTIcObj-evTDH-MUGli1QRwEBFqmC0xlmoVoZwi6m0WotyIPT92SC5lQJE7nngUj8RiTQu-RLXgn-lgen_NIOe7L7g2PYuaVnuEOQ8sKqdIxoRYijQEzUQ-tcH4-gZwUarbsrHOXyPLEKugdvVq5aMt4dn-myS7de9Dg0uML_ugWnrmXpu814I1nJKDIdJ3PWRvdnn6mZL6ZGLUa5IytmquBDQyFXe2pYiBEddmQT1WhBsQs1ebBwnVQdH0D8CskMAvoxrBH33BMHj8tTljG0iP8ekpidgq4UirSwQGpexjWAeAWMZTKZz8PokXxELg2AMFanatQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9UcH3iCqY-eWLoXa7_UP_o248A3JntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTY3MTg0MjYyMzc2MTU2MTDIAQmpAggA_7J41bE-4AIAqAMBqgT1Ak_QslCKWU8zTkHCpv1UgXrsV-nKOWQeLtsu-0fzZ6cxXXwofgX6NwumljQH2b0TzCcJkTb6-DO7dQt_8LEB6A6Y_ghyaPkcCg4jQFmHS2RmtHJuyjmI-NHGzs_A2yyMXf-gFjBZPqVH4fR4nkgBHCB_FWncErqenJidwy7yPASe_mhk5QodsXmsIHBbgY-s60lhcIpRmbryKa05L_rtNqPOSrFqKom2a1XTNy8Z6iaNp5JcandaJV5XwZE9dMqvVBFDzCVgsYl81ejqPzncij2LVsFQIJ4XT7EpcDy8tIHCN8G5PEwANiWoCaV6ft1_Lwq1HOLlWS9vefP7dn2NWPnJecIH6ZGVBcFQqe-6XklDgC143RK2RI5JBNB9TYIpVEj8ejZBVzV7dXJEj0AfwA7fqcux1bWkMMkQIpA9cXZ881HAywAtq6G5Y5A7Zu528c1MKQDvPgJOf5hj0HWRyEQSLGJmUUGfzRqgOFOjBssjZW7q9XDgBAGABrSFwM3Ts_-4SaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTc3MjgyODYwMjE4MDcxNDD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s1yNmfPbfK5VhiFpBOTm8LlTqzQ%26client%3Dca-pub-6718426237615610%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Dec 2022 22:32:00 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
async_usersync
ib.adnxs.com/ Frame 5C79 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Dec 2022 22:32:01 GMT
AN-X-Request-Uuid
672b9315-5052-4520-bce4-916f148b97e9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.139; 178.162.209.139; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
insiderdata360online.com
URL
https://insiderdata360online.com/service/platform.js?ran=0.7737789000813813

Verdicts & Comments Add Verdict or Comment

413 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| oncontentvisibilityautostatechange function| x00_0x3dbe function| x00_0x50d1 function| x00_0x1b5a function| x00_0x3e98 object| _Scanner function| pbjsSetConfig function| getGTagAdSizes function| getGTagAdSizesWithLimit function| executeParallelAuctionAlongsidePrebid object| PublisherCommonId object| PWT object| pbjs object| googletag boolean| gptRan object| prebid_bidders number| PREBID_TIMEOUT object| bidSlots object| outOfPageSlots function| loadPrebidAndGPT object| apstag object| slot1 object| slot2 object| slot3 object| slot4 object| slot5 object| slot6 object| slot7 object| slot8 object| slot9 object| slot10 object| slot11 object| slot12 function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| adblockDetector object| GlobalAamNamespace function| aamsitecertifier object| _sf_async_config number| _sf_startpt object| jwDefaults object| webpackChunkjwplayer function| jwplayer function| createJWPlayer function| loadJSON function| shufflePlaylist function| updateJWPlayerThumbnail function| removeVideosOlderThan function| createModal function| openModal function| closeModal function| createJWPlayerVideoGallery function| populateGallery function| createJWPlayerAdbox function| createJWPlayerVideoGallery_homepage function| populateGallery_homepage function| createJWPlayerVideoGallery_dynamic function| populateGallery_dynamic object| Insticator object| _taboola object| google_tag_manager object| dataLayer object| google_optimize object| _comscore function| __handleUspapiMessage function| __uspapi object| str1 function| clarity function| matherSubcribeClickEvent object| HSA_OBSERVE function| lozad object| _wpemojiSettings object| ad_vars boolean| isCommentsLoaded function| loadCommentsScript function| pbjsChunk object| _pbjsGlobals object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError object| Rollbar function| rollbar function| isToSPPAccepted function| setToSPPCookie function| getTOSPPCookie function| createTOSPPCookie object| AdRefreshControl object| addComment function| setHSACookie function| getHSACookie function| _ object| wp function| Popper object| bootstrap object| StyleFix object| PrefixFree object| teads_analytics object| _cbq object| apd_options number| ordnumber string| sscUrl number| x object| atsScript object| _cb_shared object| twemoji undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| InvalidInputHelper object| tags number| no_of_paras number| p_tag_length number| j number| k object| pelement number| clength number| ilength number| this_iframe number| pos string| tag_text boolean| next_iframe function| joinNewsletter object| cswidgetoverR boolean| apstagLOADED object| _cbm object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| owpbjsChunk object| owpbjs string| partnerName string| key number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized boolean| headerTagInjected number| insticator_tg boolean| abpStatus object| InsticatorXmess object| pSUPERFLY_mab object| pSUPERFLY object| Snowplow object| COMSCORE function| udm_ object| ns_p object| teadsscript boolean| fifabAlready function| fi_fab function| gtag object| ats object| ggeac object| google_js_reporting_queue object| _0x4cc4 function| _0x30b6 function| _0x4a113e object| _ds05un3 number| _pa_v object| paGlobal function| callUnitMan object| pa_prebid_fw object| pa_pbjs_fw2.0 object| TRC object| _tblConsole undefined| msg undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| GooglebQhCsO function| fbq function| _fbq object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _mather object| _matherq object| tid object| refCatKv object| insticatorCommentingUnitSettings object| InsticatorApp string| insticatorHeaderCodeVersion object| __webpack_exports__ object| instBid object| ads_list object| embeds_list boolean| isPageviewSent object| federatedObj object| confiant undefined| google_measure_js_timing object| outOfPageSlot2 object| outOfPageSlot5 object| outOfPageSlot3 object| outOfPageSlot4 object| outOfPageSlot1 object| teads function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| fiUtils object| $FIslowSelectors object| $waitOn object| pa_pbjs_fw object| recaptcha object| closure_lm_873045 object| instBidChunk object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| csWidget string| gaName object| gAservice function| csWGa object| __connect object| npt function| confiantDfpWrap string| ahm_cs_gtm boolean| ahm_cs_loaded string| nam object| placementData object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589__ function| sync16589_Y function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_3 function| sync16589_8 function| sync16589_ua function| sync16589_4 function| sync16589_6 function| sync16589_va function| sync16589_wa function| sync16589_9 function| sync16589_7 function| sync16589_5 function| sync16589_xa function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_$ function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_132 object| Criteo object| Criteo_identitytag_132 function| setImmediate function| clearImmediate object| cmTag function| postscribe object| google_tag_manager_external object| _cm_wfCounters string| myPropertyId object| clientSettings object| ahm_config object| ahmpb object| ahmpbChunk object| ahm_adParent object| ahm_friendDiv object| pubgroup_config

109 Cookies

Domain/Path Name / Value
www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve Name: _gada_ses.6fbe
Value: *
www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve Name: _gada_id.6fbe
Value: d6c03779-5c04-4535-b856-7f7df3bfc830.1672093911.1.1672093911.1672093911.676c26d6-4982-4067-8860-db590f397f17
www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve Name: privAu
Value: 0
www.clarity.ms/ Name: CLID
Value: 9a7a5f0bb9944ba097d26d815fb83f66.20221226.20231226
.postrelease.com/ Name: opt_out
Value: 1
.staradvertiser.com/ Name: _ga
Value: GA1.2.1495739541.1672093911
.staradvertiser.com/ Name: _gid
Value: GA1.2.937555741.1672093911
.staradvertiser.com/ Name: _gat
Value: 1
www.staradvertiser.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.staradvertiser.com/ Name: _pubcid
Value: 8327e681-1cb0-4dde-87c0-4dfaa61a0056
.trkn.us/ Name: barometric[cuid]
Value: cuid_95d64ea5-957b-4b44-a2b7-43d5fb800c61
.staradvertiser.com/ Name: _cb
Value: CpepY0Dzblr_BPgUkJ
.staradvertiser.com/ Name: _chartbeat2
Value: .1672093910637.1672093910637.1.C59rgPBaTTQlCZgCFoDqa5PwDUZbzn.1
.staradvertiser.com/ Name: _cb_svref
Value: null
www.staradvertiser.com/ Name: ntvSession
Value: {"id":2901561,"placementID":1071098,"lastInteraction":1672093910836,"sessionStart":1672093910836,"sessionEndDate":1672099200000,"experiment":""}
powerad.ai/ Name: 3535dcr-g
Value: 1
powerad.ai/ Name: 12331dcr-g
Value: 1
powerad.ai/ Name: 12593dcr-g
Value: 1
powerad.ai/ Name: 12594dcr-g
Value: 1
powerad.ai/ Name: 12595dcr-g
Value: 1
powerad.ai/ Name: 12940dcr-g
Value: 1
powerad.ai/ Name: 13127dcr-g
Value: 1
.staradvertiser.com/ Name: _ml_id
Value: c5781a352b63e704.1672093911.1.1672093911.1672093911
.staradvertiser.com/ Name: _ml_ses
Value: *
.staradvertiser.com/ Name: InstiSession
Value: eyJpZCI6IjkwYWU3OTk4LTU0NzEtNGMxZS05MDJlLTQyMzI5ZmI2OWFlNCIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
www.staradvertiser.com/ Name: _lr_geo_location
Value: DE
.staradvertiser.com/ Name: _clck
Value: xuxt46|1|f7q|0
www.staradvertiser.com/ Name: plsVisitorGeo
Value: DE
www.staradvertiser.com/ Name: plsVisitorCity
Value: Nordrhein-Westfalen
.staradvertiser.com/ Name: _gat_gtag_UA_137034616_28
Value: 1
www.staradvertiser.com/ Name: visitorGeo
Value: DE
www.staradvertiser.com/ Name: visitorCity
Value: Bochum
www.staradvertiser.com/ Name: visitorIP
Value: 178.162.209.139
www.staradvertiser.com/ Name: emailhashes
Value: []
www.staradvertiser.com/ Name: heCooldown
Value: 1
.staradvertiser.com/ Name: _fbp
Value: fb.1.1672093911454.828766883
www.staradvertiser.com/ Name: _ga
Value: GA1.1.1495739541.1672093911
www.staradvertiser.com/ Name: _gid
Value: GA1.1.937555741.1672093911
.cpx.to/ Name: cpSess
Value: 7c7762de4869bbbd
.doubleclick.net/ Name: IDE
Value: AHWqTUkoSdiBZplhD8xLRdnM2afyhlezhab-2Wac1uAw5w0bdvtaZdSWcPDlVK66NBE
.adnxs.com/ Name: uuid2
Value: 4079998900732099964
.staradvertiser.com/ Name: _clsk
Value: 1969r3n|1672093911777|1|1|d.clarity.ms/collect
.pubmatic.com/ Name: KTPCACOOKIE
Value: true
.staradvertiser.com/ Name: __gads
Value: ID=f331695c6dc12b2c:T=1672093911:S=ALNI_Ma5hPQ3nVcqHDgnu9hrZKfj0rOxag
.staradvertiser.com/ Name: __gpi
Value: UID=00000b99026d4273:T=1672093911:RT=1672093911:S=ALNI_Mab9hpat4azlL26VvvV-EP84Z-jLw
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B81A9662-136D-42F9-BBF5-8EF5985BA510
.cpx.to/ Name: dsp_dbm
Value: CAESEFvzG_uyrC9NM0hnYzl_8Gw#1672093911993
.cpx.to/ Name: dsp_app_nexus
Value: 4079998900732099964#1672093912250
.cpx.to/ Name: dsp_pubmatic
Value: B81A9662-136D-42F9-BBF5-8EF5985BA510#1672093912363
www.staradvertiser.com/ Name: _sp_ses.6fbe
Value: *
www.staradvertiser.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D1b66759d-9b4a-4ce6-8fa4-fdc28edce9fb-tuctaa3a657
.unsplash.com/ Name: ugid
Value: 71dfb23d6473d7d3d54103c406a8b6ae5573646
www.staradvertiser.com/ Name: _sp_id.6fbe
Value: 51094852-2df2-4d3b-997f-e31d5172dca0.1672093912.1.1672093913.1672093912.e5a10bc5-920c-4f41-a0dc-71643c8c79c3
tradehouse.advertserve.com/ Name: AVPUID
Value: 7c699b8471da86cfde18afef33d2c7af
www.staradvertiser.com/ Name: _lr_retry_request
Value: true
www.staradvertiser.com/ Name: _lr_env_src_ats
Value: false
.staradvertiser.com/ Name: lotame_domain_check
Value: staradvertiser.com
.criteo.com/ Name: uid
Value: 532e6f6e-fb91-4f92-8c68-3c09fd00e1bf
.3lift.com/ Name: tluid
Value: 4439511596666365518841
.ctnsnet.com/ Name: cid_02a613213cbe42ec91cafd913b1d46d5
Value: 1
.ctnsnet.com/ Name: gid_CAESEEZSJ7d0RIXhtRQuvvx8ZaA
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22989AEE9E-4C8D-4859-A32F-AD133B75647E%22%7D
.quantserve.com/ Name: d
Value: EEwBCQHzJ4EA
.quantserve.com/ Name: mc
Value: 63aa20d9-c3840-c7f7c-b7e01
.yahoo.com/ Name: A3
Value: d=AQABBNkgqmMCEF7mYfpUWb6KnNMTi4kW-B8FEgEBAQFyq2O0YwAAAAAA_eMAAA&S=AQAAAgP52cL6KyfbRmBZiwGo-xg
.casalemedia.com/ Name: CMID
Value: Y6og2dMbjP7YRJJHFJMmiQAA
.casalemedia.com/ Name: CMPS
Value: 1120
.casalemedia.com/ Name: CMPRO
Value: 1120
.turn.com/ Name: uid
Value: 7998387225825475027
.bidswitch.net/ Name: c
Value: 1672093913
.bidswitch.net/ Name: tuuid
Value: 965d8779-f09d-4bdc-9657-b971fe1dc90e
.360yield.com/ Name: tuuid
Value: b6778b42-fb20-4e97-9eaa-85082fdfb8ef
.360yield.com/ Name: tuuid_lu
Value: 1672093913
.media.net/ Name: visitor-id
Value: 3150955131492383000V10
.media.net/ Name: data-g
Value: CAESEIFi9lx3wy3w9HlcOPpl4lY~~3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-09a896e0-5dc5-4eee-ad9f-dd4b5a1e0083-003%22%7D
.casalemedia.com/ Name: CMTS
Value: 1215
.bidswitch.net/ Name: tuuid_lu
Value: 1672093914
.staradvertiser.com/ Name: cto_bidid
Value: ktNgZl9ocCUyRkJSblZiVmd1SzBnN0VUN0VEZTg2dVA2VWZ4MEFEclVhZSUyQjNKMWF0NEolMkJDbW5IZkNSNWlwdjFJQ3MwUGVOT21iZmIxRzYzMUNzOWY4YzF1SHNrZyUzRCUzRA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-09a896e0-5dc5-4eee-ad9f-dd4b5a1e0083-003%22%7D
ads.avct.cloud/ Name: uuid
Value: 3f4f1166-d95b-447f-ad5b-aed4fcc62319
.pubmatic.com/ Name: pi
Value: 160074:3
.staradvertiser.com/ Name: cto_bundle
Value: h8YQxF9KTG5sdkFBZk1ES0JhWVNxeVpRQ0MyU0RHR0U4JTJGaW8zNGNGRmRGRiUyQlI2MVNWczJkd3RiOVl6RWYlMkY3JTJGT3BZdVZpcFp4aE11SnNVSkZLRzBTUklmdnNFeTROSGZwMFZHdFBHJTJGNHZtM3Nha0UlMkJtWVJWc1RnR043cU1HUCUyRlZZWUhuNHdneUFTY2NLTEZndlpiRENZM0NOcTNPNFpSS1ozbVk1a29PelZhMllmOCUzRA
.tribalfusion.com/ Name: ANON_ID
Value: ahntmIm5ab7AyuoCUkE5QKG57iBpXAMYgsuHTbZadotwvfx2rpoWorpbdDiPIS8kXgZd9s2QNQbMMEuIVKY7lRUZanN
.spotxchange.com/ Name: audience
Value: 199cd425-856d-11ed-81cb-1ee5b9e10306
.pubmatic.com/ Name: SyncRTB3
Value: 1673222400%3A220_21
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFP_xreNn25GkSCtlyvPDSY&KRTB&16514-CAESEFP_xreNn25GkSCtlyvPDSY&KRTB&23025-CAESEFP_xreNn25GkSCtlyvPDSY&KRTB&23386-CAESEFP_xreNn25GkSCtlyvPDSY
.pubmatic.com/ Name: PugT
Value: 1672093913
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.awin1.com/ Name: AWSESS
Value: 377129:2470185
.awin1.com/ Name: awpv11354
Value: 412871|1672093914|19ca4810-856d-11ed-bfb9-223141246197
www.conrad.de/ Name: HTLP_timestamp
Value: 1672093914
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: 7YrIDFVJzdXjQRylKRUVYdaQhrOdDl8NimdF9nP1MTM-1672093914-0-AWe9dpKW8ei7+pI8/qu25wLdgPT91QrkfjYIX/hGa4S6fUcZ0eC1mW5JbuLkGpgC1Eb3De9CjGgkgj1t9tqGGG0=
.blau.de/ Name: nscQ486
Value: V
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY3MjA5MzkxNXZsZWExZGUyMDIyMTIyNjIzMzE1NTc5ODU1NjEyNjg3WDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWQ3MnhjcWZnekhqWG1ydXJIWEhndEF0VlZlZkdUMVRNSkNNb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzcwMw
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022122623315579855612687X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY3MjA5MzkxNXZsZWExZGUyMDIyMTIyNjIzMzE1NTc5ODU1NjEyNjg3WDExNzcwM1YxMjI2MTMyNzAyT
.blau.de/ Name: nscT486
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjcyMDkzOTE1dmxlYTFkZTIwMjIxMjI2MjMzMTU1Nzk4NTU2MTI2OTNYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022122623315579855612693X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~292m
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZm5kYGlsaWhqYm4IANXMopUQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjExMzI0szAwNBPiM9R1DtXN9Uw1d3Y2SvIEAFfe5GglAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjExMzI0szAwNBPiM9R1DtXN9Uw1d3Y2SvIEAFfe5GglAAAA
.staradvertiser.com/ Name: _gat_Insticator_Embed_v4
Value: 1
.lijit.com/ Name: ljt_reader
Value: F4gHtBZHN2pBfSCURmmDh3KS
.go.sonobi.com/ Name: __uis
Value: 38d72ec5-5471-4565-b9ad-664a99e679a1
.go.sonobi.com/ Name: _usd_staradvertiser.com
Value: 063a2288-79fa-4c79-a27a-046a79238f69
.go.sonobi.com/ Name: HAPLB8A
Value: s85143|Y6og4

3 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1273
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=382&friendly=friendly_1918216196&pid=0&fr=400&frlm=1&random=1918216196&encode=1&origin=https%3A%2F%2Fwww.staradvertiser.com&referrer=https://www.staradvertiser.com/2022/12/25/breaking-news/migrants-dropped-near-vp-harris-home-on-frigid-christmas-eve/&cturl=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsu4v6LeA7sh_Fx_SNetDEUOX_y2Wo_hI1Mq347mA546xKtaImHSxnpW_F52LOVcqTH6wmWEpsXtnsrcEab4b4rMeBUssKsg1qL5Jkjhtga3s_l9mQqJIzesNPRTSdY3c7RTB4PR4E05WsdA4ru93weolKO1s4UJ1FKCf7E-GXa5dmwWjg3e6fC42DyfZu6rz_kxEY1uMwAXlIJSHSFliL05TzfSxipTMf0q0Z3-v4EXGuTj0_5tpaMuzBwGnylfGTIMCswEbpUOTSWpibenn-5peyWMWRPgn1AQElpaxral1ZN8qDrnmsv-FUnsM35mBwRmxDANZRoNaHs&sai=AMfl-YRFnus8_B4F-nP1_KXYeP3Ftnms_eOGaAk2aJvE2wrTDzShrbPFBmdFtLMe8vr811hEv01crU6H93EGU84DSrUsSTan66Pb5syUVtNBb3xjtPU-kueIxXplM-PkJOQA0Q&sig=Cg0ArKJSzPAwia8eOinGEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
other warning URL: https://c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.teads.tv
a.tribalfusion.com
aamcf.aamsitecertifier.com
aamcftag.aamsitecertifier.com
aax-dtb-cf.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.avct.cloud
ads.eu.criteo.com
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
americanhometownmedia.com
analyticssystems.net
ap.lijit.com
apex.go.sonobi.com
api.payvibe.com
api.rlcdn.com
as.ad4m.at
assets.ad4m.at
at.teads.tv
ats.rlcdn.com
auth.instiengage.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
c69e86f0cfe0b20e696191cc196384aa.safeframe.googlesyndication.com
cat.fr.eu.criteo.com
cdn.cityspark.com
cdn.confiant-integrations.net
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.materialdesignicons.com
cdn.polyfill.io
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
citysparkstorage.blob.core.windows.net
cm.g.doubleclick.net
cms.instiengage.com
cms.quantserve.com
connect.facebook.net
content.jwplatform.com
cs.media.net
csm.eu.criteo.net
csp.azureedge.net
d.clarity.ms
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d3plfjw9uod7ab.cloudfront.net
df80k0z3fi8zg.cloudfront.net
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
event.insticator.com
f8d8d4467d0da28cfd17d68d6452000c.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
googleads.g.doubleclick.net
gum.criteo.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com
hb.brainlyads.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
images.unsplash.com
imprammp.taboola.com
insiderdata360online.com
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
lexicon.33across.com
mab.chartbeat.com
match.360yield.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
oa.openxcdn.net
onetag-geo.s-onetag.com
onetag-sys.com
origami.secure.ownlocal.com
p.cityspark.com
p.cpx.to
p.rfihub.com
p.typekit.net
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
ping.chartbeat.net
pips.taboola.com
pix.eu.criteo.net
pixel.zprk.io
polyfill.io
powerad.ai
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
product.instiengage.com
protected-by.clarium.io
r.turn.com
reporting.powerad.ai
rsms.me
rtb.fr.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.cpx.to
s.ntv.io
s.tribalfusion.com
sa-media.s3.amazonaws.com
sa-media.s3.us-east-1.amazonaws.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
snowplow.ownlocal.com
ssum-sec.casalemedia.com
staradvertiser.wpenginepowered.com
static-de.ad4mat.net
static.chartbeat.com
static.criteo.net
static.instiengage.com
stats.g.doubleclick.net
storage.googleapis.com
sync-t1.taboola.com
sync.1rx.io
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
t.teads.tv
taboola-supply-partners.tremorhub.com
tag.escalated.io
tags.crwdcntrl.net
tpc.googlesyndication.com
tradehouse.advertserve.com
travel.payvibe.com
trc-events.taboola.com
trc.taboola.com
trkn.us
unpkg.com
ups.analytics.yahoo.com
us-central1-kube-ownlocal.cloudfunctions.net
use.fontawesome.com
use.typekit.net
vidstat.taboola.com
widgets.outbrain.com
www.awin1.com
www.clarity.ms
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.lead-alliance.net
www.staradvertiser.com
www.telefonica-partner.de
x.bidswitch.net
insiderdata360online.com
104.18.33.19
104.75.89.75
107.178.250.234
108.139.243.74
13.248.245.213
13.32.27.70
13.32.28.197
138.199.36.7
141.193.213.11
141.226.224.32
141.226.228.48
143.204.215.41
143.204.215.51
143.204.215.96
151.101.1.44
151.101.193.108
162.19.138.116
172.217.18.6
172.217.20.2
172.255.62.201
172.64.151.162
172.64.154.237
178.250.0.160
178.250.2.146
18.156.0.31
18.213.217.104
18.65.173.232
18.66.122.74
18.66.15.49
18.66.97.88
185.64.189.112
185.64.189.115
185.64.190.79
185.64.190.80
185.94.180.126
193.0.160.128
2.18.37.49
2.18.68.199
2.18.69.74
20.60.81.107
2001:4860:4802:36::36
2001:678:cb4:bbbb::11
213.19.147.44
216.52.2.48
23.2.214.113
23.20.158.212
23.203.124.21
23.203.125.36
2600:1901:0:76b9::
2600:1901:0:8344::
2600:1f18:612b:4200:8aa9:ea43:9402:2506
2600:9000:2057:3400:18:1fcd:351:7bc1
2600:9000:206e:4200:9:78a:e540:93a1
2600:9000:206e:8400:1c:386f:ec80:21
2600:9000:206f:7200:14:c3e7:6780:93a1
2600:9000:211a:5a00:13:a391:88c0:21
2600:9000:211e:5c00:17:5bae:c7c0:93a1
2600:9000:211e:6c00:10:3422:3f00:21
2600:9000:211e:ba00:1b:5138:8a40:93a1
2600:9000:214f:e200:1:a3fa:7cc0:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:3556
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700:3030::6815:251b
2606:4700:3030::ac43:dfc1
2606:4700::6810:7caf
2606:4700::6811:180e
2606:4700::6812:106b
2606:4700::6812:18ad
2606:4700::6812:7f05
2606:4700::6812:bcf
2606:4700:e2::ac40:850f
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:4e:1::44
2a00:1450:4001:80b::2001
2a00:1450:4001:812::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400d:802::2002
2a00:1450:400d:805::2002
2a00:1450:400d:807::2001
2a00:1450:400d:807::200e
2a00:1450:400d:808::200a
2a00:1450:400d:808::2010
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2003
2a00:1450:4025:401::9a
2a02:2638:1::13
2a02:2638:1::17
2a02:2638:1::8
2a02:2638::2
2a02:2638::3
2a02:2638::b
2a02:26f0:11a::6867:4832
2a02:26f0:3500:16::215:14a0
2a02:26f0:dc::6853:521
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:41::720
2a04:4e42:600::282
2a04:4e42:600::300
2a04:4e42::282
2a04:4e42::485
2a04:4e42::714
2a05:d018:d29:3605:9af0:2701:a426:d747
3.124.135.253
3.229.55.30
3.33.220.150
3.94.188.247
3.95.107.2
34.102.146.192
34.120.133.55
34.120.58.62
34.201.233.242
34.204.208.160
34.218.13.139
34.224.131.223
34.252.110.251
34.252.50.213
34.68.132.100
34.96.77.232
35.157.246.167
35.186.193.173
35.186.253.211
35.190.0.66
35.244.184.131
37.252.171.22
37.252.173.215
40.76.174.66
46.4.41.145
51.89.9.253
52.160.40.218
52.18.137.33
52.208.114.227
52.217.12.236
52.217.130.90
52.55.6.121
52.72.183.186
52.88.111.28
54.166.121.131
54.195.159.200
54.229.65.185
54.234.151.247
54.73.211.146
54.78.253.158
65.9.66.74
69.166.1.15
84.200.5.215
92.123.36.4
99.86.240.25
99.86.4.40
99.86.4.77
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
012197f49fa92d2e1c4c410da25e30569ee824b4f240d9336185b4c122f843a5
0159831273549544cb9ff04cb7f31edfa5797d9aa4bf1666636bdca542479b76
020fe979bbadb36d56f295cacdf65936c1f35efd5e2083b0b5953aeb2e94846e
022c8c70829fb5908171d06c8a30846887150422c4ca0c1215e41604dcb2f79f
027be3828158951b109252168fe6a30d5c42442b441a00dbb17b4a0a1683e4c0
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
031e7d075d2fe43c93b3063addd2a481caebdc3abbfcc7bf0b5f5a832ebeaedd
0349010b37babceba329d08b05e6a58da4e22f1ff092ddfbadcc0d3549e0d79a
04334803bf65d7d6636dc942d07f4a494ac42ce42e04f575a28284550f5a88ab
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07673b42b2fb5e1cf98be1316270ab5390333a893d0735542887ccf48fbb19b5
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486
07a19f4ab2cc2f9c0f975221e3ec83b1d1f00de764e366a1b2706a32222b1401
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0aa7360b0494989e110c84a6ffd4e23348c710942098b5c84003459e474d2657
0b608c67736d035fb50514db86b02dde8dd9f7ad54f268e1e579d91c6e94d747
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c
0ebaadb64ecb60de44e8d2a2aed6117ccb3eca77ced8b085614f2be7e93d431d
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
1140de93c03b2ab03d401f554748a904c640cabc839093fb36d2366d4d9fd761
11c95139a144d8cc9665f49560d9a2f46be22a48ef25b0eace51fd0a72210738
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3
137610315b762c596611768205a6ac7d1be7994ebde09d2ee5ffbc7df0c6b463
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14e707178a0b672b479215bb15ed37912fd2a3cbe020d9f4f71269fb89c245d5
150ff5ec14b2b3f3c2bcfc27dea6fd0b70ea6a9ed4b955484b2865f5b1ae9b3a
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
171da8585ed56e45c58b3352d0a6b7daee0995299d226b4415420a47b74ead3d
17490e610ac37320b382a5ef50440fdeafe1529832f2d832c039bb7ad0cf5469
174b8a4581838bf6728436a947b4834141c5ad2f75246f262c9f0fd5ed51b8b5
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
1870bed6fa3e0be6fe2ebfa6b43c0ea8645aa57af0ab31bc2a50dd2ebaa838ed
18ce08b2710d3f935b9710fb6753c21f628755489a0bd87b3ff9ad293dceec33
1903552d8b003c1f1c0a4ec3e42e7ffc0bb4d8e68eee68a818bf01e6c685f934
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4
1b51cda29b67de66c6e1f4162f1658593331aa5969277734b302718847590049
1b67d675c7cd445c96844206a46b591e848c7b733d2f665b69c67c3ad4dbb3c1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c22cadcff55ecdb2e35992dd88e4f70223147187a8d08db59385d39486d86d8
1c307e659f9415d5f1ae54b40485d7672a313d1b7dac22a2172f428fd610d394
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1dc07516bb84363b41feac92819797ac2ed7c96947da75379100a309da766be4
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1fe0b690882bce36903da7b121b6ec75f6a030ce72fd620aee8054af04599c47
205c300f338f696a4bd615e498621a27b3317a3e083fb4470ad5f3bbeb2b07e5
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
235c371f1890f1f6f45d3a141e091e7fbe87985cc4ed068bd24583f5c5312e8e
2469be863509cd32822aa7f86b85923dc642cc20f7df9d3d693048ec60528844
24d0cad439634e0e922d4a4c617815fcfb15d52e1d3255b2edd2c2458c60a10f
26eb0716c991fb9f461c3bf60f22e04dc2da8584b225ccf158d59d2f2124ccb1
27a248eda1fdeed115a09b6721edd068770883206d013e5b493a12aab50a7c41
29722934233472141b7508292ecbe20a0c9560e5bfbbbfc6c357933cf6942006
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107
2aca87e9af2fafcb1ed8f7292f451a698e6c352979f2d7632aed05f0db909c78
2b0180902e08f439c9c0f31fab4bee48c0c40243ffe3a26449e55cef014713a7
2b44f4d765e7643bcefe03dde63dbda744b26b1f68a05533ad59cbf8469d01bd
2b9f1403a1ded764d476779e99e24e54f3bf38648223ff42f42cb505857b0de4
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cef8950fd4af5f1d508b82f7d3c873674e706c521353f2b3f77b809630d1945
2eb88ecbf30e5ae3085743397d8b5a53544687aa0cbab773fe94bb690dba2900
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30e6c5d3a46a937c4eb84f8d48b4478c0dda0bc4b9ee37bb8e54c96ebdc4c134
314bb10ccfc168b8e022b617ba569c7aaa615b95d247c5271998e791205f22cb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319526b58010176ca296554be6189fd8ddd79301ff9942682ae390bf54e240f2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d
333f4d53b1d26d4f5ef139b78fba09185bd661575cb2406d1d08f4232f5a7bba
34fd432b7a129fd6d9599b585bcfc8cde51d7cfd47ad4f906f0b36ac359a562a
353c2a4b0abb2be087b0bb41990e46061e4a55b50f8136a1da162e12d473eb28
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d
3701842ac0a947553a0a1a6698b94c362693c57c231e0e45ae5768cc0bb48b62
3888dac327eba45d8835c6729259e4190cb79a303b903330434e000a4f8aa2d1
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a24d835e837f850eaf35472bf6fb2d43f7ab7532ab10fc652f583588391f8c4
3bab5cbb8a7bb3bf2bb64d969fe1d30dba61a7c15830da82bba8815223d6c745
3c1a451285bec39b90b556b7ca61a3a04a93b78770b3224621cb33e32165e039
3c6a9ccc522188d4745ca6d4ff809131467bcad0e3c925085b71960e9771ac45
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac
3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
401aee906c7663f286c53a1246977e94467a7f694d05fb8732a49bc4ace4b8c9
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
41abf7a215264e21e0d6558488be5b7160ffa63b4dd7c393ddb0bdf14d8a1030
4232418f7cc732582f6471f0e121f91014253ed22617d140b4252977d8c18ddb
436051b6c166a58e2fdb34c60fa2f776ac0f577ce07e5bdd894abf677eb096df
437199fc5b9b27d6141547041bfe8a3995d3a28ec0a27280ddb3ad0751e884c4
44121a73e63788f7bb47f3d1ac753db330fa2be8670394cf7938d97f14ca8c03
4504a05d2bb638330e8bc5282421961c1822f95d6ecacf564824c0e63805456c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4747c70c3d82f36d872237275278f73f798a304356080654a6e45f7065059c28
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20
4a3bdbacf98cc07f43a1e733baa9436d8c9d05d27c0eeac1727888b47b7ac06f
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4a79e6140f98d1a05f5fde9318d255561809578607d15ba449c9984043c21494
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b08a4e1249d15a5528ca608417b9eea11b7950b4d8ac9f892456ebacb26b488
4b23cd1848a8d29e9668a512596f71c68c367b3916040f76a13d4a4ae7198ca9
4b85a79cc2d174876bc4698fb58a4e417ebd6e8b360a86746fc9a67ff9ca6283
4bbff9fb9f1b02576b3f13f7fdf3c9f947328556a16522df88f7610ff1a39d27
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925
4dd5a40846ff9495a7705c9003d68c057552821fcb8866ea309a82a8ef76ccb3
4dda81f160b2cb21ac6d906c80317d71bbe65171dd77a5286c1fe08e53e65cad
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4facead78c5cfb9180834a9168ff231c489eb8ddde9857bf5f0018c91414f166
5004c313c6c0e1e0b4c52d9f3bdd40243c6bd8e5fffc697a45320adc9c7a8a30
50f6530122006490e64e6c925694cb22812d69fb06374a540b1c329e21267f29
5270155ff4a7e8b5f899599bed68fd18e6bc5a609ca7a451371f3ae24e2380a1
52bb57fd18280102ff97c27797d2fd0d36dfcbb0ce9560c3d9b3a092045cc143
53dd80011c5ceeb65b30091ad02c619b88d1b4e0ed2b94839efc9ab6d694af6c
5406c4ab3b8e55180072dce3ad70d0a7afcee54689860a1fa67875588f86a227
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
577259a6dadca32c7b759cd1c22b0a0bc6388c1745ca488cbf87d79b2e881906
577c42b9cf57672a5b63ef537021a77ce5bd9947e73f3f7c32f7904469159c30
57acb0c4ea5a8ea31215572f4a0c492173c207252c3547447c9e833838df8460
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c8e7d76aa656c008cfa7b9fa30856bd4606592cdd380265189807929ad2193e
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5db132abc06730a17693dac1212476afd1733a95cc55f74d735a97400b2fd102
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5e8fd3240a20a8577e0f4a0ce36708c6be9e70797164bb1694d0622ba475a75f
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f4e5c665010f7b040421bad17db2591e96b9c8a3998b0ef81ff7cfc0f609916
5fcd41ae31209fd89836356458c60916d252e4f463b54ddbbce3faac9f901cea
6010d195c2be56ec6de147dea51d81bd60b28f22db9bf29ada3704c8b9cf89f5
607afa7be91b1d5e9c10ddd97e3729db1d6a355f27df777b95bf1fb6d4c7b510
61941173dcfc7de658982eead1f056ec900d254daa9c7eded3360dddf074750a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88
632bc184220b912609666c1d4be46e24bb7940713d30398891e43b8462b4704b
6358a8758526eebf0dc4b1f4df5e13622de5775d87a02c4e79f093bf00a4ef6b
63dc4843cd3af1cd69c36cdfe54ccfb710385410f21c0523786b7d93c59b749c
652f458f5a6b950fa7f5202c7f09758a1efb5863a10ba085181214449d8d29f5
6590aefc2ae6bed859660661708fa5e37f92d194a2108ab19822fb8b6bd77f0f
6680ef106d411f8b3257f1377f26831539130757c246cd29d792ef5e2778e234
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
67ccceee353f5b1b16b7e88c1a0bfe402b7738ca5b066c3a5d514bf6aaa26e8b
6825c4238e7a12b3fb6584ca2ca23d32bf129bf287dc92b0aafa7f79213cdb5f
6934a4a5d8a7b71bb8c641bbf177884f4eca236d1420a095bf84fac479f95ba9
69414cc85efa9a6b1107fd77da1d71c180cf083adeafc25039746f70dd7194fa
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
6a92e32553ec0b6d763fbe2c1d98d281cdb09e3a80e1e36ebd81117dbd39458f
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b88007a74c504349058e7426f51eab20681dc27d871d34401cd08570e04df58
6cc8b4c79caae0787ac82aa05fd7bd0510206b2c1fb08aa16079292057741a5d
6ccd4f8b010a4f0deb1024863635a1fc2843c6bbdbc6c812b084c674f8a8d0f0
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8
6e79391c115046bbbaf82e7f9aa527597fb4e1bfd9f6ce4f1fcdc8b4f6fdb5dd
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
71b9740651c7b54d919da98ea572398dc9ef35cea3711c3667b2c747f0c2f582
7229b6f1498341333603d9d68d93cbb3bc4635cb26eaa8844e859dd08ac0910e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72974943012965be283095b6d26136f4a0f9c2cf9a89f4378ba72fecca61fe1c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74efbff0c27e045056f906f4d7a37360ea2ea1e311feaf8dade53a0f9c46d228
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
76680f0b92772b6ba927017c9f33634a545bac31dd25c6557a0458009d07f504
769b4ee09a1f16f722c392c866ac2e344639c5d54f32cc859b5758b0a947ca94
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
779f952cd430c10a7c1c89067e94a39b3ef4e4f336e25e0a52b80bb923747078
77d3456fedbfda5bee75985a2999c2d7bc708588cd1480649e624ebd134ee686
77fa2b3ea7258961a9d400810d13a9e97bf0b8d695b539dc47fbec76a913e2ef
787e3396f1ff0f54337135bcaec8e8c75dd0b2a1687c3b0ab4948e872d316b00
78cc62a5ba08f398278d85662720a32715d53de23199800bd144a7e21ccae26c
7907756e42e9579e361a3bac3fed17167a0e378023cbf8f79abb83c08e3c0159
796e14f00b37b26aae8694dc5abe10dca7e6b3e2c1f302f9704503f0629b5e84
7ac2548bd9a548fd2160dc94e6561af60ed276e0fda385d4ac62ec657cd4a83f
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7be4fa548c59ae1afa6f4e013a719befc807fbc2b1202434edb66bacaa9b3879
7c2accee746a239bd9ecda96c3cf60b376718a6a7b603bf7df97197748320349
7ecbb1529819f6036d9f0ca24e81486fd683cdf50b13400e8b2b2e3608469f8d
7ee8ccbe444af7420f762a7add0a249e00725cbba8a4b9681ea4434edf213b5a
7f3e9042644de7927aba8840723a2dcd9739a922cd7d2f0f114b75f0fcb04dbe
800c870c48ff2e82922dbf536677ca23a8ff6a3c062c11b7979a380b9988e064
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6
8041d92740953e5f3a16adfede92767d9e450f41b443027370629b33b2d6729f
81f956a5201477197f85f87f7a3faf16c4c87d3cac75160959ab5fdfb25a0da8
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857e1cb30adac62a9a0f5dc02883b27e2ae7db34b7b12a090f23217b21ca398d
85c111a71c9c318e5a9fe4ec6b04e4beb719139f3ecc3a9eca0b2dd172af2172
86348de1e791583b0024b286f9fd55f1e9538f9ab142e0068282985fc70e3cdd
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87228b5246ece9b12bac05b438794791bb67239aab563dafb7e43eb4ddfc8fa9
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
87ab7b6d75a429268b4061ee1aecd19f5103185c80f3ca89a7dce1c12179542f
8899835dccc19246c0d1e638b31e783ef194e46c832cd70e9d478ff32e22d61f
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a3f600455321c84a575b6ad092eaf3ba924126c8ef7a5e546743ba30d926a1b
8a67d8b1be1469e2cb3009f299cffc29ab1aca247cfa9d4ecb57402c82091175
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8966d33abc88466757b8949292aa2a29b2e1419082d9408f26c1bd3c69e7ad
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
8e5b1138e65266721c74d542dbc50647a77d5586ff88a097b2c31c268968aecc
8e6df5b20cef8551e838121c53389ab182118024b88d5c3375b2a1efabc354ac
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f7453113a409f8b2d5ba423053482d152d3a5d9bf948feb6b5ab802c1f38c92
9047516bbaae555f81da45031d25c49218cca7cd25080455c21e3fb6b8d2bd0f
90f892f389371a0a530e62f11f1341a6a448f02e93c024d8514c28abc0d2b5f1
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9161c3443a72d415ee2563ded44b7d05fac6427d00f58560da1dad0e43f00352
91aa267bac62e97e85ef74c1bc3bfa1aab24fa487d3e95540d290527dc4a0c2d
91dd0a811c7aea7a1dc469590d17197e2d60523516f0ffcd37a182cd6d09aa34
91f3ff5b0eaed25fd93438182fef1843b87fd28c9e17a2e5630328d2cc55752b
93141d6a8efaf5c18231935d042ef767c28efcbd77ed3c1725bfac21eb15af6d
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9
9409e8b88b7880640f02eb872b435e71ad5d79931e42cb675d098f78ee16be03
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
97d0fdf2c0f531a018c478da0c87d92287e308a785eaa01e3ee85941a60efaf7
97de9855315e79e11b1846eb5916add111780cf70cae332283ae5479ac8cca72
98223037c7bfbf8695cafbfd041165f5d043feb38caa2b6f355d5a5523aa4eea
9917d6c339d41e0a96c50e0e90a233d85ccb04329c5a5638cdb0921dbdc1d511
9a96179f39170127a558214400fed5b9a6c8c559dfebbb530138b0becd981227
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae211f099b1c4245b119e9fe65140d30eb2e2fda0c08c41aa4bb1216f77dd91
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776
9d194176a273a86feca5fb1dc7a1d9e1ded662a6653c61f87054331351ac27fe
9d3e61f9ccefe5f2a55ea4d9e63bc61ea7ae68c2ea9e7dc1d202938e8385e65a
9ef65f1d4b3ddf07c3960a578d532f8aecd6b9d551631b2611596fb652480a9b
a049b746d5a16d9e2ffc5c52c9dcdb88ad3ae95a8159ecab60517636129e6d3b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a9980a169c8d00f1d15cf550a0042f66830dc82087fbbd1c072e9aef393d90
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a15d10ee6ae48395020b55338c0384cc95c1baa147d27f4d0fe05520beb75ff1
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a6eb566e083229b91d0967a1790b398d4cdfb4a27725ee2979213ac0665c6729
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a93d78e07c572b14f868f6c712065e90abd942c6a894a7ee128ac6775c43f932
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
a9c4b27ce87b2ada6e74a94e31cf34c2f3e14add900dcf2f93c2ef5de020d73f
aa8ca82f682cc889fb3ef3e552efd4c0fbc3a09e44149463d4b1935417d8dcd2
ab32357046cf4a9d0ac14bb34f9495c42cf3589a0d126536c95ae866abd79a0b
ab8a708676ef778b44f5da980a7643485aa1dab7fa3db3f4748ec193fff4b5ff
abc915313f4377a8dcffc35af12d05c1aba29df8145e9139fb4a18b7fbc1976d
ac565fe89855b42ce5b058d7f7abf2355e820def27e51e1970a2d5848a69d6e1
acc3c4b04f19bc9067921dc3e4ce4f734521bb13b9d0c9943e8fa9585797114f
ad8d84c2ec2518e28587554f3ad11b45899af49d2ea57ef1cba53d6ca0496b49
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586
b04720aac07470e1a44ded35800ff8158b7e1b61d26ae7fdcc09273d160f0a33
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3c3a51954dc9824b0abed0296f94f280f96a164ad5145d7506bd27540b398eb
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
b5d4096ebcf4b95e6b11580b008a427454ea743cd79813da6800204d7fff182f
b6ce3a8ba9b2b8e453f4f0b22f9a7b6e9150a9f6a3a23f48a64db5bc7d0cd2b2
b71235c342c170e0d0b65ef65fe1e6d36a892f2c1dfff4c401ee15d0764af9b0
b8add84858b5c827bd404d6828b1216f96c813bc81bb383f744877dd8912d736
b8c15cdf043eac3b70dbdef88371f5f3733180ae9b01bf8cecb20a6749541d7a
b91ac7df59db5e97dd9c27fcf330c6955130e3118b635e19fb2e97c023509cf1
b9992e87acdce0b56ae06a416a40ba5b4771a9cd7701d97e9487044dbf1b65e0
bb65d5129b58fa5e0213ff8fd034dda13a5815f1b1191eb97856aadb23a305e5
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
bd42e541ea810eed8c5e6401da8b36f64fb060e3e1dc8819c7c8cd5453d598af
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
c0296ec7cab0de78726ec563372bb7070c7f28a8b9faf44d62eec83905d00aee
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884
c28cd8a845a2c3e43c95ee2cd156139ace5acbe84ad78cc78d55ad817c1bd49c
c326ccc1689a51d7804d727ca92782455b9fd94f67eaca14cabbb71b7c8eb51e
c3442afe46e287931c137d51ca0843eca3aced172c68306492264af70341af38
c36cbcb6bf61bc3a3ea76d0c720450b8ce5dc73c7c0d2d4c3b03af490f66a9d6
c5afe4451aaf3d440b6209cafb4aa89697dd263a888c61d297e7112e847976cf
c6d59a59fc70c79f04f1af1b984fb901403d95708a01a9adfd06381e5e7a0e81
c6fe20fcfdeb7726174fea4ce33c8e564964342ad5a16aea491725781eb98fd6
c70ef6d18a5f7d1878bd2015176e33bca2dee90bfa238e40a8e1d22f2d55d0a5
c7bcec112f1759ebe8a79684a9458d4f37c916328e8092a0ba9d6bd4852e217b
c7ed7ef9182dc5206d1b7a8038bcfe2b57fc1be96d78b75152e9b713ca4ef2d6
c851e58c318492d4f404559ad6cb21dd7e93595cf9273ec1bec1f85a0baa7ccb
c8cc7233b0b8fec82cc44cc6745adfbe15ab94c63debabbe6b7ef299a3bde052
c8eeec1705de9d76b7f456543f65e771d4bfed0edf04c9d3df09dc8463240852
c9b1a7370bb6f8396dc3f3acbd7065f02e473fcba1754ab42fddba74753bf8dd
c9ea31dfcd550fafb23a576703212b77785580af9bffb27eb667f2b0a2c38647
c9ede13c9b09a65c03b8aa60eb04a9e77bbf5ba3f82ffcc8200c8b2468a564be
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb
cc59945990b94dc04f0f77e8d89597e06a36456d45d311d1c9219f827ff79b3a
cc67f48afa808c8c8f95c8e8c11cf7f8d57d96fb901e8548a2dd2b61f9b1c2fa
cdcde63736dceab510901079c6464de0844f12b26f85172ab8ec2437c085bace
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
cf3c71fbd3d13cd3d485e6bca01d03807c314bf44cb5732e80796bfcdb20961b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d0bc9a339b66ab78582f3d4e03c0de404fcfdb87d899a850fcf0ffeedc65d7e4
d0cf1fcf3f8e456902035d1649158993c3b0dc41a11dd33b05fec0efc675d4c8
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d114053b0734a32984149e572c5886d065dfe4bcc4c0ab76334dcc6d3662ccc5
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23
d2be56cea1a4dcdfe58a21865c56188678e70e0cb288a965f649829ad71d467d
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83
d2da7054df4b404b941992e6fe942c8c29c28d912344e8a8761152ca4f10297a
d3506480fa60c69b5632eacc8a4d0f74200f60e9e199f8676dc734c84b18b09c
d628b27ccfd384db645a68130bf7e4ca23383a73e6c309e1ed1b5298134d818e
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7780c6c5f23dee63329b1fa81d5a04141d48e69179d40e12d0f4838d77a14f5
d7aa97a4e9822fa279df9f9b8fe7f35f1c98abc955214e6a17d08945c69ffda1
d8921a0fcfd2507826836106dcc06e0612c413bf3797cab39402171724b32df0
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
da7a653bd7aac586c6a5b1a9940d4720b6125a7c95943ba62caae1b975ec96dd
db1fc237470c723b46265bc0ed2f222b6f9d239f2dd7c6a89e5f1c4fadc04c91
dc25b8e7820b55f33a1c2ffa97b4c7c6feecb81861849bb5a9b00eace1f4ee0d
dda1502552738a30410dfa20c72010e98342a5f466f2bee1c27b1e20c0ee83f5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0e9c85a3ca4e2c0bdc63caa3eb10f5ba675924cd40ef54284ae14e5aa11d54a
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f3f89541ce0ff35328d06acb9a4f637e8d8742e0409f71f0659481833f9380
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d3f7cad9534723e28aed704f7f5bcbb7f6a2323b2c29f01aa09bc3a46c930d
e61507cf8e9d794ea630b735740b44d102089dbf0aef8afe21827efa99d5b337
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
eb723ed01d6c8f307f7078090ba0cca3966183d7485ebdfac501425693adc144
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ebe311bc510107b902125df35f6fb4da19997a01d0f47ef87d4ad4ed639333ce
ed2f1d0b5e0007acc1ff34b70f9b9090fd7cb87e6eb2bde72a49cd6cb3c05bb1
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee5f9288970a3587d55d576ba4a6a63003517d374ff991561392c95a0220e11f
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef0837a509d691a6a76069c2e71cb435b37c24db45d03ab2308218d256e9bad3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
f266acb707c5b2704c3b6e18e0888d7995bad0ba0ffec4a125146f7e3d058583
f3246cd52b60cfdac1fe2553ab75476a97b2e924f608ce011f854d01436baae8
f3a8a66ab56498a94c09bf46e63542f0ddf05e116b22c02ab7d54903ce711120
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f545d203ac625aeac707319e6d65afe9206739df8879c6906c5e256687da4250
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
f90e0c1aacb9af071577d54eb0c7302d09fce198129f93d855766c7b937e8264
fae785ae74a733574d37c71c9c7918e8f072f1e215ca3dfb11012cdff0186c38
fafe2bd7bd5389b401d7692bb191efe69c4ee9c1a7405fdeddae1e3876fbb466
fd252697b4b8561c35169f5159fdbb76fcf8aee53451450cc5fb7f3c1f8a9f5e
fdb86507ce0ca5a143dd9cbf5b40d9b36460ccb16c94d36beb4ab8bf1d06e591
fe143d0d94b59105d42f7bddd9dcbbea11172382c5058cb423cf5ec1092350f7
fed5afae687d10799297ab565e67a6db3b8c7831871a951f98c0e2a828dfd63f